FBI Virus

What is FBI Virus?

If you have following the computer security news you probably know that FBI Virus has been one of the most prominent infections in 2012. Consequently, it does not seem to give up the position in 2013 as well. There is a great number of FBI Virus versions, all localized for a particular country and distributed by a number of Trojans, including Trojan.Urausy, Trojan.Reveton, Trojan.Revoyem and a list of others. FBI Virus in general is a ransomware program which locks down your computer, and then displays a fraudulent screen-sized notification which is supposed to convince the terrified computer user that he has been involved in criminal activity.

testtesttesttest 100% FREE spyware scan and
tested removal of FBI Virus*

Where does FBI Virus come from?

Considering that almost all versions of FBI Virus are distributed by Trojan infections, it is very likely that you got infected with malware prior to the computer lock out. FBI Virus belongs to a ransomware group called Ukash Virus family, and these infections have different distribution channels.

For example, some versions of FBI Virus might be distributed via pornography websites, with malicious links embedded in flash advertisements. Clicking on such an advertisement, results in ransomware infection. Some types of ransomware programs might also be distributed by a rootkit, which is even more dangerous to your system, as rootkit removal is highly complicated.

The point is that you need to employ safe web browsing in order to avoid FBI Virus, but in case you have gotten infected already, you need to tell the threat apart from an official FBI message.

What are the versions of FBI Virus?

There is one thing in common among all FBI Virus versions – this infection denies desktop access and requires you to pay a designated fine in order to “avoid” criminal charges. Needless to say, that these claims are false and the scam has been devised to swindle you out of your money, but here are some different versions of FBI Virus and how to tell them apart:

FBI Virus – this ransomware infection requires users to pay a 200$ fine via greendot MoneyPak in order to unlock the computer. Just like many other ransomware programs, this staple example of malicious scam, gives you 72 hours to pay up, and then it threatens that the FBI will initiated a criminal case against you automatically for violating Copyright and Related Rights Law.

FBI Cybercrime Division virus – it is yet another ransomware infection that pretends to be a legal representative of the FBI cybercrime division, and that infects even users outside the United States. It is distributed by Devdar botnet and this infection claims that all of your data has been encrypted. Once again, it asks you to pay a $200 fine via MoneyPak to restore your desktop access.

FBI PayPal Virus – this infection makes use not only of the FBI name; it involves the legal payment system PayPal as well. Rather than asking you to transfer the money ($100 in this case) via Moneypak like the most of Ukash infections, FBI PayPal Virus presents PayPal as the system that is supposed to be use for fine payment. Needless to say, that the ransomware requirements cannot be met.

FBI MoneyPak Redirect Virus –the staple infection that basically started the entire Ukash virus invasion. Notoriously, it presents a screen-sized notification that claims you have been involved in illegal distribution of copyright content, and therefore you must pay a $100 fine via MoneyPak within 48 hours if you wish to avoid criminal charges. Once again, the accusations are absolutely void.

FBI Ultimate Game Card Virus – this ransomware infection presents yet another “financial partner” that is supposed to help the FBI collect various fines for your criminal activity. The penalty required by FBI Ultimate Game Card Virus is that of $100, and you are told to transfer the money via Ultimate Game Card. Should the procedure be successful, your computer will be unblocked automatically. Naturally, such claims are absolute lies.

Urausy FBI Moneypak Virus – the difference between this infection and FBI MoneyPak Virus is that Urausy FBI Moneypak Virus is distributed by Urausy Trojan. There is a great number of infections distributed by Urausy Trojan, and all of them impersonate local law enforcement authorities. This threat also requires users to transfer a $200 fine via MoneyPak, claiming that it is the only way to unlock their computers.

FBI Anti Piracy Warning Virus – this infection has been detected in October 2012. It pretends to be certified by McAfee security alliance, pushes the user to send $200 via MoneyPak. According to the infection, the computer has been locked because of illegal downloaded material. Unlike other Ukash infections, this one does not try to convince users that they have been involved in pornography distribution.

The ICE Cyber Crime Center – ICE Virus – although this infection does not have the word “FBI” in its name, it is still the same type of infection that locks your desktop and demands a ransom payment. This time it pretends to be a legal representative of the ICE Cyber Crimes Center. The infection is distributed by Reveton Trojan, and it claims that the release fee is $400. Although it seems that you have only 48 hours to pay up, but you should not mind that.

Interpol Virus – this ransomware infection infects users in various countries and therefore the fine varies from $300 to €300. The money transfer systems are also different, ranging from Greendot MoneyPak to CashU. The users have to be aware that Interpol does not lock up their systems and it cannot require paying fines from non-existent crimes. Therefore, Interpol Virus claims must be ignored.

How to remove FBI Virus?

The most important thing to realize when you get infected with ransomware is that paying is not an option, and you will literally be robbed if you transfer the “fine” via Moneypak or any other alternative payment service. You need to take control of your system, and in order to remove FBI Virus you must unlock your screen. Here you will find the instructions on how to unlock the PC, and once you have your desktop back, invest in a reliable antimalware program that will terminate FBI Virus automatically. Keep in mind, that there might be other dangerous Trojans lurking in your system, so it is important that you run a full PC scan and delete all the detected threats immediately.

How to restore desktop access

Windows 8

  1. Press Windows key and metro GUI will open.
  2. Click the built-in Internet Explorer tile.
  3. Type http://www.anti-spyware-101.com/download-sph into the address bar and hit Enter.
  4. Click Run on the download dialog box and install SpyHunter.
  5. Run a full system scan.

Windows Vista & Windows 7

  1. Restart the PC and tap F8 repeatedly until Advanced Boot Options menu shows up.
  2. Use arrow keys to navigate and select Safe Mode with Networking. Press Enter.
  3. Access http://www.anti-spyware-101.com/spyhunter and download SpyHunter.
  4. Install the program and scan your PC.

Windows XP

  1. Follow the steps 1 and 2 above.
  2. Click Yes on Confirmation box.
  3. Download SpyHunter.
  4. Open Start menu and launch Run.
  5. Enter “msconfig” into Open box and click OK.
  6. Select Startup tab on System Configuration Utility.
  7. Click Disable all and press OK.
  8. Reboot the PC in Normal Mode.
  9. Install SpyHunter and launch a full system scan.

Should you have any questions regarding FBI Virus or its removal, do not hesitate to leave a comment below.

100% FREE spyware scan and
tested removal of FBI Virus*


Leave a Comment

Enter the numbers in the box to the right *