Click on screenshot to zoom
Danger level 8
Type: Malware
Common infection symptoms:
  • Installs itself without permissions
  • Changes background
  • Connects to the internet without permission
  • Slow Computer

FBI Federal Bureau of Investigation Virus

There is one important thing that users have to realize about FBI Federal Bureau of Investigation Virus – it is a scam created to swindle them out of their money. It is a ransomware application that displays a fraudulent message on your screen, claiming that you have violated the federal law of the United States. The malicious program locks down your computer and unless you remove FBI Federal Bureau of Investigation Virus from your computer, you will not be able to access your desktop. Luckily, it is possible restore your desktop access on your own, so scroll down to the end of the description for the instructions on how to unlock your PC.

If you are wondering where FBI Federal Bureau of Investigation Virus comes from, the answer is very simple – it is part of the notorious Ukash Virus group. Perhaps you have heard of the most “famous” program from the family – FBI MoneyPak. These infections have been torturing users worldwide for some time now, and there is an infection localized for almost every wired country out there, although technically all these programs are more or less the same. There are Royal Canadian Mounted Police Virus, ICSPA Virus, New Zealand E-Crime Lab Virus and many others. Just like FBI Federal Bureau of Investigation Virus, all these infections block your desktop access because they expect you to pay a fine for something you have not done.

Naturally, the screen-sized message may look threatening especially as it is adorned with the FBI insignia, but so far the FBI does not have the jurisdiction to lock down your personal computers, so you should not believe a single word you see on your screen:

All activities of this computer has been recorded. All your files are encrypted. Don’t try to unlock your computer!
This PC is blocked due to at least one of the reasons specified below.
You have been subjected to violation of Copyright and Related Rights Law (Video, Music, Software) and illegally using or distributing copyrighted contents, thus infringing Article 1, Section 8, Clause 8, also known as the Copyright of the Criminal Code of the United States of America. […]
To unlock your computer and to avoid other legal consequences, you are obliged to pay a release fee of $300.

As you can see FBI Federal Bureau of Investigation Virus expects you to pay a significant amount of money, saying that it is the only way to unlock your computer. It also claims that unless you pay the fine, your information will forward to the court and a criminal case will be initiated against you. You have to stand your ground, not succumbing to the program’s threats. Follow the instructions below and unlock your desktop. Then you will be able to remove FBI Federal Bureau of Investigation Virus using a legitimate computer security application.

How to restore desktop access

Windows 8

  1. Press the Windows key and the Metro UI will show up.
  2. Click Internet Explorer tile and enter http://www.pcthreat.com/download-sph into the address bar. Hit Enter.
  3. Click Run on the download dialog box and install SpyHunter.
  4. Run a full system scan with the program.

Windows Vista & Windows 7

  1. Restart the PC and tap F8 repeatedly until Advanced Boot Options menu appears.
  2. Select Safe Mode with Networking and press Enter.
  3. Access http://www.pcthreat.com/download-sph and download SpyHunter.
  4. Install the program and run a full system scan.

Windows XP

  1. Follow the steps 1 and 2 above.
  2. Click Yes on the Confirmation dialog box.
  3. Download SpyHunter.
  4. Open Start menu and click Run.
  5. Enter “msconfig” into the Open box and click OK.
  6. Open Startup tab on System Configuration Utility.
  7. Click Disable all and press OK.
  8. Reboot the PC in Normal mode.
  9. Install SpyHunter and perform a full PC scan.

If you have any questions on how to remove FBI Federal Bureau of Investigation Virus from your computer, you can always leave a comment below.

Download Spyware Removal Tool to Remove* FBI Federal Bureau of Investigation Virus
  • Quick & tested solution for FBI Federal Bureau of Investigation Virus removal.
  • 100% Free Scan for Windows
disclaimer

How to manually remove FBI Federal Bureau of Investigation Virus

Files associated with FBI Federal Bureau of Investigation Virus infection:

msshell.exe
%APPDATA%\updates
rool0_pk.exe
wlsidten.dll
bvhylsviw.exe
ifgxpers.exe
Nbt.exe
Other.res
securitywindrv.exe
2084473.dll
scvhost.exe
ACEIEAddOn.dll
secproc_isv.exe
xlqbteeb.exe
DLL321.dll
OmaSG21e.exe
00b5d693.exe
%WINDIR%\Temp
%TEMP%
NTServiceManager.exe
dqnbdq7.dss
{097444e7-2d87-ba3c-2efe-9f54812d824a}.exe
videotwisterSA.exe
jsdhlexdqkllnbcxgai.bfg
ssntvs.exe
ctfmon.exe
wpbt0.dll
svchost.exe
csrsss.exe
%ALLUSERSPROFILE%
%LOCALAPPDATA%\lollipop
%APPDATA%\system
WinSyncMetastore.exe
wgsdgsdgdsgsd.exe
administration.exe
dyjdl.exe
96dddda4.dll
brenasa.exe
ubvhynpxh.exe
msdtmsrd.exe
iner.exe
crack.exe
setex.exe
comeo.exe
87b2cb3916261d5c807bf44262755cb0.exe
pYunY8m4VL3qLc.exe
bf8h8d02hf.exe
wlsidten.exe
%ALLUSERSPROFILE%\Application Data
uenovfiu.exe
%WINDIR%\system32
taskhost.exe.exe
systemcpl.exe
xctqakcqbeo.dll
audipbrd.exe
install_0_msi.exe
msn.exe
Updating.exe
%LOCALAPPDATA%\Temp
najeoxtt.exe
skype.dat
%APPDATA%\Task Scheduler
m2PythonLoader.exe
oygqyunapnp.exe
C87C.exe
msavfit.exe
00qbipeq.exe
zqmkrehUkpoKfsafsaZg.exe
mplayer2.exe
WINDED6.exe
TimeDateMUICallback.exe
hwj3ba6j.dss
obvwo.exe
SyncHostps.exe
wjthvwjb.dss
dtkmujvo.exe
ieudator.dll
%CommonProgramFiles%
ex3b.dll
50E1.exe
n.
aPr0hY9.exe
Q3d38543.exe
sqlncli.exe
questscan.dll
idiokbbrv.exe
%AppData%
JfCqQ5JC.exe
pmstcdjwz.exe
b34btbztdb0vavaw.exe
gcrwcoak.exe
wahneaqa.exe
魔法桌面第三方主题破解补丁V1.1.exe
UpgradeHelper.exe
VaultSysUi.exe
%SystemDrive%\????????????
DA0B.exe
p1.exe
3511172082012Build.exe
Firewallservice.exe
acuvzomo.exe
MusicCollector.exe
yaiiwockc.dll
UpdatePriv.exe
xaZYOVJW.exe
cf6640a77ed4926a4c6be661ab93def9d13408753dd07e8d02836996a2f247b6.exe
Piranha.exe
xmlfilter.exe
Task Scheduler.exe
%UserProfile%
msnmsgrr.exe
puozlkmyj.dll
rvcbcyks.exe
bzsbkotiu.exe

FBI Federal Bureau of Investigation Virus DLL's to remove:

DLL321.dll
ACEIEAddOn.dll
ex3b.dll
ieudator.dll
wpbt0.dll
questscan.dll
96dddda4.dll
puozlkmyj.dll
wlsidten.dll
2084473.dll
yaiiwockc.dll
xctqakcqbeo.dll

FBI Federal Bureau of Investigation Virus processes to kill:

aPr0hY9.exe
mplayer2.exe
crack.exe
ssntvs.exe
brenasa.exe
setex.exe
xmlfilter.exe
Q3d38543.exe
SyncHostps.exe
TimeDateMUICallback.exe
UpgradeHelper.exe
taskhost.exe.exe
dtkmujvo.exe
DA0B.exe
administration.exe
wlsidten.exe
pmstcdjwz.exe
cf6640a77ed4926a4c6be661ab93def9d13408753dd07e8d02836996a2f247b6.exe
najeoxtt.exe
Firewallservice.exe
WINDED6.exe
bvhylsviw.exe
wahneaqa.exe
魔法桌面第三方主题破解补丁V1.1.exe
msn.exe
uenovfiu.exe
WinSyncMetastore.exe
p1.exe
Task Scheduler.exe
sqlncli.exe
{097444e7-2d87-ba3c-2efe-9f54812d824a}.exe
ctfmon.exe
xlqbteeb.exe
oygqyunapnp.exe
msdtmsrd.exe
Piranha.exe
3511172082012Build.exe
m2PythonLoader.exe
securitywindrv.exe
OmaSG21e.exe
C87C.exe
87b2cb3916261d5c807bf44262755cb0.exe
00qbipeq.exe
xaZYOVJW.exe
Updating.exe
systemcpl.exe
dyjdl.exe
scvhost.exe
csrsss.exe
rool0_pk.exe
idiokbbrv.exe
NTServiceManager.exe
comeo.exe
VaultSysUi.exe
msavfit.exe
iner.exe
svchost.exe
50E1.exe
bzsbkotiu.exe
wgsdgsdgdsgsd.exe
msshell.exe
videotwisterSA.exe
bf8h8d02hf.exe
secproc_isv.exe
Nbt.exe
ubvhynpxh.exe
MusicCollector.exe
zqmkrehUkpoKfsafsaZg.exe
msnmsgrr.exe
UpdatePriv.exe
b34btbztdb0vavaw.exe
ifgxpers.exe
gcrwcoak.exe
rvcbcyks.exe
install_0_msi.exe
audipbrd.exe
acuvzomo.exe
obvwo.exe
pYunY8m4VL3qLc.exe
00b5d693.exe
JfCqQ5JC.exe
Disclaimer

Comments

  1. hitesh Jul 24, 2014

    MY CELLPHONE IS HACKED
    WHAT DO I DO NOW
    MY CELLPHONE IS NOKIA X

  2. Eric Oct 17, 2014

    How do i stop anyone from hacking into my phone or my email the reason why is because it happened just recently with my phone

Post comment — WE NEED YOUR OPINION!

Comment:
Name:
Please enter security code:
This is a captcha-picture. It is used to prevent mass-access by robots.