FBI Cybercrime Division virus is a dangerous ransomware that locks computer systems and scares computer users accusing them for violating law. It targets computer users in USA and is a version of of FBI Moneypak virus. The program uses the name of FBI to gain some trust from the users and make its job much easier. The difference is that Cybercrime Division virus references specific branch of FBI rather than the whole organisation. Even if they both operate the same, this allows to distinguish between the trojans used for this infection and remove it faster and easier.
Basically, the FBI Cybercrime Division ransomware displays a message on your computer’s screen saying that you have violated Copyright and Related Rights Law (Video, Music, Software) and illegally used or distributed copyrighted content. FBI Cybercrime Division virus does not allow to run any of your programs and completely locks the system so you couldn’t do anything on your computer.
The ransomware tells that you must pay a fine of 300 dollars in order to unblock your system and fix this situation. It gives you 7 days to do that and it promises to unblock your computer within 72 hours. In fact, FBI Cybercrime Division virus only seeks to get money from you. No official institution would be asking to pay any fines using pre-paid cards and this one uses MoneyPak payment system for this purpose.
FBI Cybercrime Division won’t be mentioned outside USA and other organisation name will be used. This depends from the exact version of the parasite.
You should never trust it and remove FBI Cybercrime Division virus from your computer as soon as you can. Below you will find our recommended removal instructions which will help to eliminate this ransomware for good.
2 large groups of ransomware trojans use CyberCrime Division virus names: Reveton and Usausy. If Mediant name is used, it is typically the second trojan. Reveton can be easily removed by disabling startup entry from safe mode usually. Urausy is a bit more difficult to remove. If the first removal procedure fails, try the second one
- Restart your computer, press F8 while it is restarting.
- Choose safe mode with networking.
- Launch MSConfig.
- Disable startup items rundll32 turning on any application from Application Data.
- Restart your computer again.
- Scan with https://www.2-viruses.com/downloads/spyhunter-i.exe to find the file and remove it. Here is a video guide, showing how to do all the steps:
If you cannot use Safe Mode, try rebooting into safe mode with command prompt. Here is a tutorial how to delete FBI Cybercrime Division virus using this approach:
- Reboot into safe mode with command prompt. FBI Cybercrime Division virus should not be launched this time.
- Run regedit. Search for Winlogon.
- There will be a key labeled Shell under Winlogon. It should refer to Explorer.exe or be blank. If there is something else referring an executable in one of users folders, replace it with explorer.exe.
- Save changes, reboot to safe mode with networking.
- Run msconfig and disable all unnecessary startup entries. You should be able to reboot normally.
- Install and run https://www.2-viruses.com/downloads/spyhunter-i.exe. Scan with it the PC and delete FBI Cybercrime Division virus executables it finds.
Here is a video guide illustrating this virus removal method:
Note, that even if each safe mode is blocked and you can not access other user account and run Anti-Malware program scan from there, there is still a chance to clean the PC from this infection. We recommend either using Bootable antivirus CD/USB disk and scanning with it or calling +1-888-334-2444 (USA / CA ) for help.
Automatic Malware removal tools