FBI MoneyPak Virus


FBI MoneyPak ( cybercrime@fbi.gov moneypak ) is a piece of ransomware which has been circulating on the Internet for a while, and only a few months ago a close attention to the issue was drawn. The infection is known as a Trojan that disables access to the operating system and presents a full screen message stating that the computer is detected as the storage of illicit material. The message is given as a notification sent from FBI, which, in reality, is not related with the production and release of the alert.

It is allegedly believed that Reveton.A (a.k.a Trojan:Win32/Reveton.A) in alliance with Citadel is to blame for the recent attacks, which, apparently, are not over, because more ransomware infection have been detected recently. On the computer, the infection immobilizes the operating system which can be “unlocked” after paying a ransom fee of $100. The reasons of the lock down of the machine are said to be breaches of copyright laws. Illegally downloaded copyrighted material such as pieces of music, videos, software is claimed to be one of the issue. Additionally, it is claimed that the user is accustomed of using and distributing pornographic content, and that some prohibited actions were carried out from the “frozen” computer.

At first sight, it may seem that the actual FBI has accessed the computer and displayed the message, because it contains the logo of FBI at the top of the message and reference stating that “FBI.gov is an official website of the U.S. Federal Government”. However, this fact does not prove that the message is a measure of restricting the usage of the PC. Moreover, the latest version of the FBI virus contains an IP address and host name of the computer, which could scare unsuspecting computer owners even more.

FBI Moneypak FBI MoneyPak Virus

 How to deal with FBI MoneyPak?

The first thing is ignorance. The message claims that the money should be paid within 72 hours, which is not true. Another false statement is that the money should be paid through MoneyPak online paying service, which does not require to type in personal sensitive information such as bank account number, credit card number, etc. Even thought the schemers do not get access to the victim’s bank account, they receive a considerable sum of money, which is apparently profitable enough to proceed with the production of more ransomware infections such as the Ukash virus’ versions whose notifications demand money to be paid either through Ukash or Paysafecard online paying services. So far, many different variants are known to the research around the world, because in contrast to FBI MoneyPak, the Ukash virus has many different variants in different languages. For example, there are SABAM virus, SACEM virus, SPAUTORES virus, Cybercrime Investigation Department virus and many others of the same kind.

Additionally, it is important to pay no attention to a fraudulent alert claiming that the user should never pay money if someone has asked to do so. This alert notification is a clever attempt to convince you that the message is legitimate and that you should follow the instructions given. However, in this case of the ransomware infection, I suggest that you remove FBI MoneyPak as soon as you can, because this is the only rational solution for the issue. The fact that it is vital to remove the infection is indisputable, because even if you pay the ransom payment to unlock the computer, the infection remains in the system.

The FBI MoneyPak’s removal is very easy to carry out if a powerful antispyware or antimalware program is installed. As it is impossible to access the Registry when the infection is on the computer, some special measures should be taken to access the Internet and download a spyware/malware removal tool.

FBI MoneyPak Virus Video Removal Instructions

How To Remove FBI MoneyPak Virus

FBI MoneyPak virus will block everything: task manager, registry editor, or even desktop background. It is possible to remove FBI moneypak virus without formatting your PC and re-installing all the programs.

Please follow this very simple and quick but 100% effective removal method :

1. Restart your PC and keep pressing F8 key, until you see the Windows Advanced Options Menu.
2. Select “Safe Mode With Command Prompt”.
3. After Boot up you will see Command prompt Window, type “explorer.exe” and Desktop background will show up.
4. Now Click on Start—>Run, type “rstrui” and prass OK .
5. This command will show “System Restore” application. So, reproduce your PC setups to couple days back when your computer was not infected.
6. After System Restore is completed, reboot your computer into Normal Mode.
7. Note you just have removed the startup entry of MoneyPak Virus so it won’t block your startup programs and you can use malware removal tools. Next step is to remove its hidden registry entries and files from your computer. Download Spy Hunter by clicking the button below :Download Removal Toolto remove FBI MoneyPak Virus

8. Spyhunter will do this work in 5 minutes!

Incoming search terms:

9 thoughts on “FBI MoneyPak Virus

  1. Ryan

    I picked up this virus (FBI Moneypak) while trying to watch a TV episode on PFTV. I knew it had to be false, but couldn’t do anything with my PC to fix it. Your instructions were simple to follow and fixed the problem. Thanks for taking the time to put this online to help out.



  2. Binary

    each time i used to read smaller articles that also clear their motive, and that is also happening with
    this post which I am reading here.

  3. binary

    Hey there! Do you use Twitter? I’d like to follow you if that would be ok. I’m definitely
    enjoying your blog and look forward to new updates.

  4. how

    Hey there fantastic blog! Does running a blog similar to this take a massive amount work?
    I’ve virtually no expertise in computer programming but I was hoping to start my own blog soon. Anyways, should you have any suggestions or techniques for new blog owners please share. I understand this is off topic nevertheless I just had to ask. Kudos!

  5. GSH

    I tried this but when I clicked on Safe Mode with Command Prompt it just took me directly to the regular Startup screen with the user icons. When I clicked on administrator and signed in, the computer just shut down and rebooted again. I also tried going to System Restore, but when I ran it, it said there was a file in the Temporary folder that could not be restored. When I clicked OK, the computer logged off, shut down and restarted again. I already have Spy Hunter on my computer, but obviously can’t get to it, and am not sure it’s updated to combat this version of the virus.

Leave a Reply