FBI Virus Black Screen is a ransomware infection that belongs to the 'famous' Ukash group. It acts similarly to the previous versions of this group of scams, FBI virus or FBI Moneypak: after locking computer down, it disables victim from ANYTHING and makes him/her completely disconnected from getting online or reaching important files and programs. Next to these typical symptoms, FBI Virus Black Screen has one big difference – it uses the black startup screen and audio warning, saying that you have been doing illegal actions on your PC. Before you fall for all this tricky campaign, remember that this program is FAKE and seeks only to scare you into paying the 'fine'. It has nothing to do with the governmental organization and seeks only to rip you off. Instead of paying the fine through Ukash, Moneypak or other prepayment system, we highly recommend to remove FBI Virus Black Screen immediately.
HOW CAN I GET INFECTED WITH FBI Virus Black Screen?
If you see a black screen and misleading audio notification from Federal Bureau of Investigation, you must have clicked on any free virus scanner site, spam email attachment or free movie download. Typically, this virus uses freeware or shareware when trying to come undetected. Once it gets inside the system, it locks the computer and shows a black message claiming that you have been locked because you have violated Federal law:
YOUR COMPUTER HAS BEEN LOCKED!
This operating system is locked due to the violation of the federal laws of the United States of America! (Article 1, Section 8, Clause 8; Article 202; Article 210 of the Criminal Code or u.s.a. provides for a deprivation of liberty for four to twelve years)
Following violations were detected:Your IP address was used to visit Web sites containing pornography, child pornography, zoophilia and child abuse. Your computer also contains video files with pornographic content, elements of violence and child pornography! Spam-messages with terrorist motives were also sent from your computer.
This computer lock is aimed to stop your illegal activity.
To unlock the cimoputer you are obliged to pay a fine of $ 200.
You have 72 hours to pay the fine, otherwise you will be arrested.You must pay the fine through MoneyPak:
To pay the fine, you should enter the digits resulting code, which is located on the back of your Moneypak, in the payment form and press OK.
If an error occurs, send the codes to address firstname.lastname@example.org.
This virus is clearly designed for USA, because it lists the federal laws of the United States of America. After reporting all those crimes, FBI Virus Black Screen demands to pay $200 to unlock the PC and then requires to send the codes to email@example.com. Be sure that paying this amount of money won't help you to unlock your PC because this can be done only with a technical help. Follow this post to know how you can remove FBI virus black screen:
How CAN I REMOVE FBI VIRUS BLACK SCREEN?
When trying to remove any version of Ukash virus, the biggest issue is to unlock the system. However, some versions of Ukash threats may fail to unlock you from getting online. Ig you are one of these lucky people, download Malwarebytes MalwarebytesCombo Cleaner, Reimage or other reputab;e anti-malware program and remove the threat. If you are locked, follow these tips:
* Flash drive method:
1. Take another machine and use it to download Malwarebytes MalwarebytesCombo Cleaner, Reimage or other reputable anti-malware program.
2. Update the program and put into the USB drive or simple CD.
3. In the meanwhile, reboot your infected machine to Safe Mode with command prompt and stick USB drive in it.
4. Reboot computer infected with Ukash virus once more and run a full system scan.
* Users infected with Ukash viruses are allowed to access other accounts on their Windows systems. If one of such accounts has administrator rights, you should be capable to launch anti-malware program.
* Try to deny the Flash to make your ransomware stop function as intended. In order to disable the Flash, go to Macromedia support and select 'Deny': http://www.macromedia.com/support/documentation/en/flashplayer/help/help09.html. After doing that, run a full system scan with anti-malware program.
* Manual Ukash virus removal:
- Reboot you infected PC to 'Safe mode with command prompt' to disable Ukash virus (this should be working with all versions of this threat)
- Run Regedit
- Search for WinLogon Entries and write down all the files that are not explorer.exe or blank. Replace them with explorer.exe.
- Search the registry for these files you have written down and delete the registry keys referencing the files.
- Reboot and run a full system scan with updated Reimage, Malwarebytes MalwarebytesCombo Cleaner or Plumbytes Anti-MalwareMalwarebytes Malwarebytes to remove remaining virus files.
UPDATE: There is a new FBI Virus Black Screen, which also claims that user is blocked due to the law violations. It displays other logo of the Department of Justice and claims: 'Your computer has been blocked! This text is written in the red background, similarly to the latest FBI virus, which is called FBI Online Agent. There are several boxes on its alert: one shows a list of laws, that have been 'violated' by a user, others explain how to pay the fine using MoneyPak prepayment system and show an image of a fake web cam. Besides, this virus 'speaks' for its victim and asks to pay not $200, but $300 for ransom.