Severity scale:  

Remove FBI Green Dot Moneypak Virus (Removal Guide) - updated Jan 2021

removal by Ugnius Kiguolis - -   Also known as FBI Moneypak | Type: Ransomware

FBI Green Dot Moneypak Virus – is a fake message that tries to make users believe that they have to pay to the FBI

FBI Green Dot Moneypak VirusFBI Green Dot Moneypak Virus is a screen-locker that demands $200+ payment via Green Dot Moneypak service

Questions about FBI Green Dot Moneypak Virus

Green Dot MoneyPak virus is malware[1] that targets Windows computers and tries to extort money out of its victims. The malicious software displays a bogus message on the locked-up screen, which may look legitimate to inexperienced users. According to the fake instructions, the only way to unlock the machine is to pay up to the FBI – one of the major investigation agencies in the world. Even entering Safe Mode with Networking would not get rid of the screen-locker; thus, users may be tempted to pay criminals using Green Dot MoneyPak service which allows the money transfer to remain anonymous.

Name FBI Green Dot MoneyPak virus
Alternative names Green Dot Moneypak Virus, Moneypak virus
Similar threats FBI virus
Type Ransomware, screen-locker
AV detection
  • Win32:Adware-gen
  • Generic6.CBOZ
  • Trojan.Amonetize.6373
  • Win32/Adware.OffersWizard.A application
Demanded payment $200 – $400
Symptoms Locked up screen, no access to any Windows functions
Distribution Spam emails, malicious sites, etc.
Elimination Download and install ReimageIntego, SpyHunter 5Combo Cleaner or Malwarebytes

The reason why computer gets locked up is due to Trojan Reveton. The Moneypak virus is deemed to be ransomware, as it holds computer hostage until the payment is made. However, typical ransomware, like Cerber, Locky or Dharma, locks up personal files instead of the computer and demands ransom for the decryption key. Another major difference is that ransomware authors request payment in Bitcoins which can be transferred anonymously into a specific wallet. Nevertheless, the goal of both types of cyber crooks is the same – to steal money from victims.

Green Dot Moneypak virus spreads using contaminated file attachments, via malicious websites, or as repacked or cracked[2] software executables. As soon as in enters the targeted machine, it makes certain changes to Windows Registry, allowing it to gain boot persistence. It also abuses Windows feature to hide file extensions. Nevertheless, the only way to remove FBI Green Dot Moneypak virus is by using a sophisticated anti-malware software, such as ReimageIntego, SpyHunter 5Combo Cleaner or Malwarebytes

Residents of the USA should be particularly careful, as it affects users who live in that area. Nevertheless, users in Europe should be careful as well, as non-USA versions has been spotted – International Police Association (I.P.A.) ransomware, An Garda Siochana virus, Police Central e-crime Unit virus and others.

What makes this virus so believable, is that has an official FBI seal, the warning that the computer has been locked due to “violation of copyright law,” a very detailed instructions (and also scary warnings – like three years prison sentence or huge fine) of what happened, and the IP address. What is more, hackers warn users that the picture of their face was taken, if the camera is connected to the PC. Ok, sounds really scary.

But all you have to do is just calm down, think for a minute and realize that there is something wrong:

  • The FBI does not send personal emails or messages to regular users
  • Even if you downloaded illegal software, you could not simply pay yourself off – there have to be official documents of the fine, etc.
  • The FBI would not lock your computer out of the blue. In worst case scenario they would take it away physically

Thus, do not pay any fines, as it is a scam. Furthermore, victims who pay do not regain the operation of their computers. Therefore, if your machine is locked, you need to perform full FBI Green Dot MoneyPak virus removal either by using security software or System Restore function.

Green Dot Moneypak ransomwareGreen Dot Moneypak Virus - a fake popup that pretends to be from the FBI. The message threatens with fines and jail sentences

Ways to protect yourself from computer infections

Ransomware and other dangerous infections typically enter machines via contaminated spam email attachments or links to malicious sites. Perpetrators use phishing emails sent by bots to convince users to open the attachment or click on the hyperlink. The example of a phishing email:

Dear Customer,

Please see attached invoice for $3150. The payment needs to be processed ASAP.

Crooks typically use well-known companies' names to make scams more believable. Nevertheless, look for grammar or spelling errors, strange formatting, email address, etc. Once you get to see more phishing email examples,[3] it will be much easier to determine which message is fake.

The malicious payload can also enter your computer via fake software updates on questionable sites, malicious programs downloaded from file-sharing or torrent sites, social networks, messaging apps and similar. Finally, reputable security software should be employed at every machine which is connected to the internet.

Remove MoneyPak virus from your computer permanently

Security experts[4] note that Green Dot MoneyPak virus removal might be difficult simply because malware uses a sophisticated encryption code. Although manual elimination is technically possible, we do not suggest regular users undertake this procedure.

You have to employ powerful security software, such as ReimageIntego, SpyHunter 5Combo Cleaner or Malwarebytes, and run a full system scan while in Safe Mode with Networking. Nevertheless, many users noted that this method does not work, and the screen stays locked even in Safe Mode. In that case, you should try to enter Safe Mode with Command Prompt to use System Restore function to remove FBI Green Dot MoneyPak malware. You can find all the instructions below.

FBI Green Dot MoneyPak virus is also capable of locking Android devices

FBI Green Dot Moneypak is used on AndroidThe virus has also been spotted attacking Android devices

FBI Green Dot Moneypak virus has been updated – it is now capable of blocking Android devices. It acts just like its previous versions. So, as soon as FBI android virus enters the OS, it locks is down and then displays a fake warning message asking people to pay a fine for their illegal online activities. Please, do NOT pay this fine! If your Android device was blocked, you should follow these steps:

1. Reboot your Android device into Safe Mode:

  • Find the power button and press it for a couple of seconds until you see a menu. Tap the Power off.
  • Once you see a dialog window that offers you to reboot your Android to Safe Mode, select this option and OK.

If this failed to work for you, just turn off your device and then turn it on. Once it becomes active, try pressing and holding Menu, Volume Down, Volume Up or Volume Down and Volume Up together to see Safe Mode.

2. Uninstall malicious app (FBI Android virus may hide under BaDoink, Video Player, Network Driver System, Video Render, ScarePakage and other suspicious names):

  • When in Safe Mode, go to Settings. Once there, click on Apps or Application manager (this may differ depending on your device).
  • Here, look for previously mentioned malicious app(s) and uninstall all of them.

If this failed, enter a random, 15 digit length, code of imaginary MoneyPak xpress Packed voucher that is asked by this android virus or follow these steps:

  • Go to Settings -> Security. Here, select Device administrators.
  • Here, look for previously mentioned malicious app(s) and uncheck it
  • In order to finish the removal of FBI Android virus, select Deactivate and OK.

do it now!
Reimage Happiness
Intego Happiness
Compatible with Microsoft Windows Supported versions Compatible with OS X Supported versions
What to do if failed?
If you failed to remove virus damage using Reimage Intego, submit a question to our support team and provide as much details as possible.
Reimage Intego has a free limited scanner. Reimage Intego offers more through scan when you purchase its full version. When free scanner detects issues, you can fix them using free manual repairs or you can decide to purchase the full version in order to fix them automatically.
Alternative Software
Different software has a different purpose. If you didn’t succeed in fixing corrupted files with Reimage, try running SpyHunter 5.
Alternative Software
Different software has a different purpose. If you didn’t succeed in fixing corrupted files with Intego, try running Combo Cleaner.

To remove FBI Green Dot Moneypak virus, follow these steps:

Remove FBI Green Dot Moneypak using Safe Mode with Networking

To enable security software, enter Safe Mode with Networking using the following steps:

  • Step 1: Reboot your computer to Safe Mode with Networking

    Windows 7 / Vista / XP
    1. Click Start Shutdown Restart OK.
    2. When your computer becomes active, start pressing F8 multiple times until you see the Advanced Boot Options window.
    3. Select Safe Mode with Networking from the list Select 'Safe Mode with Networking'

    Windows 10 / Windows 8
    1. Press the Power button at the Windows login screen. Now press and hold Shift, which is on your keyboard, and click Restart..
    2. Now select Troubleshoot Advanced options Startup Settings and finally press Restart.
    3. Once your computer becomes active, select Enable Safe Mode with Networking in Startup Settings window. Select 'Enable Safe Mode with Networking'
  • Step 2: Remove FBI Green Dot Moneypak

    Log in to your infected account and start the browser. Download ReimageIntego or other legitimate anti-spyware program. Update it before a full system scan and remove malicious files that belong to your ransomware and complete FBI Green Dot Moneypak removal.

If your ransomware is blocking Safe Mode with Networking, try further method.

Remove FBI Green Dot Moneypak using System Restore

You can also get rid of FBI Green Dot MoneyPak virus by using System Restore:

  • Step 1: Reboot your computer to Safe Mode with Command Prompt

    Windows 7 / Vista / XP
    1. Click Start Shutdown Restart OK.
    2. When your computer becomes active, start pressing F8 multiple times until you see the Advanced Boot Options window.
    3. Select Command Prompt from the list Select 'Safe Mode with Command Prompt'

    Windows 10 / Windows 8
    1. Press the Power button at the Windows login screen. Now press and hold Shift, which is on your keyboard, and click Restart..
    2. Now select Troubleshoot Advanced options Startup Settings and finally press Restart.
    3. Once your computer becomes active, select Enable Safe Mode with Command Prompt in Startup Settings window. Select 'Enable Safe Mode with Command Prompt'
  • Step 2: Restore your system files and settings
    1. Once the Command Prompt window shows up, enter cd restore and click Enter. Enter 'cd restore' without quotes and press 'Enter'
    2. Now type rstrui.exe and press Enter again.. Enter 'rstrui.exe' without quotes and press 'Enter'
    3. When a new window shows up, click Next and select your restore point that is prior the infiltration of FBI Green Dot Moneypak. After doing that, click Next. When 'System Restore' window shows up, select 'Next' Select your restore point and click 'Next'
    4. Now click Yes to start system restore. Click 'Yes' and start system restore
    Once you restore your system to a previous date, download and scan your computer with ReimageIntego and make sure that FBI Green Dot Moneypak removal is performed successfully.

Finally, you should always think about the protection of crypto-ransomwares. In order to protect your computer from FBI Green Dot Moneypak and other ransomwares, use a reputable anti-spyware, such as ReimageIntego, SpyHunter 5Combo Cleaner or Malwarebytes

Choose a proper web browser and improve your safety with a VPN tool

Online spying has got momentum in recent years and people are getting more and more interested in how to protect their privacy online. One of the basic means to add a layer of security – choose the most private and secure web browser. Although web browsers can't grant full privacy protection and security, some of them are much better at sandboxing, HTTPS upgrading, active content blocking, tracking blocking, phishing protection, and similar privacy-oriented features. However, if you want true anonymity, we suggest you employ a powerful Private Internet Access VPN – it can encrypt all the traffic that comes and goes out of your computer, preventing tracking completely.


Lost your files? Use data recovery software

While some files located on any computer are replaceable or useless, others can be extremely valuable. Family photos, work documents, school projects – these are types of files that we don't want to lose. Unfortunately, there are many ways how unexpected data loss can occur: power cuts, Blue Screen of Death errors, hardware failures, crypto-malware attack, or even accidental deletion.

To ensure that all the files remain intact, you should prepare regular data backups. You can choose cloud-based or physical copies you could restore from later in case of a disaster. If your backups were lost as well or you never bothered to prepare any, Data Recovery Pro can be your only hope to retrieve your invaluable files.

About the author
Ugnius Kiguolis
Ugnius Kiguolis - The mastermind

If this free removal guide helped you and you are satisfied with our service, please consider making a donation to keep this service alive. Even a smallest amount will be appreciated.

Contact Ugnius Kiguolis
About the company Esolutions

Removal guides in other languages

  1. Dale says:
    September 19th, 2012 at 10:31 am

    Malwarebytes fails to remove the virus. Any suggestions

  2. andy says:
    September 24th, 2012 at 9:58 am

    tuen off your internet connection , go to system restore go back a day before the virus and it should be gone

  3. TJ says:
    November 19th, 2012 at 12:43 pm

    I rebooted into safe mode with Windows 7 and did a system restore. I opened up Microsoft Security Essentials to find that the virus had been quarantined. I have since deleted those files, updated Security Essentials and ran a scan which showed no deteced items.

  4. Shantina says:
    September 25th, 2012 at 12:56 pm

    system restore will remove virus.

  5. Kelly says:
    November 1st, 2012 at 7:18 pm

    I removed the virus using system restore 5 days ago and its back. Now my system restore says there are no restore points.

  6. Thomas says:
    January 24th, 2013 at 3:42 pm

    It will also delete absolutely anything you have done inbetween the restore point and now. Fine for some people, but if you happen to save files that are creative in nature (stories, digital art, electronic music), or otherwise irreplacable (family pictures recently taken that you havent had a chance to copy, same for videos), then there is always a risk that you will delete these items.

    This is kind of like using a flamethrower to get a fly; yes, it will take care of the problem, but its also likely to destroy something that you want to keep.

  7. Dave says:
    September 25th, 2012 at 4:13 pm

    What should I do if I cant even get into safe mode? The only user account is the admin and thats whats infected so I cant run anything in a win os environment. Is there any options for a standalone bootable copy of something that will remove this or at least get me into windows?

  8. Brian says:
    December 23rd, 2012 at 8:23 am

    spam press F8 while your computer is booting up to access safemode with networking. This should allow you to run a security scan and look for further assitance on the web,

  9. Rick says:
    September 26th, 2012 at 9:36 am

    Boot into Safe Mode with Command Prompt, then type explorer.exe. You can run System Restore from there.

  10. rob says:
    September 27th, 2012 at 7:33 pm

    what if it wont let me log on in safe mode with command prompt. If i get to the log in screen it rejects every password? If i try safe mode with networking it accepts the password but then gives me a blank white screen with message “waiting for page to load”

  11. g says:
    December 24th, 2012 at 4:13 pm

    How did you fix the problem where every password is incorrect, and safe mode does not work? how to get fix it

  12. Zam says:
    December 14th, 2012 at 3:50 am

    Please, what is windows system32?

  13. Justin says:
    September 26th, 2012 at 3:49 pm

    I have the same problem as Dave…..

  14. rob says:
    September 27th, 2012 at 7:30 pm

    I have the same problem. It wont let me log in in safe mode or safe mode with command prompt

  15. doug says:
    September 28th, 2012 at 9:45 am

    Desktop computer wont boot in safe mode, get a blue screen and have to power off. It boots if disconnected from internet cable, but task manager and regedit doesnt work, is the computer shot?

  16. Mike says:
    September 30th, 2012 at 9:50 am

    You have to hit F8 while your computer is booting up. Then select reboot with command prompts. A bunch of Stuff will pop up but give it a few minutes and it will eventually change. Type in explorer.exe and it should boot up in safe mode. Then go to wherever your system restore is and go from there. System restore works and I did not download any malware or spyware stuff. Computer works fine.

  17. Jazz says:
    October 5th, 2012 at 7:26 am

    Thank you so much Mike. I was abt to spend $180 to have someone come out to fix my computer. Truly thank you.

  18. Chip says:
    October 7th, 2012 at 11:30 am

    Thanks for sharing your knowledge Mike. Worked like a charm.

  19. Bill says:
    November 13th, 2012 at 5:55 pm

    Thanks Mike worked for me also.

  20. Michael J says:
    January 22nd, 2013 at 12:10 pm

    Thanks so much Mike!!! It really worked thanks for sharing

  21. Purpleyeti says:
    April 7th, 2013 at 7:56 pm

    Thanks, if I could have your babies I would.

  22. Will says:
    October 1st, 2012 at 8:40 pm

    Mikes instructions worked great. Virus gone, everything working fine – no loss of data. Thanks!

  23. William says:
    October 2nd, 2012 at 12:06 pm

    Thank you Mike..Computer is back to the way it should be…WORKING…again THANK YOU!!!!!!!!!!!!!!

  24. Andrew says:
    October 2nd, 2012 at 3:21 pm

    Had a different version on this virus a few months ago and once in safe mode malwarebytes removed it and had no issues. This time around it has been unsuccessful but Im going to give spyhunter a shot. Glad to see there is more info about this than the last time I looked, Thanks!

  25. gus says:
    October 4th, 2012 at 10:15 am

    How do these bastards get away with this kind of stuff?

  26. sean says:
    October 4th, 2012 at 5:42 pm

    I just restored back 1 day before and the virus is still there.

  27. mdubb says:
    October 5th, 2012 at 2:28 pm

    I didnt have to turn off the wireless… I just cut off the computer turned it on. When asked I went to turn on the computer in “safe mode”. Then when the computer loaded I hit “f8”. typed in explorer.exe then. I went the start menu, typed in “restore”…went to system restore and the computer restored it to the last date I was on the computer and the virus is gone! thanks to Mike!

  28. Jamie says:
    October 8th, 2012 at 4:23 pm

    I dont have any system restore points, what should I do?

  29. Will says:
    October 8th, 2012 at 8:40 pm

    I have tried the system restore and its not working. Any other options

  30. justin says:
    October 11th, 2012 at 3:42 pm

    i revealed that YOOsecurity madr the virus so people would buy their anti virus if this gets heard spread the word!!!

  31. wilber says:
    October 11th, 2012 at 4:40 pm

    Hey thanks a lot for this useful information. I was able to get a full copy of Spy Hunter and bam no more F.B.I junk lol

    thanks a bunch.


  32. george says:
    October 11th, 2012 at 4:58 pm

    I Bburned cd spyhunter what neaxt 🙂

  33. tomi says:
    October 14th, 2012 at 1:03 pm

    Thanks mike! It works!

  34. matt says:
    October 14th, 2012 at 10:00 pm

    My comp. doesnt do ANYTHING if you press f8 while its booting… ?

  35. Bill says:
    November 13th, 2012 at 5:52 pm

    Press F8 repeatedly as it is booting

  36. Mia says:
    October 14th, 2012 at 10:50 pm

    Thanks Mike!!!! It worked!! So relieved and thankful to you for your help!!!!

  37. Matt says:
    October 14th, 2012 at 11:22 pm

    nvm i got it, now all i need to know is how to be sure you got rid of the virus for good

  38. zoe says:
    October 14th, 2012 at 11:27 pm

    After I put into safe mode and restart computer virus shows up and I cannot do any other instructions. What am I doing wrong?

  39. jimbo says:
    October 15th, 2012 at 2:28 pm

    I have discovered an easy way to remove the moneypak virus without scanning and without manually removing files. My computer has vista and a thing called system restore. After trying various scans, that didnt work, something clicked. My computer didnt have these virus files downloaded 2 days ago so I decided to use system restore to restore my computer to the state it was in 2 days ago. By doing this the computer itself will remove the virus, because the computer will remove all files that were downloaded from 2 days ago to present. Presto, that moneypak virus was gone like a rabbit in a hat. If I ever get any more viruses, malware, spyware, ransomwear, etc. I now have a way to get them off in seconds. I hope this saves alot of peoples hair from being pulled out.

  40. dell says:
    December 26th, 2012 at 8:18 pm

    Thank you so much for the excellent advise. With my Windows Vista I did exactly as you suggested and it seems to have worked. Scared the crap out of me initially, but glad I researched it on our family computer and found your advice. My Laptop and I thank you!

  41. Ric says:
    October 17th, 2012 at 3:02 pm

    Thanks for the great advices to all mentioned the system restore. I just did it last night on Window Vista and the nightmare is now over.
    Additional advice: F8 only needed to press ONCE right from reboot, otherwise you can never get into safe mode. Dont install SpyHunter unless you plan to buy it. After installing, it will only scan your system but not removing anything unless you register and pay $40.

  42. Ric says:
    October 17th, 2012 at 3:10 pm

    Another piece of advice from my experience last night. In case you cant find system restore shortcut from window safe mode like myself after entering explorer.exe, you can type in rstrui.exe at the prompt directly for system restore. Just wait for a minute and your computer will start rebooting.

  43. S Schwartz says:
    October 17th, 2012 at 9:04 pm

    Computer was restored to normal operation by restarting in safe-mode and removing the following files:

    wsidten.dll found in C:Documents and Settings***Local SettingsTemp
    ctfmon shortcut found in C:Documents and Settings***Start MenuProgramsStartup
    lsass.exe found in C:Documents and SettingsAll UsersApplication Data

    wsidten.dll and lsass.exe were replaced with 0 byte / read-only dummy files to prevent reinfection.
    Make dummy files by creating a new text document, rename it, and make it read-only.

  44. Dean says:
    October 17th, 2012 at 9:10 pm

    I did the Vista recovery, and it worked!!!! Went 5 days back. SWEET! Thanks everyone!!!!

  45. LEE says:
    October 18th, 2012 at 2:11 am

    I could not access to safety mode, only safety mode with prompt. on the prompt, put “rstrui.exe” then enter, enter…. then it was auotmatically restored and romoved.

  46. Parker says:
    October 18th, 2012 at 3:59 am

    That helped thanks

  47. mike says:
    October 18th, 2012 at 8:59 am

    any ideas if you have no restore points for a system restore?

  48. mike says:
    October 18th, 2012 at 9:08 am

    SpyHunter, Malwarebytes and sytem restore not working for me.

    SpyHunter requires an internet connection to install. FBI virus has disabled network so I cannot install it. Also, Malwarebytes does ot work (even with a manual update of virus definitions). No restore points.

  49. Ray says:
    October 18th, 2012 at 5:16 pm

    System restore worked for me after placing in safe mode. I restored to settings 2 days prior. What a relief. This is a nasty virus.

  50. Tom says:
    October 18th, 2012 at 5:48 pm

    I have been trying to get rid of this virus and several others for days. Get blu screen of death and pc only will stay up for a few minutes before going to blue screen I was able to get the command prompt in safe mode and I typed explorer.exe but after that it wouldnt take me to restore point or I dont know where to find it . I was able to open my computer and run malware bytes scan tool. But it didnt find anything ? Im about redy to toss this bleeping thing. Please help a nubie. How do you find restore points etc. thanks in advance. Tom
    I have a program called combofix someone told me to run but Im afraid to since my pc only stays up for 2 or 3 min until blue screen pops up.

  51. ken C says:
    October 20th, 2012 at 4:01 pm

    System Restore worked like a charm!

  52. Kevin says:
    October 22nd, 2012 at 7:26 pm

    Thanks Mike, worked for me too. Just a note about System Restore; it could take some time, mine took about 1 hour 25 minutes as the Java applet churned. There is no percentage countdown or other status bar visual indicator. Patience required. Once done it will reboot. Im on Win7 and went back 5 days to the Restore point. I had no system changes in the 5 day span other than McAfee Internet Security (laugh) and Windows updates.

  53. Ryan says:
    October 23rd, 2012 at 11:12 pm

    I booted up in safe mode then went to administrator to do a system restore. I only restored it 1 week earlier, maybe took 5 minutes and when my laptop rebooted the virus was gone.

  54. Hector says:
    October 29th, 2012 at 11:19 pm

    I love you mike fixing this virus make me change my study field to computer since thank you so much mike I can sleep good tonigh

  55. Aim says:
    October 30th, 2012 at 9:00 pm

    Mike….you are a genius…thank you so much!

  56. Mario says:
    October 31st, 2012 at 12:12 am

    I had the FBI Green Dot virus and could not find anything unusual in the regedit area or registry area. I went to WINDOWS EXPLORER and did a *.exe search (with a date modifier set to today) to find the problem. The file name was something like unph???.exe I hope this helps someone.

  57. Dan says:
    November 2nd, 2012 at 2:36 pm

    I was fortunate enough to have had another account on my vista so I used that to create another administrative account. Once I did that I I started in safe mode and made copies of files pics ect. then just deleted the original administrative account. Virus was blown into the virtual cosmos! Have had no problem since =)

  58. Mickr says:
    November 4th, 2012 at 9:20 am

    Hi, When I try Safe Mode I can only use safe Mode With Networking as Safe Mode does not allow a domain to be specified which my logon requires. When I use safe Mode With Networking as soon as the computer logons on it locks with a white screen. There is no possibility to type a CMD command or try access Ststem restore. Any suggestion splease on what I can do here?

  59. Sue says:
    November 6th, 2012 at 7:54 am

    Ive been attempting Restores (yesterday, last week, last month)…each time Im being told “Your computer cannot be restored to: xxx (date), No changes have been made to your computer”. Any other suggestions for a novice PC person?

  60. DB says:
    November 17th, 2012 at 1:20 pm

    When I enter Safe Mode, the GreenDot screen still shows up. How can I restore?

  61. Dave says:
    November 18th, 2012 at 1:24 pm

    When i try to get on Safe mode or Safe mode with command prompt i get the BSOD (blue screen of death). Any suggestions?

  62. Kris says:
    November 21st, 2012 at 12:08 am

    I keep trying to do a restore and it keeps failing. Any suggestions?

  63. steve says:
    November 24th, 2012 at 8:52 am

    my pc is infected and I cant seem to boot in safe mode. what should i do?

    Win 7
    i unplugged internet connection
    rebooted kept hitting f8 but cantt get to safe mode option.

  64. needtoknow says:
    December 6th, 2012 at 12:50 am

    thankfully i got my network back up enough to find this website. Almost gave in i made it as far as buying the card but i found out about the virus through this site and the info mike gave help me fix the issue. thank you

  65. needtoknow says:
    December 6th, 2012 at 12:54 am

    rebot in safe mode with prompt, then type explorer.exe, should look old school, go to control panel and do a system restore. should do the trick by the way info is care of mike mentioned earlier in post

  66. Mahi says:
    February 23rd, 2013 at 6:47 pm

    If you are able to get into your pc and try to go to (for Win 7)
    C:ProgramData and see if you can find unusual file. These are random named files. Click on Date Modified and check anything added recently and delete them.

  67. Nikil says:
    November 27th, 2012 at 5:47 am

    Additional Resources:

  68. Phil says:
    December 12th, 2012 at 7:40 am

    No system restore points…which is odd. What now?

  69. Zam says:
    December 14th, 2012 at 5:04 am

    Please, how can i do?
    I cant run by safe mode and networking.
    Please, some one..

  70. Geary says:
    December 14th, 2012 at 9:54 am

    Followed everyones directions, was able to get to the restore point from this summer, and restored to there. THANKS to all of you!

  71. Daniel says:
    December 17th, 2012 at 12:34 pm

    i went to “safe mode with networking” enter, goes to next screen will not do anything. black screen. what do i do next. want to make sure virus off and computer clean before getting on job network..

  72. nick says:
    December 21st, 2012 at 10:15 pm

    Why such kind of nonsense is happening in my pc..your steps helped me to remove Guard Pro fake virus.thanks guys..

    Provide me information to know how i will be able to know that my system get infected once again by same virus???

  73. J. says:
    December 22nd, 2012 at 7:29 pm

    I kept getting the blue screen of death when I tried to enter safe mode. Worked for about 3 hours with no luck. Finally, I disconnected the internet cable and loaded windows normally. IT WORKED!!! I then did a system restore to a few days ago, and everything is working great. DISCONNECT THE INTERNET CABLE!

  74. albert davis says:
    December 23rd, 2012 at 2:55 pm

    i albert davis is report money pak to the b.b.b. it is a scams day got me for 300.00 get the virus off my computer i albert ask to remove all virus scams off my computer so i can e mail and get e mail money pak is blocking my e mail facebook my unmaem and password unlock my computer report to the f.b.i. can i will call the b.b.b. remove all viaus and scams .

  75. Charlie says:
    December 24th, 2012 at 10:59 am

    Thanks to all for comments. Did a system restore to two days prior and seems to have completely resolved the issue. Id like to find and castrate these dirty rat bastards.

  76. Gary says:
    December 24th, 2012 at 1:38 pm

    I too got hit with this nasty virus. No luck removing it yet. I have XP. Ive tried safe mode, safemode with networking, and command prompt. Every combination brings me to the the virus screen. Ive tried to log in as user and admin. Same thing. Is there something I can run externally to get around this? I have USB drives available. Thanks in advance.

  77. Gary says:
    December 24th, 2012 at 2:09 pm

    UPDATE I was able to get in using command prompt with networking. I quickly typed explorer.exe and my restore window showed up. Restored successfully to last week. Windows now starts normally and my desktop appears. Im running a malwarebytes scan. Im not connected to the internet yet. Im wondering if there are other tools I should use before I claim victory over this virus. Thanks again!

  78. Marissa says:
    December 27th, 2012 at 2:18 pm

    Mine said Im a pedophile. I thought it was real for a second, because my friend showed me this nasty picture once.. but now I know its not. They could see me on the webcam. Why would an 18 yr old girl be a pedophile?

  79. Mark says:
    December 28th, 2012 at 2:19 pm

    I have XP. I cannot get into safe mode. I tried all 3 safe modes numerous times – regular safe, safe with networking and safe with command. They all kick right back to the page after 20-30 seconds.

  80. JD says:
    December 31st, 2012 at 2:14 pm

    Windows XP. System Restore not working. All safe modes are disabled. Got the virus on Christmas Day. Need to manually remove through search. Please list specific files if possible. Thanks in advance.

  81. blah says:
    January 5th, 2013 at 6:56 am

    Has anyone else recieved a random phone call from an unknown number? The person on the other line is saying I have a virus and he can help me remove it. As I had this virus the other week, I have since removed it and nothing has happened. Until I got that phone call this morning. Does anyone have any other information?

  82. hodo says:
    January 12th, 2013 at 12:49 am

    yes i did. i was told by the guy i had a virus and he needed to remove it and he could do it by remote control. He said the fee would depend on the problem. the problem was i let him take remote control of my pc and he moved everything so fast i couldnt follow him. then he said the fee would be 175 dollars. i told him to go suck eggs and then he said he would accept 75 so i (thinking this was a good deal) paid the rotton rat. little did i know while he had remote access he installed some nasty virus and some malware (and i accualy paid him for it). they will not stop. once they get your phone number they might wait 3 months and call back saying you have won a lottery, you need to send .001% of the winnings for processing. .001% of the supposed winnings of 5 million was 5000 bucks. I knew there was no way any sweepstake or lottery (especially since i didnt enter any) would make you pay for any winning. & i was right!

  83. rob says:
    January 14th, 2013 at 1:39 am

    CHECK: In safe mode with command prompt
    CHECK: I typed explorer.exe
    However, it still takes me to the virus before I get to Control Panel. Ideas?

  84. DAVE says:
    January 14th, 2013 at 4:15 pm

    TO MIKE,
    Thanks for the info.did the c/prompt and restore to a couple a days ago and ran m-bytes.picked up 39 viruses and got rid of em.machine is working fine now.THANKS Again!

  85. Jim says:
    January 15th, 2013 at 1:43 pm

    Ok, most of you are not getting to the issue here.
    I have windows vista home
    I have no way to get to any safe mode options, none, I CAN NOT GET TO SAFE MODE.
    The reason I wrote in caps was not to offend, but to get you to understand that there is no safe mode. I can boot from each option in the F8 menu, but when the system boots there is that annoying warning preventing me from doing anything. I do not have a second account, it is my computer. So, to sum this up, no safe mode, no command prompt, still have virus.

  86. Jim says:
    January 16th, 2013 at 3:37 pm

    Ok, kiddies I have removed the virus even though I was not able to get to safe mode or to a command prompt. This is what I did, I am not sure if your options are identical so please review this before you start.
    Restart computer and press F8 to get to the start up options,
    Select repair and enter,
    select os to repair,
    select user account to repair,
    when system recover options menu comes up select System Restore and go to the first option before FBI green dot. Let the system continue until all is finished. Worked for me, I hope it works for you.

  87. Ilan says:
    January 20th, 2013 at 10:45 am

    Dale, Malwarebytes did remove it for me I guess you need to update! thank you guys. I boot my laptop with command promt in safe mode and typed in “explorer.exe” as Rick has suggested and boy I was saw happy to see my start menue. (thank you rick!) then I ran Malwarebytes in fast scan detected 23 red ones and then performed full scan and found 4 more. about system restore it is not enough it will come back scan and remove this nasty program has lost of trojans !

  88. Paul says:
    January 21st, 2013 at 10:51 pm

    Do a system restore, the run a quality virus program. Then find the idiot who wastes his him writing these viruses and punch him in the face.

  89. Jill says:
    January 27th, 2013 at 5:25 pm

    My dad has this virus, safe mode is llocked, as soon as he tries to get into it, it boots him back into windows. Disconnecting the internet hasnt helped either. Any suggestions?

  90. Jill says:
    January 27th, 2013 at 5:26 pm

    oh, and i forgot, its the only account on the pc.

  91. Mahi says:
    February 23rd, 2013 at 6:41 pm

    If are able to get into your pc and try to go to (for Win 7)
    C:ProgramData and see if you can find unusual file. These are random named files. Click on Date Modified and check anything added recently and delete them.

  92. bill says:
    February 18th, 2013 at 12:29 pm

    Best to spend the money and have a computer store remove it. Restore loses a lot of data. Friend of mine has it and he is shut down with many grants written to be sent asap, restore will lose all that work. He watches porn, best advice, dont go to porn sites.

  93. mark. says:
    February 26th, 2013 at 10:34 pm

    you can also bypass this thing by logging in as guest. if you dont have it. start in safe mode and add guest user . you can do this by ( while in safe mode) opening control panel, open administrative tools, manage another account , turn on guest accounts. trying to do a restore point while logged in at safe mode (as administrator) would automaticaly shut down . or even search for any of the files or processes. would result in auto shut down also. so go in as guest and do what ya need to -restore to previous point , download maleware ….etc.

  94. chako says:
    May 26th, 2013 at 9:20 pm

    Thanks a lot it worked………………..

  95. Elise says:
    June 11th, 2013 at 8:45 am

    Prior to reading this forum, I had attempted to boot up my computer in plain safe mode, and now when I turn on my computer, my screen is completely black. I tried pressing F8 (repeatedly) as soon as I turn my computer on but nothing happens. My computer just sits powered on with a black screen. Any suggestions? Am I totally screwed now?

  96. ben says:
    July 28th, 2013 at 5:50 pm

    To anyone that knows the answer i got a similar virus but was using campus pc on network. I just hit the power button on and off and everything worked it seemed ok. Is it gone?

  97. Justin says:
    August 6th, 2013 at 9:36 pm

    Have tried about everything and cant get in my computer in any mode before the virus pops up. Does anyone know a fix for this without being able to open windows?

  98. Irish says:
    September 3rd, 2013 at 8:53 pm

    I dont know what I did. however I wrote the directions down for several ideas. Lo and worked! So thank you all for your help. You all rock! And if I could remember how I did it. I would tell you. I believe it was mostly what John had to say. Whatever, it worked. Thank you!!!

  99. Mark says:
    November 8th, 2013 at 2:41 pm

    I have the virus that locks the computer stating it is from “THE DEPARTMENT OF JUSTICE” demanding $300.00 from Money pak. I restarted my computer, tapped F8 clicked on Safe Mode Command Prompt but the same message came up again. How do I get into my desk top computer to make repairs if this keeps coming up blocking me?

  100. Isaac says:
    June 2nd, 2014 at 10:48 pm

    Ive just got this virus today but its on my samsung galaxy note 10.1 2014 edition. running android 4.4.2 and cant find any help on how to remove it

  101. jessie says:
    July 2nd, 2014 at 8:09 am

    How do u remove it from an android phone?????????

  102. jessie says:
    July 2nd, 2014 at 8:11 am

    I am trying to remove this virus from my phone but have no luck. Any suggestions?

  103. Michael Brinson says:
    July 28th, 2014 at 11:28 pm

    cant remove FBI money pac virus from my galaxy s5

  104. John says:
    December 9th, 2014 at 5:43 am

    I just did a factory reset. (hard reset holding down the volume key the side button on the right and the bottom button on the face of the phone close) follow the prompts. In your phone and go to factory reset and youre going to lose everything that you downloaded but youll find it in your Google Play and backups and then I reformat the SD card havent had a problem since

  105. mike says:
    August 23rd, 2014 at 8:45 pm

    that all sounds good but lets not make it to hard for people who don’t know computers unplug your internet restart your computer no internet it wont lock it up you will boot like always run your spywear programs cc cleaner spybot search and destroy or advance system care that will kill it turn your computer off plug in youe internet and away you go the bad thing is if you don’t have these cleaners or some sort of cleaner then you do need to do a format and clean install so un plug internet clean it and restart hope this helps and malwarebytes is great

  106. JoJo says:
    January 12th, 2015 at 9:35 am

    Next time you will pay extra for a Macbook computer or Mac Desktop. This type of shit never happens.

  107. Danielle says:
    January 27th, 2015 at 12:13 am

    My 6 yr old daughters Kindle now has this virus. How do you get rid of the virus if its on a Kindle?

Your opinion regarding FBI Green Dot Moneypak Virus