FBI MoneyPak or Reveton is a ransomware that locks your computer screen and asks you to deposit US$100 to unlock the screen. The locked screen shows a fake FBI warning screen displaying the message that your PC has been found to download illegal or copyrighted material like pirated software, movies or mp3. The style of message and words are used in such a way as to cause a panic in the user. It also shows your IP address and your ISP name which not very difficult to do. It also shows a method to unlock your computer by paying a fine of $100.
You can follow these easy instructions to remove FBI MoneyPak malware :
- Restart your computer in the Safe Mode with Networking. To do so, power on your computer and keep hitting F8 key until you see the Windows Advanced Options Menu. Use the up-down arrows keys on your keyboard to highlight Safe Mode with Networking and press Enter.
- Follow the instructions on this page to show hidden files in Windows. You should also disable proxy servers in Internet Explorer by following instructions on this page.
- Press hotkey Win+R, type iexplore http://www.malwarebytes.org/mbam/program/mbam-setup.exe and press Enter. This would download the Malwarebytes’ Anti-Malware on your PC, choose to Run the downloaded program when prompted.
- Install Malwarebytes’ Anti-Malware (MBAM) on your computer. Choose to update and launch when asked. The update would take some time in downloading the latest malware database from the MBAM servers.
- After the update is complete, the main window of the MBAM would open. Choose Perform quick scan and click on the Scan button as shown.
- The scan would run for some time. After the scan is complete you would see the FBI MoneyPak infected items in the detected malware list. MBAM detects it as Trojan.Ransom.Gen. The entries would be pre-selected for removal. Click on the Remove Selected to start the removal process.
- You might be asked to restart your computer for complete removal. Click on the Yes button to restart your computer.
This time start the computer in the Normal mode (just do not hit any F8 key). Upon restart the FBI MoneyPak Malware should be gone. You should also perform a complete scan using the Malwarebytes’ Anti-Malware and ESET Online Scanner to get rid of any other malware possibly infesting your computer.