Federal Bureau Investigation virus - How to remove?

 

What is Federal Bureau Investigation virus?

Federal Bureau Investigation virus is a sneaky malware that infects random computer systems through security vulnerabilities or distributed through spam mails or fake torrent files. It is very important to use secure browsers and use latest versions of Java to prevent such infections from happening. Once inside, the virus completely locks your system and only displays one message telling that you have been violating the Copyright and Related Rights Law and illegally using or distributing copyrighted content. Here’s a part of the message that you will receive if you get infected by Federal Bureau Investigation virus:

FEDERAL BUREAU INVESTIGATION

ATTENTION!

Your PC is blocked due to at least one of the reasons specified below.

You have been violating Copyright and Related Rights Law (Video, Music, Software) and illegally using or distributing copyrighted content, thus infringing Article I, Section 8, Clause 8, also known as the Copyright of the Criminal Code of the United States of America.

Article I, Section 8, Clause 8 of the Criminal Code provides for a fine of two to five hundred minimal wages of a deprivation of liberty for two to eight years.

You have been viewing or distributing prohibited Pornographic content (Child Porno/Zoofilia and etc.). thus violating article 202 of the Criminal Code of the United States of America. Article 202 of the Criminal Code provides to a depravation of liberty for four to twelve years.

The message looks really scary as it tells what laws you have violated, mentions the article, section and clause. The interface looks very legitimate as well. The message claims that you have to pay a fine of $200 in order to get your computer unblocked. However, No institution would lock your PC and ask you to pay fines. Federal Bureau Investigation virus is a scam and you should not trust these messages.

We have seen this type of viruses already, so it’s clear that Federal Bureau Investigation is just one more version of the threats that use a name of FBI to look more legitimate and get money from random computer users by scaring them. You may have already heard about FBI ransomware, Police Central e-Crime Unit ransomware, FBI Moneypak virus and others. Do not get tricked by Federal Bureau Investigation virus. All these programs are very dangerous and they must be removed as soon as possible.

In order to remove Federal Bureau Investigation virus, follow the steps below:

  1. Reboot and press F8 while PC is booting
  2. Choose safe mode with networking
  3. Launch MSConfig
  4. Disable startup items rundll32 launching something from Application Data
  5. Reboot. FBI ransomware should not load.
  6. Download http://www.2-viruses.com/downloads/spyhunter-i.exe and scan your PC.

If that doesn’t work try the folowing steps:

  1. Reboot, and launch task manager (CTRL+SHIFT+ESC ) while your programs are loading. It should run under YOUR user permissions, not system.
  2. Kill malware process using task manager in process tab.
  3. Download and scan with http://www.2-viruses.com/downloads/spyhunter-i.exe , Hitman Pro or spyhunter.

 

Automatic Federal Bureau Investigation virus removal tools

 
  Download Spyhunter for Federal Bureau Investigation virus detectionNote: Spyhunter trial provides detection of parasite like Federal Bureau Investigation virus and assists in its removal for free. You can remove detected files, processes and registry entries yourself or purchase a full version.
 
 
 
* Support is performed by Callstream.
 
 

Manual Federal Bureau Investigation virus removal

 

Important Note: Although it is possible to manually remove Federal Bureau Investigation virus, such activity can permanently damage your system if any mistakes are made in the process, as advanced spyware parasites are able to automatically repair themselves if not completely removed. Thus, manual spyware removal is recommended for experienced users only, such as IT specialists or highly qualified system administrators. For other users, we recommend using Spyhunter or other tools found on 2-viruses.com.

Processes:
Files:

It is impossible to list all file names and locations of modern parasites. You can identify remaining parasites, other Federal Bureau Investigation virus infected files and get help in Federal Bureau Investigation virus removal by using Spyhunter scanner. 

 

Federal Bureau Investigation virus screenshots

 
Federal-Bureau-Investigation-Virus
           
     

15 thoughts on “Federal Bureau Investigation virus

  1. Anonymous
     

    I couldn’t find that DLL or anything under App Data, so i disabled they entire start up as followed on the first step. Rebooted and it didn’t come up. Just incase if anyone else has this problem. Now running an anti-virus by AVG. Then next i’m spyhunting the sucker!

     
  2. Anonymous
     

    I didn’t do any of that I just unhooked my internet connection which if you do it will not pop up then I restored my computer to and earlier date, has anyone done this if so tell me if it came back, this was the best and fastes way for me

     
  3. Z
     

    check your registry, as well.

     
  4. Abdul
     

    I use a computer program call spybot search and destroy. That program is a pretty good one anything bad on your computer that shouldn’t be there the program will fix it.

     
  5. paul
     

    I trued to reboot my computer by pressing restart then f8 but nothing popped up except the virus.I’m not sure if I need to shit the computer down then try everything again?

     
    1. Giedrius Majauskas (admin)
       
       
      Post author

      paul: You either pressed F8 in from moment, or ransomware disabled safe mode (you would see a message that safe mode is disabled).
      If you can’t get in safe mode, burn a Norton Power Eraser CD and boot PC from it. Do a scan.

       
  6. Linus
     

    I Cant do anything?! No matter what, the screen pops up.. :(

     
    1. Giedrius Majauskas (admin)
       
       
      Post author

      Linus : Worst case – use alternate OS scanners from CD/DVD. You will have to burn them on non-infected PC, and later boot the infected one from one of these. Norton Power Eraser, Avira Boot CD, Kaspersky Rescue disk, etc

       
  7. Zam
     

    Is it really wok?
    I wanna do too!@Anonymous

     
  8. Werner
     

    Removed it in safe mode a few days ago with spybot search and destroy.
    Last night it was back !
    Even in safe mode,with or without networking and modem disconnected,it keeps popping up.
    Giedrius,I hope your advice, booting from rescue cd ,is going to work.
    Thanks in advance.

     
    1. Giedrius Majauskas (admin)
       
       
      Post author

      Werner: it is different trojan this time, so Spybot missed a trojan downloader or you got reinfected. Spybot is quite inefficient with its checks in my opinion, I recommend it against PUPs / Adware mostly usually, where it is quite OK.

       
  9. rich
     

    i tried doing it myself by press f8 that worked but when I tried to do the windows r it would log off and restart in about two seconds I was not able to fix the problem does anyone have a solution for me?

     
    1. Giedrius Majauskas (admin)
       
       
      Post author

      Rich: Try using Hitman pro kickstarter usb or Kaspersky rescue CD.

       
  10. Andrew Deitz
     

    If the steps in this article above do not work, run a system restore to factory settings. This will wipe your entire hardrive, and require you to create a new user. If the computer asks you to back up your files, don’t do it, even if you have important files in there, the virus can and very likely will infect one of the files you backed up and you will have the same problem. Be sure to start up your computer and do not set up wirless untill you are 100% sure that the virus is no longer on your computer. Do this on Windows XP or higher operating system, for Mac and Linux, I have no idea about how to do it on those. This worked 100% and rid the computer of the virus.

     
    1. Giedrius Majauskas (admin)
       
       
      Post author

      Andrew: It works only on laptops that have the restore partition.

       

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title="" rel=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>