Friday, January 2, 2015

How to Remove FBI Green Dot Moneypak virus?


Recently many PC users’ computers are infected by FBI Green Dot Moneypak virus which locks their computers all of a sudden and pops up a notification demanding a fine to unlock their computers. Most of them don’t realize that this is only a scam played by a virus that aims to extort their money via scare tactics. They think, wrongly, that their computers are locked by FBI – that famous governmental organization department. In fact, the PC locking problem has nothing to do with FBI. Many hackers tend to make money by using such kind of virus (also called ransomware). A few other similar viruses have been found, such as FBI Moneypak virus, International Police Association (I.P.A.) virus, Police Central e-crime Unit virus and others. They all have a common feature that they can lock the computer of a victim and then display a horrible notification requiring the victim to pay a fine to unlock the computer. Many gullible PC users have trusted what the notification says and paid for the fine, but only to find that their computers still cannot be unlocked as stated in the notification.

FBI Green Dot Moneypak virus plays the similar scam as its cohorts. It first sneaks into your computer by using stealth techniques and then modifies your registry settings to lock your computer all of a sudden. Afterwards, it presents you a notification that looks as if it came from the FBI, stating that your computer is locked due to the fact that you have illegally distributed copyrighted content and prohibited pornographic content, and what you have done violates the Copyright and Related Rights Law as well as Criminal Code of United States; to unlock your computer you must pay a fine of 400$ through Green Dot MoneyPak or else you will face a maximum penalty of 3 years’ imprisonment. Every time you boot your computer, this virus will lock you computer with the bogus notification displaying on the screen, which blocks you from doing anything. It is all-important for you to get rid of FBI Green Dot Moneypak virus from your computer so to make your computer usable and avoid further damage caused by this threat.

Note: The manual removal is complicated and risky task which should only be attempted by the advanced users. If you are not experienced in computer operations, it is highly recommended that you download and use a powerful malware removal tool to remove the threat easily.

Manually Remove FBI Green Dot Moneypak Virus Step by Step

First, you should reboot your computer in the Safe Mode with Networking so as to block the virus from running automatically.
a. Reboot your computer and keep taping the key F8 several times.
b. While you see the Windows menu on the screen, please select “Safe Mode with Networking” by using the arrow keys.
c. Press Enter to proceed.

Second, you should delete files that are related to FBI Green Dot Moneypak from your computer.
a. Navigate to the local hard disk C and begin to find the malicious files in the following.
b. Right-click on them and select “Delete” to clean up them from your computer.

%AllUsersProfile%\Application Data\
%AppData%[trojan name]toolbardtx.ini
%AppData%[trojan name]toolbarguid.dat
%AllUsersProfile%\Application Data\.exe\
%AppData%[trojan name]toolbarlog.txt
%AppData%[trojan name]toolbarstat.log
%AppData%[trojan name]toolbarstats.dat
%AppData%[trojan name]toolbarversion.xml
%AppData%[trojan name]toolbaruninstallIE.dat
%AppData%[trojan name]toolbaruninstallStatIE.dat
%AppData%[trojan name]toolbarpreferences.dat

Third, you should remove the registry entries associated with the virus from your registry.
a. Go to Start menu, and then select Run.
b. Type “regedit” in the dialog box and press Enter to open the Registry Editor.
c. Remove the following malicious entries after you find them out.

HKEY_LOCAL_MACHINE\SOFTWARE\Classes[trojan name]IEHelper.DNSGuardCurVer
HKEY_LOCAL_MACHINE\SOFTWARE\Classes[trojan name]IEHelper.DNSGuardCLSID
HKEY_LOCAL_MACHINE\SOFTWARE\Classes[trojan name]IEHelper.DNSGuard
HKEY_LOCAL_MACHINE\SOFTWARE\Classes[trojan name]IEHelper.DNSGuard.1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar “[trojan name]”
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsCurrentVersion\Explorer\Browser Helper

Finally, reboot your computer back to the normal mode.

Alternative Way to Remove FBI Green Dot Moneypak Virus

SpyHunter is an advanced malware removal tool designed to help users thoroughly detect and remove many types of malicious threats from the computers. To remove the ransomware with ease, you can download and install this removal tool on your computer. Follow the steps below:

Step 1: Reboot your computer and keep pressing F8 key duding the start-up process. Select the “Safe Mode with Networking” using the arrow keys and press the Enter key on your keyboard.

Step 2: Download SpyHunter on your PC (If you can’t download the removal tool using your own computer, you can download it from a clean computer, copy it to a USB drive and then install it on your PC).

Step 3: Launch SpyHunter and start performing a full system scan to detect the threats existing in your system.
Step 4: Once the scanning finishes, remove all detected threats by clicking on the “Fix Threats” button. Then, restart your computer to complete the removal.

Tip: The automatic removal is a much easier, safer and more effective method to clean up FBI Green Dot Moneypak virus from your computer. If you do not have sufficient computer knowledge and skills and are afraid of making any mistake when removing the threat manually, you can consider use a reliable removal tool to easily remove it.

No comments:

Post a Comment