FBI Virus

What is FBI Virus?

FBI Virus is a ransomware infection whose different versions are known widely to computer users in different countries. The virus locks down the system down which results in its immobility and generates a hoax saying that the FBI has locked the PC. There is more than one interface version of FBI Virus, which should be removed from the system immediately.

The term under which the infection is classified suggests that the primary aim of the virus is to get money from unsuspecting users. The message displayed by the virus claims that the user is to blame for illegally obtaining and using music, movies or software. Below you will find excerpts from three variants of the FBI virus:

Illegally downloaded material (MP3’s, Movies or software) has been located on your computer.

You have been violating Copyright and Related Rights Law (Video, Music, Software) and illegally using or distributing copyrighted content […].

FBI Virus 100% FREE spyware scan and
tested removal of FBI Virus*

As you can see, the first two extracts are identical; however, they are found in different versions of the virus. The same or very similar false allegations are present in such cases of the ransomware virus as Latvijas Policijas Virus, European Law Enforcement Agency Virus, Politia Romana Virus, and others. All the viruses are called Ukash viruses, because this electronic cash payment service is provided in almost every message of the virus. In this particular case of FBI Virus, the users are supposed to pay money through MoneyPak:

Take your cash to one of these retail locations:
Pick up a MoneyPak and purchase it with cash at the register.
Come back and enter your MoneyPak code to unlock your Computer.

In the other versions of the virus, the user is being rushed to pay a ransom in this way:

To unlock your computer and to avoid other legal consequences, you are obliged to pay a release fee of $200.

To unlock the computer, you must pay the fine through MoneyPak of 100$.

Please keep in mind that cyber criminals want your money, which is why you should not trust the message containing the credentials of the FBI and saying that you may be prosecuted if the ransom money is not paid. Instead, you should remove the virus which is responsible for your inconvenience.

Our Anti-Spyware-101.com team recommends that you use SpyHunter, which will remove the virus and safeguard the system. However, in the case of ransomware infection, you should note that it is important to follow certain procedure in order to install the spyware removal tool. Below you will find step-by-step guideless on how to install the recommended tool:

Windows Vista & Windows 7:

1. Restart the computer.
2. Wait until the BIOS screen (information about your hardware) disappears and immediately start tapping the F8 key. Repeat the procedure if your Windows loads up normally.
3. When a boot option menu appears, use arrow keys to select Safe Mode with Networking and press Enter.
4. Go to http://www.anti-spyware-101.com/download-sph and download SpyHunter.
5. Install the program and scan the system to detect and remove the infection.

Windows XP:

1. Restart the computer.
2. Once the BIOS screen disappears, start tapping the F8 key.
3. Use arrow keys on your keyboard to move to Safe Mode with Networking and press Enter.
4. Click Yes in the dialog box.
5. Open the Start menu.
6. Launch Run.
7. Type “msconfig” in the run dialog box.
8. Press OK to open System Configuration Utility.
9. Click on the Startup tab.
10. Click on the Disable All button and then on OK.
11. Download SpyHunter and restart the computer.
12. Install the tool downloaded and remove FBI Virus.

QR Code 100% FREE spyware scan and
tested removal of FBI Virus*

Stop these FBI Virus Processes:

DircxtX.exe

Remove these FBI Virus Files:

style.bmp
style.jpg
2HMwR.com
DircxtX.exe
Disclaimer
Disclaimer
  1. do u have anything for windows 8, i\’ve tried using the F8 but it goes directly to the sign on screen, is any suggestions?

    Thank you

    • Remove from Windows 8:

      Tap the Windows key on the keyboard to access the Metro UI start screen and launch the Internet browser.
      Download an automatic malware removal tool from http://www.anti-spyware-101.com/download-sph
      Install the tool, perform a full system scan and delete discovered threats.

  2. Good Post

  3. I have the FBI Trojan but when following the instructions
    For removal from Vista, the screen still comes up
    An wont allow me to go to the Internet to downlowd
    Spy’hunter

    • Hello Joe,

      Some versions block Safe Mode with Networking, so in this case I suggest to use Safe Mode with Command promt but this is a little bit more difficult to remove:

      1.Restart Computer in Safe Mode with Command Prompt.
      2.Run Regedit
      3.Now Search for WinLogon Entries. There will be a key labeled Shell. Replace them with explorer.exe or it should be blank.
      4.Search registry for FBI Virus files and remove them.
      5.Try to reboot into normal mode and scan with Spyhunter.
      6.If this fails, try doing system restore (rstrui.exe) from safe mode with command prompt.

      Good Luck

  4. I have windows XP and got the FBI virus. It will not let me download Spy’hunter. I can not get to the desk top before the screen freezes. Is there a way to restore the system.
    Thanks,
    James H.

  5. this is one of the great ideas that adds to us more and more…. really any invention comes bring us all the time new things that can make us feel happy…. so really this is a great ideas because all what i have say is just to thank you so much ……………………………………….

  6. Hi,
    The images of this virus showed up on my computer, I shut my computer down(absolutely terrified out of my mind) I then turned my computer back on and have had no problems what so ever. I have had Norton and malwayrebytes both run full scans, and they have come up with nothing. I have no idea if my computer is at risk or not. Even with all the scans I still feel at ease. Does this possibly mean my computer is not infected?

Leave a Comment

Enter the numbers in the box to the right *