‘You have 72 hours to pay the fine’ is another variant of FBI Moneypak Virus which is able to lock your computer as soon as it invades a computer. It claims that your PC is blocked due to several reasons such as violating Copyright and Related Rights Law (Video, Music, Software) and illegally using or distributing copyrighted content, viewing or distributing prohibited Pornographic content and so on. And it won’t let you access your desktop, task manager unless you pay a fine. Is this real? Can you trust this thing? The answer is No! You should ignore what it says because this is a scam in reality. Many users who believed in this warning have already lost their money.
When this malware is installed, it pops up immediately as soon as you login Windows. Probably your screen is c0mpletely white at that time and all you can see there is a “submit” button. But when you press it, it says “you have 72 hours to pay the fine.” This ransomware is created to steal money from its victims. Users can easily get this virus installed by visiting hacked websites and clicking on unknown links. Please be in mind that all information showing on the screen is totally fake. This ransomware is only arranged by cyber scammers to trick victims into paying for the fine without second thought so that they can extort your money easily. It is highly recommended users not to trust this computer lock-up alert or pay money for the fine. All you need to do is to unlock your computer with the manual way immediately.
System restore is not a good choice to remove ‘You have 72 hours to pay the fine’ Virus. Although part of users can successfully unlock their computer after system restore. The actual files are not quarantined or deleted, and thus continue to lurk on the computer waiting for the next chance to infect something. Thus, the infected PC is still at risk and without any protection. On the other hand, system restore may make you lose your data if you have any. Therefore, the most effective way to remove this fake message is manual approach.
1. Reboot your computer to safe mode with networking. As your computer restarts but before Windows launches, tap “F8” key constantly.
2. Show hidden files and folders.
Open Folder Options by clicking the Start button, clicking Control Panel, clicking Appearance and Personalization, and then clicking Folder Options.
Click the View tab.
Under Advanced settings, click Show hidden files and folders, uncheck Hide protected operating system files (Recommended) and then click OK.
3. Open Registry entries. Find out the malicious files and entries and then delete all.
Attention: Always be sure to back up your PC before making any changes.
a. Press the “Start” button and then choose the option “Run”. In the “Open” field, type “regedit” and click the “OK” button.
b. All malicious files and registry entries that should be deleted:
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System “DisableTaskMgr” = ’
Although ‘You have 72 hours to pay the fine’ alert seems to be legitimate, it is 100% fake. This tricky virus even uses webcam control to make users panic and makes them to pay for the ransom wrongly. If your computer is infected, you may detect your webcam will be on without your permission as if it is recording you. If you do not have a web cam connected, the video screen on the page will appear to be blank. Most of time, you will see this fake message popping up and then it claims your IP address is detected using to do some illegal activities. These activities include visiting malicious websites that contain pornographic content or using or distributing some copyrighted contents. No matter whether you did it before, you should realize it is not a legitimate warning. This is a scam that should be ignored and removed as soon as possible.
Published by Sarah Poehler & last updated on January 27, 2013 6:12 am