Page 1

FBI Ransom Malware Removing the FBI virus from Windows Vista The FBI Virus has been one of the most prominent infections in 2012. It, unfortunately, holds fast on its position in 2013 as well. There is a great number of FBI Virus versions, all localized for a particular country and distributed by a number of Trojans, including Trojan.Urausy, Trojan.Reveton, Trojan.Revoyem and a list of others. FBI Virus Removal operates in a similar fashion as other ransomware programs which lock down your computer, and then display a fraudulent screen-sized notification that the user’s computer has been locked due to their involvement in criminal activity. Considering that almost all versions of FBI Virus are distributed by Trojan infections, it is very likely that you got infected with malware prior to the computer lock out. FBI Virus belongs to a ransomware group called Ukash Virus family, and these infections have different distribution channels. For example, some versions of FBI Virus might be distributed via pornography websites, with malicious links embedded in flash advertisements. Clicking on these advertisements could result in the infection of the computer. Some types of ransomware programs might also be distributed by a rootkit, which is even more dangerous to your system, as rootkit removal is highly complicated. This message usually will demand user to pay a $100 penalty for this offense through MoneyPak. This method is a payment system that allows user to buy credit from any partner convenience store and use the value to purchase online. This process obviously reveals that FBI is not in any way connected to this fraud activity. Most of the text that

lies in this ransom page is copied from previous ransom malware that belong to the same group. Here is a recommended method to get rid of the FBI virus from your Windows Vista PC Start Windows in Safe Mode

1. First thing you should do is reboot the computer in Safe Mode to avoid FBI – Your PC is Blocked from loading at start-up. To start Windows in Safe Mode, please do the following: a. Remove all media such as floppy drives, CD, DVD and USB devices. Then, restart the computer. b. Before Windows begins to load, press F8 on your keyboard. c. It will display the Advanced Boot Options menu. Select Safe Mode. d. Windows will now start in Safe Mode and at the same time will load necessary drivers so that you can access the Internet. Delete files dropped by FBI – Your PC is Blocked

2. Go to Start, type %appdata% in the search box and press Enter on your keyboard. This will open the invisible folder called AppData where some files of FBI – Your PC is Blocked are stored. 3. Next, proceed to the folder Roaming > Microsoft > Windows > Start Menu > to see the shortcut link that calls the ransom program each time you start Windows. Delete the said file. 4. Go to Start, type userprofile in the search box and press Enter. This will open a folder that contains other files of FBI – Your PC is Blocked. Remove FBI – Your PC is Blocked start-up entry with MSCONFIG of Windows 6. Go to Start, type msconfig in the search box and press Enter on your keyboard. System Configuration window will open. 7. Click on Startup tab. You will see a list of programs that runs when Windows starts. Disable the entry that belongs to the virus by removing the check mark beside the item. Click OK to save the setting. Refer to the image below. Run Anti-malware scan to check and delete other threats

Run Anti-malware scan to check and delete other threats 8. Choose appropriate Anti-malware software to completely delete the virus. Select Perform full scan on main screen to check your computer thoroughly. 9. Make sure that all detected threats are checked, click on Remove Selected. This will delete all files and registry entries that belongs to FBI – Your PC is Blocked. 10. Finally, restart your computer. For more info : visit us here #Remove FBI Virus #FBI Virus

Dec 12th, 2013

#FBI Green Dot Moneypak virus

#FBI Moneypak virus

#FBI Virus Removal

Fbi ransom malware isupport365  

The FBI Moneypak virus will disable the Windows desktop and replace it with a full screen message that demands money. The message also indic...