A type of threat, known as ransomware, displays alerts saying that you need to send money to
unlock your computer. A ransomware
restricts access to the computer and demands a ransom to be paid to the creator
of the threat to use the computer. The threat instructs the user to send money
by Moneypak or uKash depending on region. See above:
The threat tries to trick you into sending money by making
you think that your computer is no longer accessible.
The FBI virus installs itself on your computer via pornographic
websites or illegal music and video sites, the FBI virus will display a bogus
notification that pretends to be from the Federal Bureau of Investigation, and
states that your computer has been blocked due to it being involved with the
distribution of pornographic material, SPAM and copyrighted content.
The FBI virus will
lock you out of your computer and applications, so whenever you’ll try to log
on into your Windows operating system or Safe Mode with Networking, it will
display instead a lock screen asking you to pay a non-existing fine in the form
of a MoneyPak code.
Furthermore, to make
this alert seem more authentic, this virus also has the ability to access your
installed webcam, so that the bogus crap
Please note: The FBI virus is a
scam, and you should ignore any alerts that this malicious software might
generate.
Under no circumstance should you
send any MoneyPak code to these cyber criminals, and if you have, you should request a refund, stating that you are
the victim of a computer virus and scam.
How to remove the
virus
STEP 1
Restart your computer in Safe mode with Networking
- Restart
the computer.
- As
soon as the computer starts, begin to tap the F8 key until the boot
menu appears.
- In the
Windows Advanced Options Menu, use the arrow keys on the keyboard
to select Safe mode with Networking.
- Press Enter.
If you are prompted, log on as administrator.
STEP 2
Restore Windows to
a previous state using System Restore
System Restore can return your computer system files and
programs to a time when everything was working fine, so we will try to use this
Windows feature to get rid of FBI virus.
- Restart
your computer, and then press and hold F8 during the initial startup
to start your computer in safe mode with a Command prompt.
Note: With some computers, if you press and hold a key as the computer is booting you will get a stuck key message. If this occurs, instead of pressing and holding the “F8 key”, tap the “F8 key” continuously until you get the Advanced Boot Options screen. - Use
the arrow keys to select the Safe mode with a Command prompt option.
- At the
command prompt, type cd restore, and then press ENTER.
Next,we will type rstrui.exe , and then press ENTER.Alternatively, if you are using Windows Vista, 7 and 8, you can just type : C:\windows\system32\rstrui.exe , and press ENTER.
If you are using Windows XP, you will need to type C:\windows\system32\restore\rstrui.exe, and then press ENTER.
4. The
System Restore utility will start, and you’ll need to select a restore
point previous to this infection.
5. After
System Restore has completed its task, you should be able to boot in
Windows normal mode, and perform a system scan .
6. IF
the FBI virus didn’t allow you to restore your computer to a previous
point, you’ll need to follow Method 3 to get rid of its screen
lock.
STEP 3
Remove FBI virus
with msconfig utility
When your computer was
infected with the FBI virus, this trojan has set a its malicious files to start
whenever your computer is booting. IF you didn’t have a restore point,
we can use msconfig to remove it’s malicious start-up entry.
1. While your computer is in
Safe Mode with Command Prompt, type msconfig to start the Windows
System Configuration utility.
2. Click on the Startup
tab, then search for any suspicious or unknown entries (random numbers
or letters, ctfmon.exe, and other suspicious or unknown entries), and uncheck
them from startup, then click on OK.
This will stop the FBI virus from starting with Windows, however it won’t remove the malicious files from your computer.
3.
Type shutdown /r in the command prompt to restart
your computer, then perform a scan.
No comments:
Post a Comment