Google

Thursday, August 8, 2013

How to Get Rid of FBI Moneypak Virus - Removal Instructions


hello.  I had someone drop off their dell laptop to me.  They have a bad virus.  It is the fbi moneypak virus.  keeps saying there computer is locked by the FBI and that they need to pay $300.00 using moneypak to unlock it.  This is a tough one.  When the pc starts up, this is ALL that is displayed.  EVEN IN SAFE MODE!!!   It wont let me do anything. 

My home computer has just been infected with the FBI greendot MoneyPak virus.  The virus is demanding $200. The system is locked up.  Where do I go from here?

If you are the one who is hit by FBI Moneypak virus in a sudden, you are advised not pay the fee/fine ($100, $200, $300, $450) to unlock the your computer screen.


Type: Scam virus, ransomware, Reveton 
Alert level: Severe
Targeted OS: Windows XP, Windows Vista, Windows 7, Windows8, MAC

FBI MoneyPak virus is refereed to as a ransomware generating from Citadel Reveton group. FBI virus is reported in 2012 and it still attacks users nowadays. Normally, FBI MoneyPak locks up your computer with utilizing Trojan horse virus. It pretends to present itself from legitimate FBI authority in order to push or scare victims into paying money.  The FBI virus states that the computer IP has been detected with illegal activities having been found ( downloaded unlicensed contents or viewed child pornography, etc), which distributes the copyrighted las in America. Under such circumstance, users are required to pay the fine(($100, $200, $300, $450) to unlock the system and time is limited of 48 to 72 hours. To be more reliable, FBI MoneyPak malware allows to use the famous prepayment systems like MoneyPak, Greendot, Ukah, Reloadit, Ultimate Game Card ( purchase at Walmart or Walgreens type stores).  More scary, users may see the punishment jail times on the screen wanings. This point is very important : If the computer has been blocked by FBI MoneyPak virus, users need to pay nothing because it is a fraudulent claim delivered by hackers. Please don’t be fooled by the bogue notifications. 

More variants of FBI MoneyPak have been found Nowadays 

The ICE Cyber Crime Center
Mandiant USA Cyber Security virus
United State Homeland Security Virus
FBI Department of Justice Virus
Dirty Decrypted.exe Virus
European Cybercrime Centre 
FBI Cybercrime Division Scam

 Unlock from FBI MoneyPak Virus



Please be noted, you are only coming across a dangerous malware not with governmental FBI. The application is similar to the Ukash ( computer-locked) virus which attacks users all around the world, like Canada, Australia, New Zealand, German etc. FBI MoneyPak is just a scam virus associated with cyber crimes. What users need to do is to remove this nasty one from the computer.

How FBI MoneyPak virus enters into your computer without your knowledge? 

The moneypak virus can be distributed by other Trojanm key logger, malicious free downloads, hacked sites, porn pages, junk email attachment or it comes from fake adobe flash update.

What would FBI MoneyPak virud do to damage your computer?

FBI MoneyPak virus changes system default setting, especially in startup, firewall, antivirus program to prevent itself from being removed. Besides, it would corrupt windows registries and deleting system key files without your permission. However, the recent advanced security tool are not able to disable this FBI pop-up scam at all. It must be removed manually so that it can disappear absolutely.  You are highly recommended to get rid of FBI MoneyPak virus without any delay.


Step one:  Load your computer Safe Mode with Command Prompt
 ( restart your computer> keep tapping F8 key until you see the advanced boot menu> select Safe Mode with Command Prompt> press Enter button.

Step Two: Input the command to disable all startup items associated 
1. Input msconfig into the box then press Enter
2. Click the msconfig search result. The utility will open in a new window.
3. Click the Startup tab. You'll see a list of programs that start when your computer starts.
4. To stop a program from automatically launching when you boot the PC, uncheck the box next to its entry.
 5.When you are finished deselecting startup items, click OK and restart your PC to the normal mode.

 Step three: Boot your computer normal mode and remove all associated files 
%CommonAppData%\<random characters>
%LocalAppData%\<random characters>
%UserProfile%\Templates\<random characters>
%AppData%[trojan name]toolbarguid.dat
%Documents and Settings%\All Users\Application Data\FBI Moneypak Virus
%CommonStartMenu%\Programs\FBI Moneypak

 Step four: Open Registry Editor to remove the following registry entries 
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99}
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A7A6995D-6EE1-4FD1-A258-493955BF99C}
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A97B89CD-B65C-49DD-AF46-2B772C627456
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AF6B0594-6008-4327-93E5-608AD710A6FA
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC}


Kindly Reminder: FBI MoneyPak intends to collect money from computer users. It violate your money not only with blocking your computer. Once installed, it would gather confidential information which would be used and sold on the public sites. More seriously, it threaten users with using a webcam picture that definitely belongs to users themselves. Users need to be in a hurry to terminate this fake FBI MoneyPak.

NOTIFICATION: This self manual removal guide is bit complex, you need to pay attention on each step, because the files are random, if you delete a wrong one, the computer may be messed up. If you don’t want to take the risk, please Click Here to Contact MiTechMate PC Help Center fore More Details. 


FBI MoneyPak Virus Shortcuts :

                                        Your computer has been blocked NO.1

Your  Computer has been blocked by Fbi Cybercrime Division (ICSPA) Virus NO.2



Your Computer has been locked by FBI Virus NO.3

Your PC has been blocked due the violation of copyrighted law in the United State NO.4


        Computer has been blocked by the FBI Mandiant USA Cyber Security virus NO.5

Dirty Decrypted.exe Virus Problems? How to Fix? NO. 6


European Cybercrime Centre  Virus On Mac? How to unblock? NO.7

Suggestion: If you have been attacked by FBI MoneyPak Virus, please do not transfer the money, just terminate this virus with effective manual removal guide. You will manage it. 

2 comments: