The FBI Moneypak virus, also referred to as the FBI virus is a known ransomware variant named (Reveton). This threat is distributed through several means. Malicious or legitimate websites that have been compromised, may install the ransomware into your computer.
The message displayed by the ransomware can be localized depending on the user’s GEO location, with text written in the appropriate language. Depending on the variant, the ransomware may only display a message in the language spoken by its authors, or the country that was intended as the main target of the attack.
This ransomware is a nasty computer infection that locks down your screen until you pay the fine with Moneypak. Be aware! because your computer is not blocked by the FBI, your local police department or other authorities. Please do never pay the fine they ask for and follow our working removal guide using the HitmanPRO.Kickstart USB Stick to remove the ransomware from your computer, this guide is working for Windows XP, Windows Vista, Windows 7. (Windows 8 and dual-boot system are not supported yet).
Here some example of how the fake police notification may look;
- Department of Justice Federal Bureau of Investigation
- Your PC is blocked due to at least one of the reasons specified below.
- You have been violation Copyright and Related Rights Law (Video, Music, Software) and illegally using or distributing copyrighted content.
- FBI Online Agent has blocked your computer for security reason.
- Australian Federal Police International Cyber Security Protection Alliance ATTENTION! Your PC is blocked.
- You have 48 hours left to enter your payment.
- Joint Chiefs of Staff – The work of your computer has been suspended on the grounds of the violation of the law of the United States of America.
- FBI CyberCrime Division (ICSPA) ATTENTION! Your computer has been locked and all data is encrypted!
FBI moneypak virus / FBI virus [Removal Guide]
Please download HitmanPro to your desktop.
Press this link for the complete “User Manual” for HitmanPro.Kickstart.
- Start the program by double clicking on HitmanPro.exe. (Windows Vista/7 users right click on the HitmanPro icon and select run as administrator).
- Click on the “HitmanPro.Kickstart” button to create a bootable USB-stick with HitmanPro.Kickstart (see the screenshot below).
- Now insert the USB flash drive that you will use to write the HitmanPro.Kickstart files to.
- As soon as one or more USB flash drives are detected, a selection screen will be presented.
- Now select the USB flash drive on which you want to place the HitmanPro.Kickstart files and press the button Install Kickstart.
- Important! Be aware that that all contents of the selected flash drive will be erased before the HitmanPro.Kickstart files are written.
- If you press the ‘Yes’ button now, the selected USB flash drive will be formatted and all necessary HitmanPro.Kickstart files will be retrieved from the HitmanPro servers and written to the flash drive
- Once the process is completed you can now remove the USB flash drive from the PC and use it to remove the malware from a ransomed PC.
- Now insert the HitmanPro.Kickstart USB flash drive into a USB port of the ransomed PC and start the PC.
- During the startup of the PC, enter the (BBS) Bios Boot Selector menu with F10 or F11 and select the USB flash drive that contains HitmanPro.Kickstart to boot from.
- If it’s not possible to enter the BBS go into the BIOS and set the USB option as your first boot-device by the boot-sequence.
- The default way to boot is option 1, which skips the master boot record of your hard drive. If you do not press any key, the process will continue after 10 seconds using the default boot selection.
- If you see a logon screen you can either select a user and logon, or if you wait approximately 15 seconds, HitmanPro will be started on your Windows logon screen.
- Click on the next button. You must agree with the terms of EULA.
- Check the box beside “No, I only want to perform a one-time scan to check this computer“.
- Click on the next button.
- The program will start to scan the computer. The scan will typically take no more than 2-3 minutes.
- Click on the next button and choose the option activate free license
- Click on the next button and the infections where found will be deleted.
- Click now on the Save Log option and save this log to your desktop.
- Click on the next button and restart the computer.
Start your computer in Safe Mode with Networking and scan for malware with Malwarebytes Anti-Malware.
- Remove all CDs, and DVDs from your computer, and then restart your computer.
- Press and hold the F8 key as your computer restarts.Please keep in mind that you need to press the F8 key before the Windows start-up logo appears.
Note: With some computers, if you press and hold a key as the computer is booting you will get a stuck key message. If this occurs, instead of pressing and holding the “F8 key”, tap the “F8 key” continuously until you get the Advanced Boot Options screen.
- On the Advanced Boot Options screen, use the arrow keys to highlight Safe Mode with Networking , and then press ENTER.
- If your computer has started in Safe Mode with Networking, you’ll need to perform a system scan with Malwarebytes Anti-Malware
Download Malwarebytes Anti-Malware to your desktop.
- Double-click mbam-setup.exe and follow the prompts to install the program.
- At the end, be sure a checkmark is placed next to Update Malwarebytes’ Anti-Malware and Launch Malwarebytes’ Anti-Malware
- Then click Finish.
- If an update is found, it will download and install the latest version.
- Once the program has loaded, select Perform quick scan, then click Scan.
- When the scan is complete, click OK, then Show Results to view the results.
- Be sure that everything is Checked (ticked) except items in the C:\System Volume Information folder and click on Remove Selected.
- If you accidently close it, the log file is saved here and will be named like this: C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes’ Anti-Malware\Logs\mbam-log-date (time).txt
- Note: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts.
- Click OK to either and let MBAM proceed with the disinfection process.
- If asked to restart the computer, please do so immediately. Failure to reboot will prevent MBAM from removing all the malware.
- After the restart in Normal mode, start Malwarebytes Anti-Malware again and perform a Full System scan to verify that there are no remaining threats.
Incoming search terms:
- fbi virus removal
- fbi moneypak virus
- fbi virus
- your system is running on restricted mode
- remove fbi moneypak virus windows xp
- fbi moneypak virus removal windows 7 malwarebytes
- hitman pro moneypak
- fbi moneypak virus removal
- fbi moneypak virus firefox
- donation moneypak
- pup-fbi program
- what if computer fails to boot using Hitman Pro kickstart to remove FBI virus
- beeg pak
- how to remove fbi moneypak virus manually google chrome