FBI PayPal virus  

FBI PayPal virus. How to remove? (Uninstall guide)

by ,   Also known as FBI virus, Ukash virus | Type: Ransomware

What is FBI PayPal virus?

FBI PayPal virus is a sneaky cyber threat, which belongs to the 'ransomware' category. Just like FBI virus, this threat presents itself as a legitimate message from the Federal Bureau of Investigation. However, FBI has nothing to do with this scam alert, which in reality belongs to scammers. In order to look more trustworthy, this virus shows victim's IP address, location, hacks computer's webcam and shows what's happening in the room. Additionally, it reports about various law violations and asks to pay the fine in order to remove the lock and avoid more serious consequences. As you can see, the main reason, why this threat has been invented, is the money, which is asked in a form of fine. Previous versions of FBI virus have been asking to pay this fine via Ukash, Paysafecard and Green Dot MoneyPak prepayment systems. However, now it seems that they have started using PayPal for their money transactions. Please, do NOT pay this fine because you haven't done anything illegal! In order to unblock your computer, you should remove FBI PayPal virus from the system.


Just like other ransomware viruses, FBI PayPal virus is distributed via hacked programs, such as freeware and shareware. Besides, spam or illegal sites may also be included to the distribution of this threat. As soon as it gets inside, this screen locker modifies the system and turns its target computer into a useless machine. Instead of getting on the Internet or launching your favorite programs, you will see only this huge alert that covers the entire PC's desktop:

Federal Bureau of Investigation
Your PC is blocked due at least one of the reasons specified below.
You have been violating Copyright and Related Rights Law. (Video, Music, Software) and illegally using or distributing copyrighted content, thus infringing Article 1, Section 2, Clause 8, also known as the Copyright of the Criminal Code of United States of America.
Article 1, Section 2, Clause 8 of the Criminal Code provides for a fine of 200 to 500 minimal wages or a deprivation of liberty for 2 to 8 years.
You have been viewing or distributing prohibited Pornographic content (Child Porn/Zoophilia and etc). Thus violating Article 2, Section 1, Clause 2 of the Criminal Code of United States of America.

Please, ignore this scam alert because it clearly seeks to mislead you into paying the fine. Firstly, paying the fine doesn't help to unblock computer and forget about this infection. In addition, you should be aware that governmental authorities like this one apply other, more sophisticated methods, for punishing their criminals. In order to fix your computer, you should remove FBI PayPal virus without any delay.


When trying to remove FBI Paypal virus, you have to unlock your computer first. In order to get an ability to scan your compromised computer with a decent anti-malware, follow these options:

* Flash drive method:

1. Take another machine and use it to download SpyHunterSTOPzilla, Malwarebytes Anti Malware or other reputable anti-malware program.
2. Update the program and put into the USB drive or simple CD.
3. In the meanwhile, reboot your infected machine to Safe Mode with command prompt and stick USB drive in it.
4. Reboot computer infected with FBI Paypal virus once more and run a full system scan.

* Users infected with FBI PayPal virus are allowed to access other account on Windows. If one of such accounts has administrator rights, you should be capable to launch anti-malware program.

*   Try to deny the Flash to make your ransomware stop function as intended. In order to disable the Flash, go to Macromedia support and select 'Deny': http://www.macromedia.com/support/documentation/en/flashplayer/help/help09.html. After doing that, run a full system scan with anti-malware program.

* Manual FBI Paypal virus removal:

  1. Reboot you infected PC to 'Safe mode with command prompt' to disable FBI Paypal virus (this should be working with all versions of this threat)
  2. Run Regedit
  3. Search for WinLogon Entries and write down all the files that are not explorer.exe or blank. Replace them with explorer.exe.
  4. Search the registry for these files you have written down and delete the registry keys referencing the files.
  5. Reboot and run a full system scan with updated  SpyHunter to remove remaining FBI Paypal virus files. You can also try scanning with STOPzilla or Malwarebytes Anti Malware.

* FBI Paypal virus removal from Android OS:

1. Reboot your Android device into Safe Mode:

  1. Find the power button and press it for a couple of seconds until you see a menu. Tap the Power off.
  2. Once you see a dialog window that offers you to reboot your Android to Safe Mode, select this option and OK.

If this failed to work for you, just turn off your device and then turn it on. Once it becomes active, try pressing and holding MenuVolume DownVolume Up or Volume Down and Volume Up together to see Safe Mode.

2. Uninstall malicious app (FBI virus may hide under BaDoink, Video Player, Network Driver System, Video Render, ScarePakage and other suspicious names):

  1. When in Safe Mode, go to Settings. Once there, click on Apps or Application manager (this may differ depending on your device).
  2. Here, look for previously mentioned malicious app(s) and uninstall all of them.

If this failed, enter a random, 15 digit length, code of imaginary MoneyPak xpress Packed voucher that is asked by FBI android virus or follow these steps:

  1. Go to Settings -> Security. Here, select Device administrators.
  2. Here, look for previously mentioned malicious app(s) and uncheck it
  3. In order to finish the removal of FBI Paypal virus, select Deactivate and OK.
It might be that we are affiliated with any of our recommended products. Full disclosure can be found in our Agreement of Use.
By downloading any of provided Anti-spyware software you agree with our Privacy Policy and Agreement of Use.
Do it now!
SpyHunter - remover Happiness
Compatible with Microsoft Windows
What to do if failed? If you failed to remove infection using Webroot SecureAnywhere AntiVirus SpyHunter, read here how to submit a support ticket or submit a question to our support team and provide as much details as possible.
SpyHunter is recommended to uninstall FBI PayPal virus. Free scanner allows you to check whether your PC is infected or not. If you need to remove malware, you have to purchase the licensed version of SpyHunter malware removal tool.

More information about this program can be found in SpyHunter review.

If you decided to select another anti-spyware, uninstall SpyHunter from your computer.
more than 40.000.000 downloads!
Webroot SecureAnywhere AntiVirus is recommended remover to uninstall FBI PayPal virus. You should confirm using free trial that it detects current version of parasite.
Not using OS X? Download a remover for Windows.
Alternate Software
We are testing STOPzilla's efficiency (2015-05-07 00:24)
Malwarebytes Anti Malware
We are testing Malwarebytes Anti Malware's efficiency (2015-05-07 00:24)
XoftSpySE Anti Spyware
We are testing XoftSpySE Anti Spyware's efficiency (2015-05-07 00:24)
Defender Pro Ultimate
FBI PayPal virus screenshot
FBI PayPal virus snapshot

FBI PayPal virus manual removal

Kill processes:
Delete files:

Geolocation of FBI PayPal virus

Map reveals the prevalence of FBI PayPal virus. Countries and regions that have been affected the most are: United States, Indonesia, India, Canada and United Kingdom.

Removal guides in other languages

Information updated:

Post a comment

Attention: Use this form only if you have additional information about a parasite, its removal instructions, additional resources or behavior. By clicking "post comment" button you agree not to post any copyrighted, unlawful, harmful, threatening, abusive, harassing, defamatory, vulgar, obscene, profane, hateful, racially, ethnically or otherwise objectionable material of any kind.

Home page Name


(All fields are required)
Like us on Facebook