Severity scale:  

FBI Virus Black Screen. How to remove? (Uninstall guide)

removal by Olivia Morelli - -   Also known as Ukash virus | Type: Ransomware

FBI Virus Black Screen is a ransomware infection that belongs to the 'famous' Ukash group. It acts similarly to the previous versions of this group of scams, FBI virus or FBI Moneypak: after locking computer down, it disables victim from ANYTHING and makes him/her completely disconnected from getting online or reaching important files and programs. Next to these typical symptoms, FBI Virus Black Screen has one big difference – it uses the black startup screen and audio warning, saying that you have been doing illegal actions on your PC. Before you fall for all this tricky campaign, remember that this program is FAKE and seeks only to scare you into paying the 'fine'. It has nothing to do with the governmental organization and seeks only to rip you off. Instead of paying the fine through Ukash, Moneypak or other prepayment system, we highly recommend to remove FBI Virus Black Screen immediately.


If you see a black screen and misleading audio notification from Federal Bureau of Investigation, you must have clicked on any free virus scanner site, spam email attachment or free movie download. Typically, this virus uses freeware or shareware when trying to come undetected. Once it gets inside the system, it locks the computer and shows a black message claiming that you have been locked because you have violated Federal law:

This operating system is locked due to the violation of the federal laws of the United States of America! (Article 1, Section 8, Clause 8; Article 202; Article 210 of the Criminal Code or u.s.a. provides for a deprivation of liberty for four to twelve years)
Following violations were detected:Your IP address was used to visit Web sites containing pornography, child pornography, zoophilia and child abuse. Your computer also contains video files with pornographic content, elements of violence and child pornography! Spam-messages with terrorist motives were also sent from your computer.
This computer lock is aimed to stop your illegal activity.
To unlock the cimoputer you are obliged to pay a fine of $ 200.
You have 72 hours to pay the fine, otherwise you will be arrested.You must pay the fine through MoneyPak:
To pay the fine, you should enter the digits resulting code, which is located on the back of your Moneypak, in the payment form and press OK.
If an error occurs, send the codes to address

This virus is clearly designed for USA, because it lists the federal laws of the United States of America. After reporting all those crimes, FBI Virus Black Screen demands to pay $200 to unlock the PC and then requires to send the codes to Be sure that paying this amount of money won't help you to unlock your PC because this can be done only with a technical help. Follow this post to know how you can remove FBI virus black screen:


When trying to remove any version of Ukash virus, the biggest issue is to unlock the system. However, some versions of Ukash threats may fail to unlock you from getting online. Ig you are one of these lucky people, download SpyHunterCombo Cleaner, Reimage or other reputab;e anti-malware program and remove the threat. If you are locked, follow these tips:

* Flash drive method:

1. Take another machine and use it to download SpyHunterCombo Cleaner, Reimage or other reputable anti-malware program.
2. Update the program and put into the USB drive or simple CD.
3. In the meanwhile, reboot your infected machine to Safe Mode with command prompt and stick USB drive in it.
4. Reboot computer infected with Ukash virus once more and run a full system scan.

* Users infected with Ukash viruses are allowed to access other accounts on their Windows systems. If one of such accounts has administrator rights, you should be capable to launch anti-malware program.

* Try to deny the Flash to make your ransomware stop function as intended. In order to disable the Flash, go to Macromedia support and select 'Deny': After doing that, run a full system scan with anti-malware program.

* Manual Ukash virus removal:

  • Reboot you infected PC to 'Safe mode with command prompt' to disable Ukash virus (this should be working with all versions of this threat)
  • Run Regedit
  • Search for WinLogon Entries and write down all the files that are not explorer.exe or blank. Replace them with explorer.exe.
  • Search the registry for these files you have written down and delete the registry keys referencing the files.
  • Reboot and run a full system scan with updated Reimage, SpyHunterCombo Cleaner or Malwarebytes Malwarebytes to remove remaining virus files.

UPDATE: There is a new FBI Virus Black Screen, which also claims that user is blocked due to the law violations. It displays other logo of the Department of Justice and claims: 'Your computer has been blocked! This text is written in the red background, similarly to the latest FBI virus, which is called FBI Online Agent. There are several boxes on its alert: one shows a list of laws, that have been 'violated' by a user, others explain how to pay the fine using MoneyPak prepayment system and show an image of a fake web cam. Besides, this virus 'speaks' for its victim and asks to pay not $200, but $300 for ransom.

do it now!
Reimage (remover) Happiness
Reimage (remover) Happiness
Compatible with Microsoft Windows Supported versions Compatible with OS X Supported versions
What to do if failed?
If you failed to remove virus damage using Reimage, submit a question to our support team and provide as much details as possible.
Reimage is recommended to remove virus damage. Free scanner allows you to check whether your PC is infected or not. If you need to remove malware, you have to purchase the licensed version of Reimage malware removal tool.
Alternative Software
Different security software includes different virus database. If you didn’t succeed in finding malware with Reimage, try running alternative scan with SpyHunter.
Alternative Software
Different security software includes different virus database. If you didn’t succeed in finding malware with Reimage, try running alternative scan with Combo Cleaner.
FBI Virus Black Screen snapshot
FBI Virus Black Screen snapshotFBI Virus Black Screen snapshot

About the author

Olivia Morelli
Olivia Morelli - Ransomware analyst

If this free removal guide helped you and you are satisfied with our service, please consider making a donation to keep this service alive. Even a smallest amount will be appreciated.

Contact Olivia Morelli
About the company Esolutions

Removal guides in other languages

  1. Malz Zhao II says:
    December 22nd, 2013 at 5:35 pm

    I had this before. Luckily I had 3 accounts. Only one of them got this. I deleted the infected account to stop the virus!

  2. Jd says:
    July 4th, 2014 at 8:56 pm

    A customer of mine wasnt as lucky. The virus gave me the blue screen of death and then wouldnt allow me to boot into safemode to restore. I eventually used parted magic and a bootable copy of windows and after wiping and formatting the Internal HD with parted magic, I was able to install a fresh copy of windows.

  3. carol beard says:
    June 22nd, 2015 at 6:54 am

    ive got reid of black screan with computor repairs but they re turn some how so theres got to be a way to send virus back to them

  4. c likemurphy says:
    November 23rd, 2015 at 11:58 am

    Since the ransom virus is claiming to be the fbi and asking for as much as 500.00. Why Iis the fbi not tracking these people down and put them in prison. Itspprobablyanother way for financing some terrorist group.

Your opinion regarding FBI Virus Black Screen