The Data Rescue Center
Banner Exchange

What is and how to remove the FBI Moneypak virus

FBI Moneypak ScamIt’s still out there and if you’ve been affected by this it’s quite embarrassing. The FBI Moneypak virus disables the Windows desktop and replaces it with a full screen message that demands money. The message also indicates that you’ve been caught surfing websites that were deemed inappropriate. Your punishment for surfing inappropriate sites is a fine in the amount of $100 or $200.

The  FBI Moneypak PC takeover looks pretty legit. It also looks menacing with the FBI logo and name at the top. To further the degree of panic, this virus also snaps a picture of you if you have a webcam installed. The idea behind this is to scam people out of money by pretending to be the United States Federal Government.

In my opinion this virus represents everything wrong with our governments efforts to prevent or even understand online threats and scams. Whoever is behind this virus is either dumb as hell or smart enough to know our aging leaders know nothing about the Internet or how to help police it. Common sense says to follow the money. Find out who is cashing in on this and set an example of them. If this same group of individualizes sent a postcard to your home claiming to be the FBI, all hell would break loose. Because this is an online threat, no one has stepped up to help stop it.

To remove the virus please follow the steps below.

1. Disconnect your computer from the network. Unplug your Ethernet cable, disable your WIFI router or whatever it takes to disconnect your PC from the Internet.

2. Restart the PC.

3. When your PC comes back on, you should have access to your desktop. If not, please move on to Phase 2.

4. Click on the Start button, in the search box type CMD. For older versions of Windows click on Start > Run then type CMD and press Enter.

5. In the command prompt type rstrui.exe, and then press Enter.

6. When the System Restore application presents itself, select the option to restore to an earlier date.  You may need to expand the advanced options to view all previous restore dates. (To be safe, select a restore date 3 days before you contracted the virus).

7. The System Restore should have corrected this issue. To ensure your PC is 100% clean, update then run a virus scan. Next, download Malwarebytes free edition and perform a quick scan.

Phase 2: If the above does not work

1. Power off your computer. You may need to hold the power button down for 10 seconds to fully power down your PC.

2. Turn the computer back on and place one of your fingers on the F8 key.

3. Immediately after your PC manufacturer logo disappears, begin pressing F8 repeatedly.

4. Select the option to boot into Safe Mode Command Prompt.

5. When presented with the command prompt type rstrui.exe, and then press Enter. For Windows XP users, please type the following: %systemroot%\system32\restore\rstrui.exe

6. When the System Restore application presents itself, select the option to restore to an earlier date.  You may need to expand the advanced options to view all previous restore dates. (To be safe, select a restore date 3 days before you contracted the virus).

7. The System Restore should have corrected this issue. To ensure your PC is 100% clean, update then run a virus scan. Next, download Spybot free edition and perform a quick scan.

Update – 9/4/2013 – An alternative method to uninstall the FBI Virus and it’s predecessor the ICE Cyber Crime virus can be found here. ICE Cyber Crime virus removal.

If you found this article to be helpful, please click on one of the social media icons to like this page. Thoughts or questions regarding this article? Please leave them in the comments area below, I’ll do my best to help you out.

Comments

comments

Tags: , , , , , , , ,

Category: Antivirus

About the Author ()

John Bousman is an MCSA, MCTS, MCP, Net+ and A+ Certified Technician. He is also an avid Web Developer, WordPress Jedi, SEO Connoisseur and owner of an IT Firm in the Midwest. During the day he helps tackles Server Administration and Desktop Support issues for small business. With over 15 years experience installing, configuring and troubleshooting retail and enterprise software, he's seen it all. Make sure you checkout his profile on Google+.

Comments (6)

Trackback URL | Comments RSS Feed

  1. Leslie says:

    Are you somehow implying that Spybot is better than Malwarebytes? Why is it used in phase 2 but not phase 1?

  2. JC says:

    Spybot and Malwarebytes are both excellent utilities. I don’t have a preference, nor can I tell you that one works better than the other. I’d say use them both. I’ve found that sometimes one utility will find things the other does not. When working on a really infected PC, I’ll typically run them both.

    Thanks for your question.

  3. zack says:

    will others using the same Wi-Fi network see the effects of this virus or just my infected PC?

  4. Hi guys,

    This is very informative blog and i got very informative knowledge from this blog. Please keep it up posting.

    We also working on FBI virus removal services. Please contact us

  5. Eric says:

    This didn’t work for me but the ICE fix did. Thanks a lot, I’d ran out of options.

Leave a Reply


× 4 = twenty eight

 

Comments

comments

The Data Rescue Center
Banner Exchange
More in Antivirus (5 of 7 articles)
blue-screen-of-death


I was recently called out to a clients location to assist with a blue screen of death error message. The ...