How to remove FBI ransomware
FBI Ransomware is an aggressive scam that has been spreading on the Internet under the title of The FBI Federal Bureau Investigation. It’s an alert claiming that your PC is blocked due to several reasons. For example, violating Copyright and Related Rights Law (Video, Music, Software) and illegally using or distributing copyrighted content, viewing or distributing prohibited Pornographic content and similar things. It also claim that your computer is infected by malware, which is a result of violating the law on neglectful use of personal computer. The ransomware will use generic sentences without providing exact reason for blocking your PC, though it would try to scare you with prison sentence.
Basically, you will have your system completely locked so you will not be able to perform any tasks there. At this stage it’s quite easy for the computer hackers to gain some money from you as you are not able to do anything. What FBI ransomware does is stating that you must pay the fine through MoneyPak of $100 or $200 (depending from version) in order to unblock your computer. It also says that when you pay the fine, your PC will get unblocked in 1 to 48 hours after the money is put into the State’s account. Easy as that computer hackers are collecting from $100 to $200 from each victim. The money is collected using MoneyPak or PaySafe pre-paid cards. Thus it is obvious that FBI Ransomware is a scam. You have to know that this malware is created just to scare you and to rip you off. The only way to stop this annoying alert is to remove the parasite, and it is still possible despite your PC being locked.
Note: If you can access another user from the infected PC, download Spyhunter on that account, launch it (if you need, run it as infected administrative user). Perform a full scan. This is by far the easiest way to remove FBI Ransomware without any data loss. Another trick is to pull out the network cable while PC is booting and pull it in couple minutes after the startup to download anti-malware programs. If you can’t access another account, follow the guide bellow or call +1-888-334-2444 (USA / CA ) for assistance.
Versions of FBI Ransomware and their removal
There are multiple versions of FBI ransomware, all with similar design. Some can be recognized from misspellings : Federal Bureau Investigation virus (lack of “of”), FBI Online Agent, etc. Others can not be distinguished that easily as use same text and layout. There are more than 10 different families of trojans behind this scam.
For practical purposes the difference is in the way FBI Ransomware launches and which system functions it disables. This is enough to find the most suitable way to get rid of them.
- Type 1: Versions, that do not launch in safe mode and safe mode with networking.
- Type 2. Versions that do not launch in safe mode with command prompt, but launches or show blank screen in other modes. Typically, launch at once after you log in without larger delay.
- Type 3. Versions, that disable all safe modes.
If you can’t access another user account to run anti-malware programs, use this guide to remove first type of FBI ransomware:
- Reboot and press F8 while PC is booting
- Choose safe mode with networking
- Launch MSConfig
- Disable startup items rundll32 launching something from Application Data. Optionally, disable everything you do not recognize.
- Reboot. FBI ransomware should not load.
- Download http://www.2-viruses.com/downloads/spyhunter-i.exe and scan your PC.
For the second type of FBI Ransomware, this guide will work :
- Reboot PC in safe mode with command prompt. This should allow overcome all versions of FBI Ransomware
- Run Regedit
- Search for WinLogon Entries. write down all files it references that are not explorer.exe or blank. Replace them with explorer.exe
- Search registry for these files and delete the registry keys referencing the files
- Try to reboot and scan with Spyhunter.
If everything fails, you have 3rd type of FBI scam. Then there are following options:
- Attach your PCs hard drive to another PC and do a full system scan with anti-malware programs.
- Use alternate OS scanner like Norton Power Eraser or similar
Automatic FBI ransomware removal tools
Manual FBI ransomware removal
Important Note: Although it is possible to manually remove FBI ransomware, such activity can permanently damage your system if any mistakes are made in the process, as advanced spyware parasites are able to automatically repair themselves if not completely removed. Thus, manual spyware removal is recommended for experienced users only, such as IT specialists or highly qualified system administrators. For other users, we recommend using Spyhunter or other tools found on 2-viruses.com.
It is impossible to list all file names and locations of modern parasites. You can identify remaining parasites, other FBI ransomware infected files and get help in FBI ransomware removal by using Spyhunter scanner.