Remove FBI Green Dot Moneypak Virus
Removal instructions

Severity scale:  
FBI Green Dot Moneypak Virus is also known as FBI Moneypak | Type: Ransomware | Tags: Ukash

FBI Green Dot Moneypak Virus is a very serious cyber infection that has nothing to do with a governmental organization, which is called FBI. Just like FBI Moneypak or simply FBI virus, it displays an alert that locks computer down and disables victims from loading any of their programs or files. The minute user logs in, his PC goes straight to the Green Dot Moneypak screen and locks the entire system down. Even rebooting to Safe Mode with Networking or Safe Mode to Command Prompt do not help in most of the cases. You must be especially careful if you live in USA because most of the users who have been infected by this threat live this area. However, there are many other versions of this ransomware spreading in Europe as well (be aware about International Police Association (I.P.A.) ransomwareAn Garda Siochana virus,  Police Central e-crime Unit virus and others). 


FBI Green Dot Moneypak Virus can be downloaded together with other programs or files without any permission asked. This may be fake video codecs, Flash updates or other freeware from the source that is not official. Besides, you should avoid opening spam email attachments as well if you don’t want to get this infection. Right after infiltration, FBI Green Dot Moneypak Virus replaces desktop’s background with large alert which seems to be sent by a governmental agency belonging to the United States Department of Justice. This alert tries to convince you that you have been breaking down various rules and now you have been caught for doing that:

All activity of this computer has been recorded.
If you use a webcam, videos and pictures were saved for identification.You can be clearly identified by resolving your IP address and the associated hostname.Your computer has been locked!I
llegally downloaded materials (MP3’s, Movies or Software) have been located on your computer.By downloading, those were reproduced, thereby involving a criminal offense under Section 106 of the Copyright Act.
The downloading of copyrighted material via the Internet or music-sharing networks is illegal and is in accordance with Section 106 of the Copyright Act subject to a fine of imprisonment for a penalty of up to 3 years.
Furthermore, possession of illegally downloaded material is punishable under Section 184 paragraph 3 of the Criminal Code and may also lead to the confiscation of the computer, with which the files were downloaded.To unlock your computer and to avoid other legal consequences, you are obligated to pay a release fee of $200. Payable through GreenDot Moneypak. After successful payment, your computer will be automatically unlocked. Failure to adhere to this request could involve criminal charges and possible imprisonment.
To perform the payment, enter the acquired GreenDot Moneypak code in the designated payment field and press the “Submit” button.

Of course, this alert is completely forged and it has nothing to do with legitimate organization. If your computer has also been locked by such FBI warning, you must understand that paying the fine won’t unlock your computer but will only support the owners of this screen locker. In order to bring your PC back to normal, you must unlock your PC first and then remove FBI Green Dot Moneypak virus.


To unlock your computer and get an ability to scan it with decent anti-malware, firstly you must follow these steps:

1. Take another machine and use it to download SpyHunterSTOPzilla or other reputable anti-malware program.
2. Update the program and put into the USB drive or simple CD.
3. In the meanwhile, reboot your infected machine to Safe Mode with command prompt and stick USB drive in it.
4. Reboot computer infected with FBI ransomware once more and run a full system scan.

Now scan your computer with SpyHunter once more to remove all infected files from your PC.

UPDATE: We have alternative FBI Green Dot Moneypak Virus removal instructions. Try following them if flash drive option hasn't been helpful:

* Users infected with FBI Moneypak/FBI virus/FBI Green Dot Moneypak virus are allowed to access other accounts on their Windows systems. If one of such accounts has administrator rights, you should be capable to launch anti-malware program.

*   Try to deny the Flash to make your ransomware stop function as intended. In order to disable the Flash, go to Macromedia support and select 'Deny': After doing that, run a full system scan with anti-malware program.

* Manual FBI Green Dot Moneypak virus removal (special skills needed!):

  1. Reboot you infected PC to 'Safe mode with command prompt' to disable FBI virus (this should be working with all versions of this threat)
  2. Run Regedit
  3. Search for WinLogon Entries and write down all the files that are not explorer.exe or blank. Replace them with explorer.exe.
  4. Search the registry for these files you have written down and delete the registry keys referencing the files.
  5. Reboot and run a full system scan with updated SpyHunter to remove remaining FBI Green Dot Moneypak virus files. You can also try using STOPzilla or Malwarebytes Anti Malware.

Automatic FBI Green Dot Moneypak Virus removal:

It might be that we are affiliated with any of our recommended products. Full disclosure can be found in our Agreement of Use.
By downloading any of provided Anti-spyware software to remove FBI Green Dot Moneypak Virus you agree with our Privacy Policy and Agreement of Use.
Do it now!
remover for FBI Green Dot Moneypak Virus Happiness
Compatible with Microsoft
SpyHunter is recommended remover to uninstall FBI Green Dot Moneypak Virus. You should confirm using free trial that it detects current version of parasite.
more than 40.000.000 downloads!
What to do if you failed to remove the infection?
If you failed to remove FBI Green Dot Moneypak Virus using SpyHunter, read here how to submit a support ticket or submit a question to our support team and provide as much details as possible.

Alternate Software

We are testing STOPzilla's efficiency at removing FBI Green Dot Moneypak Virus (2012-09-06 03:13:32)
Malwarebytes Anti Malware
We are testing Malwarebytes Anti Malware's efficiency at removing FBI Green Dot Moneypak Virus (2012-09-06 03:13:32)
XoftSpySE Anti Spyware
We are testing XoftSpySE Anti Spyware's efficiency at removing FBI Green Dot Moneypak Virus (2012-09-06 03:13:32)
Defender Pro Ultimate
We are testing Defender Pro Ultimate's efficiency at removing FBI Green Dot Moneypak Virus (2012-09-06 03:13:32)
Virus Removal Phone Support
Help Line to remove FBI Green Dot Moneypak Virus

FBI Green Dot Moneypak Virus screenshot

FBI Green Dot Moneypak Virus manual removal

Kill processes:
Delete registry values:
HKEY_CURRENT_USER \Software\Microsoft\Windows\CurrentVersion\Policies\System ‘DisableRegistryTools’ = 0
HKEY_LOCAL_MACHINE \SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system ‘EnableLUA’ = 0
HKEY_CURRENT_USER \Software\Microsoft\Windows\CurrentVersion\Internet Settings ‘WarnOnHTTPSToHTTPRedirect’ = 0
HKEY_CURRENT_USER \Software\Microsoft\Windows\CurrentVersion\Policies\System ‘DisableRegedit’= 0
HKEY_CURRENT_USER\Software\FBI Moneypak Virus
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run ‘Inspector’
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FBI Moneypak Virus
HKEY_CURRENT_USER \Software\Microsoft\Windows\CurrentVersion\Policies\System ‘DisableTaskMgr’ = 0
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\protector.exe
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\Inspector %AppData%\Protector-[rnd].exe
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnHTTPSToHTTPRedirect 0
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Settings\ID 4
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Settings\UID [rnd]
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Settings\net [date of installation]
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\ConsentPromptBehaviorAdmin 0
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\ConsentPromptBehaviorUser 0
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\EnableLUA 0
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AAWTray.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AAWTray.exe\Debugger svchost.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AVCare.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AVCare.exe\Debugger svchost.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AVENGINE.EXE
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AVENGINE.EXE\Debugger svchost.exe
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System “DisableRegistryTools” = 0
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System “DisableTaskMgr” = 0
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system “ConsentPromptBehaviorAdmin” = 0
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system “ConsentPromptBehaviorUser” = 0
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system “EnableLUA” = 0
Unregister DLLs:

Delete files:
%Program Files%\FBI Moneypak Virus
%Documents and Settings%\[UserName]\Application Data\[random].exe
%Documents and Settings%\[UserName]\Desktop\[random].lnk
%Documents and Settings%\All Users\Application Data\FBI Moneypak Virus
%CommonStartMenu%\Programs\FBI Moneypak Virus.lnk
%UserProfile%\Desktop\FBI Moneypak Virus.lnk

Geolocation of FBI Green Dot Moneypak Virus

This map reveals the prevalence of FBI Green Dot Moneypak Virus. Countries and regions that have been affected the most are: United States.

QR code for FBI Green Dot Moneypak Virus removal instructions

FBI Green Dot Moneypak Virus qrcode QR is short for Quick Response. They can be read quickly by the mobile phones. QR codes can store more data than standard barcodes, including url links, geo coordinates, and text.
The reason we add QR code to the website is that parasites like FBI Green Dot Moneypak Virus are really hard to remove on infected computer. you can quicly scan the QR code with your mobile device and have manual removal instructions to uninstall FBI Green Dot Moneypak Virus right in your pocket.
Simply use the QR scanner and read removal instructions from mobile device.

Removal guides in other languages

Information added: 2014-10-15 00:34
Information updated: 2014-10-15 00:34

Ask us discussions

Modern viruses are really hard to remove. They have random file names, random registry entries, they can immitale legal products and files. Removal instructions sometimes can't Help to remove infection manually. Please take a look at our discussion where users like you share they experience in fighting the parasite:


How to disable FBI virus warning?


How to fix my machine of FBI virus, FBI Green dot moneypak virus?


What should I know about FBI MoneyPak/FBI virus removal?


Help me to unblock PC from FBI Green Dot Moneypak virus!


SpyHunter fails to remove FBI Moneypak/FBI virus, help!


FBI Virus elimination guide


How to unblock PC from FBI Moneypak/FBI virus


Need to banish FBI MoneyPak, help!


Need to fix my PC after FBI Green Dot Moneypak virus/FBI virus infiltration


Need to kill FBI Green Dot MoneyPak virus


Want to opt out FBI virus, help!


Stop ilqoxken.exe if you want to get rid of FBI virus


Fbi Green Dot Moneypak virus fix question


FBI Green Dot Moneypak virus elimination guide


Help! Need to disable FBI virus!


Fixing FBI Green Dot Moneypak virus


Additional resources

Attention: If you know know a reputable website reated to security threats, please add a link here: add url

Users comments about FBI Green Dot Moneypak Virus:

that all sounds good but lets not make it to hard for people who don’t know computers unplug your internet restart your computer no internet it wont lock it up you will boot like always run your spywear programs cc cleaner spybot search and destroy or advance system care that will kill it turn your computer off plug in youe internet and away you go the bad thing is if you don’t have these cleaners or some sort of cleaner then you do need to do a format and clean install so un plug internet clean it and restart hope this helps and malwarebytes is great
Michael Brinson
cant remove FBI money pac virus from my galaxy s5
I am trying to remove this virus from my phone but have no luck. Any suggestions?
How do u remove it from an android phone?????????
Ive just got this virus today but its on my samsung galaxy note 10.1 2014 edition. running android 4.4.2 and cant find any help on how to remove it
I have the virus that locks the computer stating it is from "THE DEPARTMENT OF JUSTICE" demanding $300.00 from Money pak. I restarted my computer, tapped F8 clicked on Safe Mode Command Prompt but the same message came up again. How do I get into my desk top computer to make repairs if this keeps coming up blocking me?
I dont know what I did. however I wrote the directions down for several ideas. Lo and worked! So thank you all for your help. You all rock! And if I could remember how I did it. I would tell you. I believe it was mostly what John had to say. Whatever, it worked. Thank you!!!
Have tried about everything and cant get in my computer in any mode before the virus pops up. Does anyone know a fix for this without being able to open windows?
To anyone that knows the answer i got a similar virus but was using campus pc on network. I just hit the power button on and off and everything worked it seemed ok. Is it gone?
Prior to reading this forum, I had attempted to boot up my computer in plain safe mode, and now when I turn on my computer, my screen is completely black. I tried pressing F8 (repeatedly) as soon as I turn my computer on but nothing happens. My computer just sits powered on with a black screen. Any suggestions? Am I totally screwed now?
Thanks a lot it worked....................
you can also bypass this thing by logging in as guest. if you dont have it. start in safe mode and add guest user . you can do this by ( while in safe mode) opening control panel, open administrative tools, manage another account , turn on guest accounts. trying to do a restore point while logged in at safe mode (as administrator) would automaticaly shut down . or even search for any of the files or processes. would result in auto shut down also. so go in as guest and do what ya need to -restore to previous point , download maleware ....etc.
Best to spend the money and have a computer store remove it. Restore loses a lot of data. Friend of mine has it and he is shut down with many grants written to be sent asap, restore will lose all that work. He watches porn, best advice, dont go to porn sites.
My dad has this virus, safe mode is llocked, as soon as he tries to get into it, it boots him back into windows. Disconnecting the internet hasnt helped either. Any suggestions?
oh, and i forgot, its the only account on the pc.
If are able to get into your pc and try to go to (for Win 7)
C:ProgramData and see if you can find unusual file. These are random named files. Click on Date Modified and check anything added recently and delete them.
Do a system restore, the run a quality virus program. Then find the idiot who wastes his him writing these viruses and punch him in the face.
Dale, Malwarebytes did remove it for me I guess you need to update! thank you guys. I boot my laptop with command promt in safe mode and typed in "explorer.exe" as Rick has suggested and boy I was saw happy to see my start menue. (thank you rick!) then I ran Malwarebytes in fast scan detected 23 red ones and then performed full scan and found 4 more. about system restore it is not enough it will come back scan and remove this nasty program has lost of trojans !
Ok, kiddies I have removed the virus even though I was not able to get to safe mode or to a command prompt. This is what I did, I am not sure if your options are identical so please review this before you start.
Restart computer and press F8 to get to the start up options,
Select repair and enter,
select os to repair,
select user account to repair,
when system recover options menu comes up select System Restore and go to the first option before FBI green dot. Let the system continue until all is finished. Worked for me, I hope it works for you.
Ok, most of you are not getting to the issue here.
I have windows vista home
I have no way to get to any safe mode options, none, I CAN NOT GET TO SAFE MODE.
The reason I wrote in caps was not to offend, but to get you to understand that there is no safe mode. I can boot from each option in the F8 menu, but when the system boots there is that annoying warning preventing me from doing anything. I do not have a second account, it is my computer. So, to sum this up, no safe mode, no command prompt, still have virus.
Thanks for the info.did the c/prompt and restore to a couple a days ago and ran m-bytes.picked up 39 viruses and got rid of em.machine is working fine now.THANKS Again!
CHECK: In safe mode with command prompt
CHECK: I typed explorer.exe
However, it still takes me to the virus before I get to Control Panel. Ideas?
More comments...

Post Comment

Attention: Use this form only if you have additional information about FBI Green Dot Moneypak Virus parasite, its removal instructions, additional resources or behavior. By clicking "post comment" button you agree not to post any copyrighted, unlawful, harmful, threatening, abusive, harassing, defamatory, vulgar, obscene, profane, hateful, racially, ethnically or otherwise objectionable material of any kind.

Home page Name


(All fields are required)
Like us on Facebook
Ask us
What's your antispyware?
I failed to remove FBI Green Dot Moneypak Virus using SpyHunter.


add text box
rss feed
help other
Spreading the knowledge: It is very hard to fight against computer parasites on the Internet alone. If you have a website, we would be more than happy if you would like to cooperate and help us spread the information about latest threats. Remember, knowledge is the most powerful weapon. Help your visitors protect their computers!