The FBI Moneypak virus will disable the Windows desktop and replace it with a full screen message that demands money. The message also indicates that you’ve been caught surfing websites that were deemed inappropriate
1. FBI Moneypak Virus Removal
FBI virus removal for Windows XP
The FBI Moneypak virus will disable the Windows desktop and replace it with a full
screen message that demands money. The message also indicates that you’ve been
caught surfing websites that were deemed inappropriate. The alleged fine for surfing
inappropriate sites is in the amount of $100 or $200.
FBI Online Agent virus belongs to what we call ‘MoneyPak virus’ which contains FBI
virus, Department of Justice virus, United State Cyber Security virus and the Firewall of
the United States. ‘FBI Online Agent Has Blocked Your Computer for Security Reason’
warning message demands a $200 MoneyPak payment as a ransom for actions
violating laws on copyrighted material to be put on the state’s account, claiming which
will unblock the sealed screen in 1 to 48 hours.
If you want expert Virus Removal help, visit us at isupport365
Here are a few ways to get rid of the FBI virus on Windows XP
Method 1: System Restore in Safe Mode with Command Prompt
1.Unplug your network cable and manually turn your computer off.Reboot your
computer is “Safe Mode with Command Prompt”. As the computer is booting tap the
“F8 key" continuously which should bring up the "Windows Advanced Options Menu"
as shown below. Use your arrow keys to move to "Safe Mode with Command Prompt"
and press Enter key.
2. Make sure you log in to an account with administrative privileges (login as admin).
2. 3. Once the Command Prompt appears you have few seconds to type in explorer and
hit Enter. If you fail to do it within 2-3 seconds, the FBI virus will take over and will not let
you type anymore.
4. If you managed to bring up Windows Explorer you can now browse into:
Win XP: C:windowssystem32restorerstrui.exe and press Enter
Method 2:System Restore in Safe Mode:
1. Power off and restart your computer. As the computer is booting tap the “F8 key"
continuously which should bring up the "Windows Advanced Options Menu" as shown
below. Use your arrow keys to move to "Safe Mode" and press Enter key.
Once in there, go to Start menu and search for “system restore”. Or you can browse
into the Windows Restore folder and run System Restore utility from there:
Win XP:C:windowssystem32restorerstrui.exe double-click or press Enter
Select Restore to an earlier time or Restore system files… and continue until you get
into the System Restore utility.
4. Select a restore point from well before the FBI virus appeared, two weeks should be
enough.
5. Restore it. Please note, it can take a long time, so be patient.
6. Once restored, restart your computer and hopefully this time you will be able to login
(Start Windows normally).
Method 3: Using MSConfig in Safe Mode:
1. Power off and restart your computer. As the computer is booting tap the “F8 key"
continuously which should bring up the "Windows Advanced Options Menu" as shown
below. Use your arrow keys to move to "Safe Mode" and press Enter key.
Once in there, go to Start menu and search for “msconfig”. Launch the application. If
you’re using Windows XP, go to Start then select Run…. Type in “msconfig" and click
OK.
3. Select Startup tab. Expand Command column and look for a startup entry that
launches randomly named file from %AppData% or %Temp% folders using
rundll32.exe. See example below:
3. C:WindowsSystem32rundll32.exe
C:Usersusernameappdatalocaltempregepqzf.dll,H1N1
4. Disable the malicious entry and click OK to save changes.
5. Restart your computer. This time Start Windows normally. Hopefully, you won’t be
prompted with a fake FBI screen.
Method 4: Manual removal,Safe Mode (requires registry editing)
1. Unplug your network cable and manually turn your computer off. Reboot your
computer in “Safe Mode”. As the computer is booting tap the “F8 key" continuously
which should bring up the "Windows Advanced Options Menu". Use your arrow keys to
move to "Safe Mode" and press Enter key.
2. When Windows loads, open up Windows Registry Editor.
Windows XP/2000, go to Start ® Run… Type “regedit" and hit enter.
In the Registry Editor, click the [+] button to expand the selection. Expand:
HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionRun
Look on the list to the right for any randomly named item. Write down the file location.
Then right click the randomly named item and select Delete. Please note that in your
case the file name might be different. Close Registry Editor.
Restart your computer into “Normal Mode" and scan the system with legitimate antimalware software.
#FBi Virus Removal
Dec 12th, 2013
#Remove FBI Virus
#FBI Green Dot Moneypak virus
#FBI Moneypak virus
Never