Federal Bureau Investigation virus - How to remove

Federal Bureau Investigation virus

Federal Bureau Investigation virus is a sneaky malware that infects random computer systems through security vulnerabilities or distributed through spam mails or fake torrent files. It is very important to use secure browsers and use latest versions of Java to prevent such infections from happening. Once inside, the virus completely locks your system and only displays one message telling that you have been violating the Copyright and Related Rights Law and illegally using or distributing copyrighted content. Here’s a part of the message that you will receive if you get infected by Federal Bureau Investigation virus:

FEDERAL BUREAU INVESTIGATION

ATTENTION!

Your PC is blocked due to at least one of the reasons specified below.

You have been violating Copyright and Related Rights Law (Video, Music, Software) and illegally using or distributing copyrighted content, thus infringing Article I, Section 8, Clause 8, also known as the Copyright of the Criminal Code of the United States of America.

Article I, Section 8, Clause 8 of the Criminal Code provides for a fine of two to five hundred minimal wages of a deprivation of liberty for two to eight years.

You have been viewing or distributing prohibited Pornographic content (Child Porno/Zoofilia and etc.). thus violating article 202 of the Criminal Code of the United States of America. Article 202 of the Criminal Code provides to a depravation of liberty for four to twelve years.

The message looks really scary as it tells what laws you have violated, mentions the article, section and clause. The interface looks very legitimate as well. The message claims that you have to pay a fine of $200 in order to get your computer unblocked. However, No institution would lock your PC and ask you to pay fines. Federal Bureau Investigation virus is a scam and you should not trust these messages.

We have seen this type of viruses already, so it’s clear that Federal Bureau Investigation is just one more version of the threats that use a name of FBI to look more legitimate and get money from random computer users by scaring them. You may have already heard about FBI ransomware, Police Central e-Crime Unit ransomware, FBI Moneypak virus and others. Do not get tricked by Federal Bureau Investigation virus. All these programs are very dangerous and they must be removed as soon as possible.

In order to remove Federal Bureau Investigation virus, follow the steps below:

  1. Reboot and press F8 while PC is booting
  2. Choose safe mode with networking
  3. Launch MSConfig
  4. Disable startup items rundll32 launching something from Application Data
  5. Reboot. FBI ransomware should not load.
  6. Download https://www.2-viruses.com/downloads/spyhunter-i.exe and scan your PC.

If that doesn’t work try the folowing steps:

  1. Reboot, and launch task manager (CTRL+SHIFT+ESC ) while your programs are loading. It should run under YOUR user permissions, not system.
  2. Kill malware process using task manager in process tab.
  3. Download and scan with https://www.2-viruses.com/downloads/spyhunter-i.exe , Hitman Pro or spyhunter.

Automatic Malware removal tools

Download Spyhunter for Malware detection
(Win)

Note: Spyhunter trial provides detection of parasites and assists in their removal for free. limited trial available, Terms of use, Privacy Policy, Uninstall Instructions,

Download Combo Cleaner for Malware detection
(Mac)

Note: Combo Cleaner trial provides detection of parasites and assists in their removal for free. limited trial available, Terms of use, Privacy Policy, Uninstall Instructions, Refund Policy ,

Manual removal

16 responses to “Federal Bureau Investigation virus

  1. I couldn’t find that DLL or anything under App Data, so i disabled they entire start up as followed on the first step. Rebooted and it didn’t come up. Just incase if anyone else has this problem. Now running an anti-virus by AVG. Then next i’m spyhunting the sucker!

  2. I didn’t do any of that I just unhooked my internet connection which if you do it will not pop up then I restored my computer to and earlier date, has anyone done this if so tell me if it came back, this was the best and fastes way for me

  3. I use a computer program call spybot search and destroy. That program is a pretty good one anything bad on your computer that shouldn’t be there the program will fix it.

  4. I trued to reboot my computer by pressing restart then f8 but nothing popped up except the virus.I’m not sure if I need to shit the computer down then try everything again?

  5. paul: You either pressed F8 in from moment, or ransomware disabled safe mode (you would see a message that safe mode is disabled).
    If you can’t get in safe mode, burn a Norton Power Eraser CD and boot PC from it. Do a scan.

  6. Linus : Worst case – use alternate OS scanners from CD/DVD. You will have to burn them on non-infected PC, and later boot the infected one from one of these. Norton Power Eraser, Avira Boot CD, Kaspersky Rescue disk, etc

  7. Removed it in safe mode a few days ago with spybot search and destroy.
    Last night it was back !
    Even in safe mode,with or without networking and modem disconnected,it keeps popping up.
    Giedrius,I hope your advice, booting from rescue cd ,is going to work.
    Thanks in advance.

  8. Werner: it is different trojan this time, so Spybot missed a trojan downloader or you got reinfected. Spybot is quite inefficient with its checks in my opinion, I recommend it against PUPs / Adware mostly usually, where it is quite OK.

  9. i tried doing it myself by press f8 that worked but when I tried to do the windows r it would log off and restart in about two seconds I was not able to fix the problem does anyone have a solution for me?

  10. If the steps in this article above do not work, run a system restore to factory settings. This will wipe your entire hardrive, and require you to create a new user. If the computer asks you to back up your files, don’t do it, even if you have important files in there, the virus can and very likely will infect one of the files you backed up and you will have the same problem. Be sure to start up your computer and do not set up wirless untill you are 100% sure that the virus is no longer on your computer. Do this on Windows XP or higher operating system, for Mac and Linux, I have no idea about how to do it on those. This worked 100% and rid the computer of the virus.

  11. In windows 7 I just use ” control,alt,delete” to start the Task Manager. Select the applications button and the virus is listed. Right click the virus and click “end” in popup menu.
    I have run a virus scan afterwards but never find anything. Works for all similar virus that lock your screen.

Leave a Reply

Your email address will not be published. Required fields are marked *