Remove FBI “Your PC is blocked” virus (Removal Instructions)

The FBI MoneyPak Ransomware is a computer virus, which will display a bogus alert, that pretends to be from the Federal Bureau of Investigation and states that your computer has been blocked due to it being involved with the distribution of pornographic material, SPAM and copyrighted content.
The FBI virus will lock you out of your computer and applications, so whenever you’ll try to log on into your Windows operating system or Safe Mode with Networking, it will display instead a lock screen asking you to pay a non-existing fine of 100$ in the form of a MoneyPak code.
Furthermore, to make this alert seem more authentic, this virus also has the ability to access your installed webcam so that the alert shows what is happening in the room.

If your computer is infected with FBI virus,then you are seeing any of the below screens:

The bogus notification from the FBI will display the following message:

The FBI

Federal Bureau of Investigation

ATTENTION!
IP: xxx.xxx.xxx
Location: Your Country Here
IPS: Your ISP Here

Your PC is blocked due to at least one of the reasons specified below.

You have been violation Copyright and Related Rights Law (Video, Music, Software) and illegally using or distributing copyrighted content, thus infringing Article I, Section 8, Clause 8, also known as the Copyright of the Criminal Code of United States of America.

Article I, Section 8, Clause 8 of the Criminal Code provides for a fine of two to five hundred minimal wages or a deprivation of liberty for two to eight years.

You have been viewing or distributing prohibited Pornographic content (Child Porno, Zoofilia and etc). Thus violating article 202 of the Criminal Code of United States of America. Article 202 of the Criminal Code provides for a deprivation of liberty for four to twelve years.

Illegal access has been initiated from your PC without your knowledge or consent, your PC may be infected by malware, thus you are violating the law of Neglectful Use of Personal Computer. Article 210 of the Criminal Code provides for a fine of up to $100,000 and/or a deprivation of liberty for four to nine years.

Pursuant to the amendment to the Criminal Code of United States of America of May 28, 2011, this law infringement (if it is not repeated – first time) may be considered as conditional in case you pay the fine to the State.

Fines may be paid within 72 hours after the infringement. As soon as 72 hours elapse, the possibility to pay the fine expires, and a criminal case is initiated against you automatically within the next 72 hours!

To unblock the computer, you must pay the fine through MoneyPak of 100$.

The FBI notification is a scam, and you should ignore any alert that this malicious software might generate.
Under no circumstance should you send any money via MoneyPak to these cyber criminals, as this could lead to identity theft,and if you have, you can request a refund from MoneyPak stating that the payment was due to a scam and a computer virus.

FBI MoneyPak Virus Removal Guide

This page is a comprehensive guide, which will remove the FBI Computer Locked infection from your your computer. Please perform all the steps in the correct order. If you have any questions or doubt at any point STOP and ask for our assistance.
The FBI Computer Locked will start automatically when you login to your computer and display its screenlocker so that you are unable to access your computer, therefore we will need to remove this infection by using any of the below methods:
OPTION 1: Remove FBI Computer Locked lock screen virus with System Restore
OPTION 2: Remove FBI Computer Locked virus with with HitmanPro Kickstart
OPTION 3: Remove FBI Computer Locked virus with Kaspersky Rescue Disk

OPTION 1: Remove FBI Computer Locked lock screen virus with System Restore

System Restore helps you restore your computer’s system files to an earlier point in time. It’s a way to undo system changes to your computer without affecting your personal files, such as e‑mail, documents, or photos.
Because the FBI Computer Locked virus will not allow you to start the computer in Windows regular mode, we will need to start System Restore from the Safe Mode with Command Prompt mode.

STEP 1: Restore Windows to a previous state using System Restore

  1. Reboot your computer into Safe Mode with Command Prompt. To do this, turn your computer off and then back on and immediately when you see anything on the screen, start tapping the F8 key on your keyboard.
    [Image: F8 key]
    If you are using Windows 8, the trick is to hold the Shift button and gently tap the F8 key repeatedly, this will sometimes boot you into the new advanced “recovery mode”, where you can choose to see advanced repair options. On the next screen, you will need to click on the Troubleshoot option, then select Advanced Options and select Windows Startup Settings. Click on the Restart button, and you should now be able to see the Advanced Boot Options screen.
  2. Using the arrow keys on your keyboard, select Safe Mode with Command Prompt and press Enter on your keyboard.
    [Image: Starting computer in Safe Mode with Command Prompt]
  3. At the command prompt, type rstrui.exe, and then press ENTER.
    [Image: Start System Restore to remove lock screen virus]
    Alternatively, if you are using Windows Vista, 7 and 8, you can type: C:\windows\system32\rstrui.exe , and press Enter. And if you are a Windows XP user, type C:\windows\system32\restore\rstrui.exe, then press Enter.
  4. System Restore should start, and you will display also a list of restore points. Try using a restore point created just before the date and time the FBI Computer Locked lock screen virus has infected your computer.
    [Image: Restore settings to remove ransomware]
  5. When System Restore has completed its task, start your computer in Windows regular mode, and perform a scan with Malwarebytes Anti-Malware and HitmanPro, as seen in the next step.

STEP 2: Remove FBI Computer Locked malicious files with Malwarebytes Anti-Malware Free

Even after using System Restore,

  1. You can download Malwarebytes Anti-Malware Free from the below link, then double-click on the icon named mbam-setup.exe to install this program.
    MALWAREBYTES ANTI-MALWARE DOWNLOAD LINK(This link will open a download page in a new window from where you can download Malwarebytes Anti-Malware Free)
  2. When the installation begins, keep following the prompts in order to continue with the setup process, then at the last screen click on the Finish button.
    [Image: Malwarebytes Anti-Malware final installation screen]
  3. On the Scanner tab, select Perform quick scan, and then click on the Scan button to start searching for the FBI Computer Locked malicious files.
    [Image: Malwarebytes Anti-Malware Quick Scan]
  4. Malwarebytes’ Anti-Malware will now start scanning your computer for FBI Computer Locked virus as shown below.
    [Image: Malwarebytes Anti-Malware scanning for FBI Computer Locked
  5. When the Malwarebytes Anti-Malware scan has finished, click on the Show Results button.
    [Image: Malwarebytes Anti-Malware scan results]
  6. You will now be presented with a screen showing you the computer infections that Malwarebytes Anti-Malware has detected. Make sure that everything is Checked (ticked), then click on the Remove Selected button.
    [Image: Malwarebytes Anti-Malwar removing FBI Computer Locked  virus]

STEP 3: Double-check for the FBI Computer Locked virus with HitmanPro

  1. You can download HitmanPro from the below link:
    HITMANPRO DOWNLOAD LINK (This link will open a web page from where you can download HitmanPro)
  2. Double-click on the file named HitmanPro.exe (for 32-bit versions of Windows) or HitmanPro_x64.exe (for 64-bit versions of Windows). When the program starts you will be presented with the start screen as shown below.
    HitmanPro scanner
    Click on the Next button, to install HitmanPro on your computer.
    HitmanPro installation
  3. HitmanPro will now begin to scan your computer for FBI Computer Locked malicious files.
    HitmanPro detecting for FBI Computer Locked  virus
  4. When it has finished it will display a list of all the malware that the program found as shown in the image below. Click on the Next button, to remove FBI Computer Locked virus.
    HitmanPro scan results
  5. Click on the Activate free license button to begin the free 30 days trial, and remove all the malicious files from your computer.
    [Image: HitmanPro 30 days activation button]

OPTION 2: Remove FBI Computer Locked virus with with HitmanPro Kickstart

If you cannot start your computer into Safe Mode with Command Prompt mode, we can use the HitmanPro Kickstart program to bypass FBI Computer Locked lock screen.
As the FBI Computer Locked ransomware infection locks you out of your computer, you will need to create a bootable USB drive that contains the HitmanPro Kickstart program.
We will then boot your computer using this bootable USB drive and use it to clean the infection so that you are able to access Windows normally again.
You will also need a USB drive, which will have all of its data erased and will then be formatted. Therefore, only use a USB drive that does not contain any important data.

  1. Using a “clean” (non-infected) computer, please download HitmanPro Kickstart from the below link.
    HITMANPRO DOWNLOAD LINK (This link will open a download page in a new web page from where you can download HitmanPro Kickstart)
  2. Once HitmanPro has been downloaded, please insert the USB flash drive that you would like to erase and use for the installation of HitmanPro Kickstart. Then double-click on the file named HitmanPro.exe (for 32-bit versions of Windows) or HitmanPro_x64.exe (for 64-bit versions of Windows).
    To create a bootable HitmanPro USB drive, please follow the instructions from this video:
  3. Now, remove the HitmanPro Kickstart USB drive and insert it into the FBI Computer Locked infected computer.
  4. Once you have inserted the HitmanPro Kickstart USB drive, turn off the infected computer and then turn it on. As soon as you power it on, look for text on the screen that tells you how to access the boot menu.
    [Image: Windows Boot Menu screens]
    The keys that are commonly associated with enabling the boot menu are F10, F11 or F12.
  5. Once you determine the proper key (usually the F11 key) that you need to press to access the Boot Menu, restart your computer again and start immediately tapping that key. Next, please perform a scan with HitmanPro Kickstart as shown in the video below.
  6. HitmanPro will now reboot your computer and Windows should start normally. Then please Malwarebytes Anti-Malware and HitmanPro, and scan your computer for any left over infections.

OPTION 3: Remove FBI Computer Locked virus with Kaspersky Rescue Disk

If any of the above methods did not clean your infected computer, we can use a Kaspersky Rescue Disk Bootable to clean the Windows registry and to perform a system scan to remove the FBI Computer Locked virus.
To create a bootable Kaspersky Rescue Disk, we will need the following items:

  • A clean (non-infected) computer with Internet access
  • A blank DVD or CD
  • A computer with a DVD or CD burner

STEP 1: Download and create a bootable Kaspersky Rescue Disk CD

  1. You can download Kaspersky Rescue Disk utility from link below:
    KASPERSKY RESCUE DISK DOWNLOAD LINK (This link will automatically download Kaspersky Rescue Disk (kav_rescue_10.iso) on your computer.)
  2. To create the bootable rescue disk, we will need to use the ImgBurn program. You can download ImgBurn from the below link, then install this program.
    IMGBURN DOWNLOAD LINK (This link will open a new page from where you can download the ImgBurn program)
  3. Insert your blank DVD or CD in your burner, then start ImgBurn and click on the Write image file to disc button.
  4. Under Source click on the Browse for file button, then navigate to the location where you previously saved the Kaspersky Rescue Disk utility (kav_rescue_10.iso), then click on the Write button.
    [Image: Bootable Kaspersky Rescue CD]
    That’s it, ImgBurn will now begin writing your bootable Kaspersky Rescue Disk.

STEP 2: Start your computer using the Kaspersky Rescue Disk

  1. Once you’ve got the Kasperky Rescue Disk in hand, insert it into the infected computer, and turn off and then turn it on again.
  2. As soon as you power it on, you will see a screen that tells you to press any key to enter the menu, so please tap any key to boot your machine from the Kaspersky Rescue Disk.
    [Image: Starting infected computer from Kaspersky Rescue Disk]
  3. In the next screen, you will need to chose a language, then you click on Kaspersky Rescue Disk. Graphic Mode and press ENTER, to start the Kaspersky Rescue Disk.[Image: Kaspersky Rescue Disk Graphic Mode screen]

STEP 3: Scan your system with Kaspersky Rescue Disk

  1. Within a few short seconds you should see the full working environment, with the Kaspersky Rescue Disk screen front and center as shown below.
    [Image: Kaspersky Rescue Disk scanner]
  2. Switch tabs over to the My Update Center, and then click the Start update button to load the latest anti-virus definitions. Please be patience while this process its completed.
    [Image: Updating Kaspersky Rescue Disk antivirus definitions]
  3. Switch back over to the Objects Scan tab, select the drives you want to scan, and then click the Start Objects Scan button.
    [Image: Kaspersky Rescue Disk scan]
  4. When Kaspersky Antivirus will detect the FBI Computer Locked virus, you’ll be prompted to select an action. When this happens, please select Quarantine or Delete to remove this infection from your computer.
    [Image: Kaspersky Rescue Disk prompt]
  5. When the antivirus scan has completed, you can restart back into Windows regular mode, by clicking on the Kaspersky Start button [Image: Kaspersky Rescue Disk Restart button] (lower left corner), and selecting Restart.
    Once your computer will start in Windows regular more, download Malwarebytes Anti-Malware and HitmanPro, and scan your computer for any left over infections.

Your computer should now be free of the FBI Computer Locked infection. If your current anti-virus solution let this infection through, you may want to consider purchasing the PRO version of Malwarebytes Anti-Malware to protect against these types of threats in the future, and perform regular computer scans with HitmanPro.
If you are still experiencing problems while trying to remove FBI Computer Locked Ukash virus from your machine, please start a new thread in our Malware Removal Assistance forum.

IT’S YOUR TURN TO HELP!

If we have managed to help you with your computer issues, then it's your duty to let other people know that this article will help them!
You can share this article on Facebook,Twitter or Google Plus by using the below buttons.

THE 411 ON ME

FC Barcelona fan, Starbucks addicted and super geek.
I am the creator and owner of MalwareTips.com
My area of expertise includes malware removal and computer forensics. I'm active in the various online anti-malware communities where I do researches for new malware threats as they are released.
I live in Bucharest (Romania), where I run my own local computer repair shop.
I repair both hardware and other operating systems related issues, however most of my business is malware related problems.

Follow me on Google Plus

You can follow me on Google Plus, and I will try to keep you informed with the latest computer infections and malware threats!

SUPPORT MALWARETIPS! (OPTIONAL)

All our malware removal guides and utilities are completely free of charge.
We do not request any kind of money in exchange for our services, however if you like to support us with our hardware maintenance costs, you can make a small donation. Any amount is appreciated, and will support our fight against malware.
  • Harold Simmons

    Very informative and most of the tools used are free. Great job!

  • Adam Simonow

    Thanks a lot for this info my mom had this on her computer and I did a lot of searching but nothing worked..except this site..running rstrui.exe is a useful tool I had no idea about..Thanks again for saving her the money we were going to pay to have this removed.. I will save this site

  • Don Nabhani

    hi. idk if i solved the problem or not.. i used avast anti virus boot time scan and i managed to use my pc now .. but is my pc safe ?

    • http://malwaretips.com/ Stelian Pilici

      Hello,
      If you can normally login into your computer, and if you have performed the HitmanPro and Malwarebytes scan, then your computer should be clean!
      Stay safe!

  • http://malwaretips.com/ Stelian Pilici

    Hello,
    It looks like this infection is not allowing you to start in Safe Mode. In this case I recommend that you try to create a bootable HitmanPro USB or a Kaspersky Rescue Disk as seen in this article.

    If you are still experiencing problems while trying to remove this infection, you can start a thread in our Malware Removal Assistance forum: http://malwaretips.com/Forum-Malware-Removal-Assistance
    Stay safe!

  • Jenna

    Thank you for your help! I was able to remove the FBI virus in less than ten minutes through safe mode command prompt. I’m flabbergasted that I could remove this virus myself.

  • http://malwaretips.com/ Stelian Pilici

    Hello Joe,
    Please create a HitmanPro Kickstart USB as seen here: http://malwaretips.com/blogs/remove-police-trojan/#hitmanpro
    OR
    Please create a bootable Kaspersky Rescue Disk as seen here: http://malwaretips.com/blogs/remove-police-trojan/#kaspersky

    Stay safe!

  • tanner

    another way to do it is to go to safe mode command prompt and go to control panel and make a new user then get on with them and download and use malwarebytes

  • zakachu64

    thank u! it really helped alot

  • Avi

    Thank you!!
    It worked great.

  • Todd Miller

    Thank you. I appreciate you taking the time to create these instructions. They worked well and were easy to follow. Thanks again.

  • max

    thank you guys i tried your step two and worked like a charm

    • bertmeister

      thank you very much for this information. I followed the instructions, had to use method 2 and everything worked great. Thanks again!

  • Amy

    Mine keeps going to the Windows Error Recovery screen and then tries to launch startup repair. It is a repeating cycle and won’t let me run the Hitman Pro program. This virus is bad and I’m so frustrated because I keep hitting a dead end. :(

  • chuckm37

    Here is a trick I use often in working on Virus infected machines. It worked for me recently when I found The FBI virus had blocked access to Safe mode with or without networking, Safe mode with command prompt still worked. Boot into safe mode with command prompt and enter “explorer” in the prompt and press enter. Explorer starts windows in safe mode at that point. Close the command prompt window, access the control panel->User Accounts. Add a new user with admin privledges and do a normal reboot. Use the new user Id to login and run a deep virus scan (I use Avast Boot scan) to clean up the virus. Works for most viruses I have found and it is simple.

  • Bert

    I used the hitmanpro but it does not pick anything up (stays green) when restart virus still there HELP!

    This virus asks for $300 – it seems more than what I’ve seen. Does that mean it is a newer more robust/not easily picked up variety?

    • Stelian Pilici

      Hello Bert,
      Can you boot your computer in Safe Mode with Command Prompt, and type msconfig in the Command prompt. This should start the Windows System Configuration tool. Go to the Start-up tab, and search for any suspicious or unknonw entries (random numbers or letter, ctfmon.exe and other suspicious entries) and uncheck them from start-up. Next boot your computer in regular mode and perform a scan with HitmanPro and Malwarebytes as seen on the guide.
      And then perform a scan with the following tools:
      STEP 1: Run a scan with RogueKiller

      1. Please download the latest official version of RogueKiller.
        RogueKiller Download Link (This link will automatically download RogueKiller on your computer)
      2. Double click on RogueKiller.exe to start this utility and then wait for the Prescan to complete.This should take only a few seconds and then you can click the Scan button to perform a system scan.
      3. After the scan has completed, press the Delete button to remove any malicious registry keys.

      STEP 2: Run a scan with Emsisoft Emergency Kit.

      1. Please download the latest official version of Emsisoft Emergency Kit.
        EMSISOFT EMERGENCY KIT DOWNLOAD LINK (This link will open a download page in a new window from where you can download Emsisoft Emergency Kit)
      2. After the download process will finish , you’ll need to unpack EmsisoftEmergencyKit.zip and then double click on EmergencyKitScanner.bat
      3. A pop-up will prompt you to update Emsisoft Emergency Kit , please click the “Yes” button.After the Update process has completed , put the mouse cursor over the “Menu” tab on the left and click-on “Scan PC“.
      4. Select “Smart scan” and click-on the below “SCAN” button.When the scan will be completed , you will be presented with a screen showing you the malware infections that Emsisoft Emergency Kit has detected.Make sure that everything is Checked (ticked) and click on the ‘Quarantine selected objects‘ button.
      • Bert

        Thanks for the quick reply – I cannot get the pc to start with command prompt – it goes to a blue screen with lots of garbage and a message about physical memory dump.

        • Stelian Pilici

          Hello,
          It sounds like you have a very nasty rootkit on this machine.Can you try to create a HitmanPro Kickstart USB as see on the guide?
          If it still doesn’t work,you’ll need to create a Kaspersky Rescue CD as seen HERE: http://malwaretips.com/blogs/anonymous-virus/ , on Method 2.
          If everything fails, then you’ll need to create an account on our forums and a member of the staff will help you (with more advanced tools) to remove this nasty virus: http://malwaretips.com/Forum-Malware-Removal-Assistance
          Good Luck!

  • CLiF co.

    I am attempting to create the HitmanPro.Kickstart USB flash drive from HitmanPro website and get an error message: “#112, copy”. I have clicked retry several times on two different flash drives. What am I doing wrong?

    • CLiF co.

      I was using 1G flashers. Worked like a charm when I got a bigger stick. Ooops.

  • Glenn

    You are very good. The other websites I went to often underestimated the power of the FBI virus, by treating it like an easy fix–as though the virus had not completely disabled everything–or else they suggested solutions that only a computer pro could have used. But I am no computer pro and the virus is horrible. I could not use the first two of your three methods to get rid of the lock screen. The virus would not let me go into safe mode (or maybe MS was too incompetent to) and I could not do a restore because my Windows has never let me set a restore point. The solution had to come from outside, and you knew when the others did not. HitmanPro really did the trick. Thanks a lot.

  • ENRIQUE

    Thank you. My computer is up and running well once again. It’s pretty sad that you buy an anti-virus and it doesn’t run when you install the cd. After uninstalling the antivirus, WHAM, my computer has a virus. When I call tech support, they tell me they can fix my computer for a “reasonable” fee. Wrong answer. Thanks again for your help. I’ll be cheering on Barca to win the Copa Del Rey !!

  • jen

    You have been a life saver. Running the malwarebytes scan now. I’m so glad this is FREE another site tried to get $85 with me doing the work.
    Thank you so much

  • Just stuck

    I have been working all morning trying to fix virus. I downloaded the malware onto a thumbdrive and followed the steps of opening system in safe mode with command prompt, conducted cd restore and rstrui.exe, went back to reboot system in windows normal and before I could run a system scan, got a white screen. I am so sick of seeing this white screen. Please help if anyone can.

    Flustrated! Yes I spelled it correctly….

    • Stelian Pilici

      Hello,
      Start your computer in Safe Mode with Command Prompt, and type msconfig in the Command prompt. This should start the Windows System Configuration tool. Go to the Start-up tab, and search for any suspicious or unknonw entries (random numbers or letter, ctfmon.exe and other suspicious entries) and uncheck them from start-up. Next boot your computer in regular mode and perform a scan with HitmanPro and Malwarebytes as seen on the guide.
      Good Luck!

  • Lynn

    The “virus” only seems to have infected one of the users on my computer. When I hit the F8 key upon re-starting my computer, the up and down keys do not move the highlighted area off of “open normally” or something like that. Since the other users are operating ok, can I download the Malwarebytes and/or Hitman Pro from one of them and go from there?

    • Stelian Pilici

      Hello Lynn,
      Is any of them an Administrator account? Go ahead and perform the scan and see if they manage to remove the infection.

  • FeTa

    Your System Restore option worked successfully for a remote beginner windows user successfully. Instructions were provided by phone and worked perfectly! You totally rock!!!

  • Jamie

    Hey and thanks so much for your help.

    I managed to get back in to my laptop using method two and I have norton so I ran a full scan, this revealed 33 tracking cookies but nothing else so I downloaded malwarebytes as you suggested but when I did a quick scan it didn’t find any objects so I did a full scan and still nothing found :-(

    I’m now really worried that the malicious file is sat in my computer somewhere and I don’t know how I would find it as I don’t even know what I’m looking for. Please help!

    • Stelian Pilici

      Hello Jamie,
      Can you please run a scan with the following tools:
      STEP 1: Run a scan with RogueKiller

      1. Please download the latest official version of RogueKiller.
        RogueKiller Download Link (This link will automatically download RogueKiller on your computer)
      2. Double click on RogueKiller.exe to start this utility and then wait for the Prescan to complete.This should take only a few seconds and then you can click the Scan button to perform a system scan.
      3. After the scan has completed, press the Delete button to remove any malicious registry keys.
      4. Next we will need to restore your shortcuts, so click on the ShortcutsFix button and allow the program to run.

      STEP 2: Run a scan with ESET Online Scanner:

      1. Download ESET Online Scanner utility.
        ESET Online Scanner Download Link (This link will automatically download ESET Online Scanner on your computer.)
      2. Double click on the Eset installer program (esetsmartinstaller_enu.exe).
      3. Check Yes, I accept the Terms of Use
      4. Click the Start button.
      5. Check Scan archives
      6. Push the Start button.
      7. ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
      8. When the scan completes, push Finish

      Next,please run again a scan with Malwarebytes and HitmanPro.

  • Erin

    You saved me! Thank you so much. I called a computer repair company last night when this virus attacked, but at work today (where I could get back online) I found your blog. I’m so glad I still have all of my files. And I will be backing up promptly. The only bummer is that I didn’t find you sooner; the computer repair company that I called is charging me $50 for cancelling the appointment. DON’T ever call GeeksOnSite. But thank you so much for your free and relevant help. I really, really appreciate it.

  • Oliver Mobile, Alabama USA

    Hi, WORKS FOR THE FBI/MONEY PAK RANSOM WARE….
    Just wanted to let you (and anyone who is considering using this software and the methods shown here) know that it did work for me. I had to go with creating the boot-able flash drive using Hitman Pro as you directed. All the methods above that failed to work (I’m assuming due to the malware having been improved to overcome those methods). Just wanted to thank you for providing such a valuable service. Is is greatly appreciated. Thanks Again,
    Oliver
    Mobile, AL USA

  • Adam

    Hey Mate,

    I ran both the Malwarebytes and the Hitman Pro in safe mode. Both removed files the first time I ran them. But after restart the FBI virus still exists. I ran them each again and they tell me no threats found. Ideas?

    • Stelian Pilici

      Hello Adam,
      Can you please run a scan with the following tools:
      STEP 1: Run a scan with RogueKiller

      1. Please download the latest official version of RogueKiller.
        RogueKiller Download Link (This link will automatically download RogueKiller on your computer)
      2. Double click on RogueKiller.exe to start this utility and then wait for the Prescan to complete.This should take only a few seconds and then you can click the Scan button to perform a system scan.
      3. After the scan has completed, press the Delete button to remove any malicious registry keys.
      4. Next we will need to restore your shortcuts, so click on the ShortcutsFix button and allow the program to run.

      STEP 2: Run a scan with ESET Online Scanner:

      1. Download ESET Online Scanner utility.
        ESET Online Scanner Download Link (This link will automatically download ESET Online Scanner on your computer.)
      2. Double click on the Eset installer program (esetsmartinstaller_enu.exe).
      3. Check Yes, I accept the Terms of Use
      4. Click the Start button.
      5. Check Scan archives
      6. Push the Start button.
      7. ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
      8. When the scan completes, push Finish

      Next,please run again a scan with Malwarebytes and HitmanPro.

  • chino

    works great bud thansk u are awesome

  • Jim Heiu

    How much does it cost to download the software to remove FBI virus?

    • Stelian Pilici

      Hello Jim,
      All the software that we recommend is FREE…….If it will cost you just 1 cent to remove this infection, we will give you 100$ back! :P

  • Mike,Texas

    Helpful information!!Thanks!!

  • Ricca

    System Restore did the trick for me!Thank you

  • Zumba

    I have used HitmanPro KickStart and got rid of this nasty virus!
    Thank you so much !

  • 330mrx

    Thanks!

  • Kcal

    Thank you, I didn’t have any hope of recovering my photos,your guide works and was very easy to follow!

  • Allen

    I downloaded the Kaspersky rescue disk but would not update so i ran it on the yellow display. All worked well. I am malware and virus free for the moment. What would you recommend as a antimalware, antivirus to purchase so to help avoid having these issues?

    Thanks so much for posting this blog!!

  • onehappyguy

    AWESOME!THANK YOU!

  • Radu

    Thank you!For a second I thought I have lost all my files!:)

  • Abby

    Hi! I downloaded the Kapersky rescue disc, and after the scan (2 hours) i was looking for the light to turn green, but it turned yellow! then i restarted my computer and all the words off the icons are gone, and my icons won’t open…. the internet explorer, start menu, etc. just don’t do anything when i click… I can’t right click either. and when i press control alt delete, there are no words anywhere…. just symbols! what’s going on! please help! thanks!