Severity scale:  

Fbi Virus. 11 versions listed. Removal guide included

removal by Linas Kiguolis - -   Also known as Screen Locker | Type: Ransomware

FBI virus is a screen-locking malware that tries to extort money out of victims for the alleged illegal activities

Versions of FBI virusesFBI virus is a type of malware that demands payment for the release of the device which can reach 500USD

Questions about FBI virus

FBI virus is a cyber-threat which belongs to ransomware[1] category. However, it does not encrypt personal data as Locky or other malware does. Instead, it locks up the screen and displays a bogus message which explains, that the user has been violating the law in one way or another. Hackers threaten victims that the computer has been locked by the FBI or CIA, and the only way to recover the control of the machine is by paying between $100 and $500 using MoneyPak or similar service. There are several versions of this cyber threat, and the various AV engines recognize if under different names.

Name FBI virus
Type Ransomware / screen-locker
Systems affected Windows computers, Android devices, iOS devices
AVs detect under these names
  • Trojan/Win32.Reveton (Microsoft Windows)
  • Win32:LockScreen (Avast!)
  • Trojan:W32/Revton (F-Secure)
  • Trojan-Ransom.Win32.Urausy (Kaspersky)
  • Trojan.Winlock (Panda)
Demanded payment $100-$500
Distribution Spam emails, malicious websites, torrent sites, etc.
Symptoms Locked screen or browser, demands of paying “fine,” etc.
Elimination Download and install ReimageIntego; check other instructions below

FBI Warning Virus was firstly noticed in 2012.[2] Six years later, it keeps spreading around and poses a serious danger to PC users as well as Android and iOS users.

Just like its first versions, this sneaky malware gets into the target computer with the help of Trojan.LockScreen. As soon as it gets inside, Screen Locker locks the desktop and presents a screen with the “FBI Federal Bureau Investigation”, “CIA Special Agent”, and similar badges.

This aggressively-designed alert claims that the computer was blocked due to the Copyright and Related Rights Law violation or other reason that seems convincing. Below you can see a list of crimes that victims of the FBI Warning virus are typically accused of:

  • Attempts to access prohibited pornographic content;
  • Neglectful use of personal computer;
  • Attempts to download MP3s, movies, and software illegally;
  • Bulk-spamming.

Unfortunately, if you found yourself blocked by a program which claims that you have been illegally using or distributing copyrighted content, viewing or distributing pornographic content and spreading malware, you are infected with ransomware.

Beware that it can infect Windows, iOS and Android operating systems (this version is known as Android ransomware). No matter what was declared by the FBI several years ago,[3], you must ignore the alert caused by FBI ransomware and do NOT even think about paying the fine.

Keep in mind that this program belongs to hackers who are seeking just to swindle your and other people's money. If infected, remove FBI virus immediately after detection! Otherwise, you can run into further problems. Since the virus actively rampages in Germany, we invite German-speaking users to check guidelines provided on[4] page.

UPDATE: Beware of the new versions of FBI virus known as FBI Green Dot Moneypak virus, FBI Virus Black Screen and FBI Department of Defense virus! They are designed to extort money from computer users, so they are asking to pay a fine while accusing the PC user of illegal activities.

FBI virus on phonesMalware can also affect Android and iOS devices

If you become a victim, keep in mind that these malicious programs only seek to scare you and that they display the same text for every user who accidentally installs malware on their computers. 

Close the common infiltration paths to keep malware away

This infection has been using various methods to infiltrate target PC systems. As we have already mentioned, it spreads with the help of Trojan.LockScreen which can get into the system using various techniques. Of course, spam is considered one of the main methods used by this Trojan horse[5] for infiltrating computers.

However, it can also infect you after downloading the illegal program (illegal game, crack, etc.) or after clicking the infected popup. Beware that most of such popups claim that the victim needs to update the Adobe Flash Player or similar program. Make sure you ignore such offers for your own good. Otherwise, you will be forced to think about FBI virus removal.

To avoid FBI virus infiltration, you need to take care of your computer's security. If you don't use any security software or if you fail to update such software, you can increase the chances of getting infected with this.[6] Of course, you must always think about safe browsing practices.[7]

The biggest issue, which is caused by this ransomware, is that it has an ability to block the system and locks down all your programs, including anti-virus software. In order to launch it, you should try rebooting your computer to Safe Mode with Networking or try System Restore feature that could help you disable FBI virus.

According to hackers, you should pay the fine through MoneyPak or other pre-payment systems. Of course, you should never do that if you don't want to support those scammers who are collecting these fines. Instead, you should try to eliminate the virus using the instructions added at the end of this article or using special malware removal software such as ReimageIntego, SpyHunter 5Combo Cleaner or Malwarebytes.

FBI virus (screenlocker)FBI virus was detected in 2012. Five years later it keeps posing the same danger to computer users

Malicious software using FBI theme to frighten users

FBI Moneypak

FBI Moneypak ransomware uses a huge alert filled with FBI and Moneypak logos, a webcam and a list of crimes victim is allegedly blamed for. User is informed that he has been viewing/distributing pornographic or copyrighted content, spreading malware or doing other illegal activities. For that, he has to pay a $100 fine and enter a Moneypak code on the right side of the fake alert. This threat locks the system down completely.

FBI Green Dot Moneypak virus

FBI Green Dot Moneypak virus locks the whole system down and displays a fake alert with FBI, Moneypak, and McAfee logos. A misleading message, which belongs to this threat, claims that the Federal Bureau of Investigation has blocked you for downloading illegal/copyrighted material and similar crimes. It requires to pay $200 fine and includes the steps explaining how you should do that.

FBI virus Black screen

FBI Virus Black Screen is hailing from the same FBI group of viruses uses the same technique as its predecessors and seeks to make users pay a $200 fine. However, it also applies an audio warning, black screen, and locks down the whole system. Additionally, it claims that you have been caught for law violations and will accuse you of visiting pornographic websites, viewing files containing zoophilia, child pornography and similar.

FBI Online agent

FBI Online Agent is ransomware which is also using the name of the Federal Bureau of Investigation, but it has a newly-designed alert, which tends to accuse the victim of committing various crimes and asks to pay $200 using MoneyPak. The new thing about FBI Online Agent is that it doesn't show your IP address or location but gives the name of the responsible agent, case number and other details that are clearly invented. Besides, scammers have included the promotion of terrorism into the list of the crimes that are reported into this misleading warning.

FBI Cybercrime Division virusFBI Cybercrime Division virus demands 300USD for file release

FBI Cybercrime Division virus

FBI Cybercrime Division virus is a dangerous ransomware, which pretends to belong to the FBI's Cybercrime Division. This virus uses identical scheme while trying to steal users' money. However, this time it asks to pay $300 using Moneypak prepayment system. Be sure that its alert is not legitimte and can be safely ignored. The new version applies a newly designed alert, which is filled with more than ten different logos.

FBI PayPal virus

FBI PayPal virus is not related to the Federal Bureau of Investigation in any way. As soon as it gets inside the system, this ransomware blocks the entire desktop and disables Internet connection on its target PC.

In addition, it asks paying the fine of $100 for invented online crimes, such as the use of copyrighted content or distribution of malware. Differently from earlier parasites, that use identical scheme for stealing the money, the FBI PayPal virus uses PayPal for its money transactions. Please, stay away from this threat.

FBI Department of Defense virus

FBI Department of Defense virus is a dangerous ransomware virus, which, similarly to its predecessors, seeks to swindle $300 by convincing its victims that they have violated several laws of the USA. This virus has the same ability to lock down the PC and hide every file, which is kept on the computer.

The new thing about this version of FBI virus, is that it offers using MoneyGram prepayment system for paying the fine. Please, never follow its recommendations!

FBI department of Defense virus

White Screen virus

White Screen FBI virus is a cyber infection, which is categorized as ransomware and belongs to the same group of FBI virus. If you see a white screen and a mouse cursor on your computer's desktop, that means this virus failed to load properly.

However, you may also receive a huge warning from the FBI, which reports about the illegal use of videos related to child pornography or other e-crimes. Please, ignore the warning that belongs to the White Screen FBI virus and never pay the money required by hackers or provide any of your personal information.

FBI Computer Crime and Intellectual Property Section virus

FBI Computer Crime and Intellectual Property Section virus is a dangerous ransomware that occupies the entire computer as soon as it infects it. Instead of the desktop, it shows a huge alert stating that 'computer is locked by Internet Service Provider' for several different reasons.

Just like previous versions, it claims that the computer's owner was noticed watching and spreading copyrighted content and doing other activities that clearly violate some laws of the USA. This FBI virus version asks to pay a fine of $200. Please, never follow this requirement.

FBI System Failure virus

FBI System Failure virus is a serious ransomware threat, which blocks computers with its fake warning saying: 'All Activities of this computer has been recorded. All your files are encrypted. Don’t try to unlock your computer!'. Just like previous its versions, this virus seeks to make its victims pay an invented fine.

This version is used to swindle $300, for that it asks using REloadit prepayment system. If you see such a warning, you must ignore it and use anti-malware software to remove malicious files from the system.

Fake Pornhub App ransomware virus

Fake Pornhub App ransomware virus is a malicious software was first discovered by a researcher Michael Gillespie. The screen-locking virus disguised itself as a fake Pornhub app, and as a consequence, people looking for erotic visual content were tricked into installing malware instead of the popular adult-content app. Once installed, this version of Android ransomware quickly locks the device, preventing the user from using it.

Considering that the victim just installed an app for adults, the message displayed on the screen might appear more scary and realistic than it actually is. The message states that “Federal Bureau of Investigation, Department of Justice” scanned the device and detected suspicious files as well as attempts to enter forbidden websites. As a consequence, the user has to pay $500 fine within three days.

Clearly, it is a scam. You should remove pornhub.apk as soon as possible. The researcher who discovered the virus suggests that the victim might have to reset the device entirely and restore it from a backup in order to continue using it.

Remove FBI virus from a compromised computer

In order to remove FBI virus from your computer, you should firstly unlock it. Depending on the type of your virus (you can be infected with Crypto-malware, ScreenLocker, ransomware, etc.), you should try methods that are provided below. Almost in all cases, it is required to reboot the device into Safe Mode with Networking. Of course, the first step that you should make is trying to launch your security software. If you don't have such, we highly recommend installing ReimageIntego, SpyHunter 5Combo Cleaner or Malwarebytes for FBI virus removal. 

If you want to remove FBI Warning virus without entering Safe Mode, you can use System Restore function instead (as explained below).

Remove FBI virus from Android, iPhone or iPad

FBI virus has been updated – several years ago it started blocking Android devices and has already attacked LG Smart TV.[8] It acts just like Windows version: FBI android virus locks the screen of the device and displays a fake warning message asking people to pay a fine for their illegal online activities. Please, do NOT pay this fine!

In addition, scammers started to release versions for iPhone users, so we have also prepared a guide on how to remove the virus from iOS devices.

If your Android phone was blocked, you should follow these steps. The following directions also explain how to get rid of FBI virus on the tablet. 

Instructions on how to remove FBI virus from Android

1. Reboot your Android device into Safe Mode:

  1. Find the power button and press it for a couple of seconds until you see a menu. Tap the Power off.
  2. Once you see a dialog window that offers you to reboot your Android to Safe Mode, select this option and OK.

If this failed to work for you, just turn off your device and then turn it on. Once it becomes active, try pressing and holding Menu, Volume Down, Volume Up or Volume Down and Volume Up together to see Safe Mode.

2. Uninstall malicious app (FBI Android virus may hide under BaDoink, Video Player, Network Driver System, Video Render, ScarePakage and other suspicious names):

  1. When in Safe Mode, go to Settings. Once there, click on Apps or Application manager (this may differ depending on your device).
  2. Here, look for the previously mentioned malicious app(s) and uninstall all of them.

If this failed, enter a random, 15 digit length, code of imaginary MoneyPak express Packed voucher that is asked by FBI android virus or follow these steps:

  1. Go to Settings -> Security. Here, select Device administrators.
  2. Here, look for the previously mentioned malicious app(s) and uncheck it
  3. In order to finish the removal of FBI Android virus, select Deactivate and OK.

Remove FBI virus from iPhone or iPad

FBI virus on iPhone? Not a problem. If you encountered a fake police warning on iPhone, follow these instructions to clean your device:

  1. Go to Settings. Here, find Safari app and tap on it.
  2. Scroll to the bottom of Safari settings panel and tap Advanced.
  3. Select Website Data, then scroll to the bottom again and select Remove All Website Data.
  4. Tap again to confirm the removal of website data. Your iPhone or tablet should be FBI virus-free.

do it now!
Reimage Happiness
Intego Happiness
Compatible with Microsoft Windows Supported versions Compatible with OS X Supported versions
What to do if failed?
If you failed to remove virus damage using Reimage Intego, submit a question to our support team and provide as much details as possible.
Reimage Intego has a free limited scanner. Reimage Intego offers more through scan when you purchase its full version. When free scanner detects issues, you can fix them using free manual repairs or you can decide to purchase the full version in order to fix them automatically.
Alternative Software
Different software has a different purpose. If you didn’t succeed in fixing corrupted files with Reimage, try running SpyHunter 5.
Alternative Software
Different software has a different purpose. If you didn’t succeed in fixing corrupted files with Intego, try running Combo Cleaner.

To remove FBI virus, follow these steps:

Remove FBI using Safe Mode with Networking

If FBI virus infected your Windows OS, you can unlock your computer with the help of methods that are given below. If they do not help you, try rebooting your PC to Safe Mode with Networking (see instructions with explanatory screenshots below).

  • Users infected with the FBI virus are allowed to access other accounts on their Windows systems. If one of such accounts has administrator rights, you should be capable of launching the anti-malware program.
  • Try to deny the Flash to make your ransomware stop. In order to disable the Flash, go to Macromedia support page and select Deny: See how to do it here. After doing that, run a full system scan with anti-malware program.

Manual FBI virus removal:

  1. Reboot your infected PC to “Safe mode with command prompt” to disable FBI virus (this should be working with all versions of this threat);
  2. Run Regedit;
  3. Search for WinLogon Entries and write down all the files that are not explorer.exe or blank. Replace them with explorer.exe;
  4. Search the registry for these files you have written down and delete the registry keys referencing the files;
  5. Reboot and run a full system scan with updated ReimageIntego to remove remaining files.

  • Step 1: Reboot your computer to Safe Mode with Networking

    Windows 7 / Vista / XP
    1. Click Start Shutdown Restart OK.
    2. When your computer becomes active, start pressing F8 multiple times until you see the Advanced Boot Options window.
    3. Select Safe Mode with Networking from the list Select 'Safe Mode with Networking'

    Windows 10 / Windows 8
    1. Press the Power button at the Windows login screen. Now press and hold Shift, which is on your keyboard, and click Restart..
    2. Now select Troubleshoot Advanced options Startup Settings and finally press Restart.
    3. Once your computer becomes active, select Enable Safe Mode with Networking in Startup Settings window. Select 'Enable Safe Mode with Networking'
  • Step 2: Remove FBI

    Log in to your infected account and start the browser. Download ReimageIntego or other legitimate anti-spyware program. Update it before a full system scan and remove malicious files that belong to your ransomware and complete FBI removal.

If your ransomware is blocking Safe Mode with Networking, try further method.

Remove FBI using System Restore

To disable FBI virus, you can use System Restore method as well. For that, you need to follow these steps:

  • Step 1: Reboot your computer to Safe Mode with Command Prompt

    Windows 7 / Vista / XP
    1. Click Start Shutdown Restart OK.
    2. When your computer becomes active, start pressing F8 multiple times until you see the Advanced Boot Options window.
    3. Select Command Prompt from the list Select 'Safe Mode with Command Prompt'

    Windows 10 / Windows 8
    1. Press the Power button at the Windows login screen. Now press and hold Shift, which is on your keyboard, and click Restart..
    2. Now select Troubleshoot Advanced options Startup Settings and finally press Restart.
    3. Once your computer becomes active, select Enable Safe Mode with Command Prompt in Startup Settings window. Select 'Enable Safe Mode with Command Prompt'
  • Step 2: Restore your system files and settings
    1. Once the Command Prompt window shows up, enter cd restore and click Enter. Enter 'cd restore' without quotes and press 'Enter'
    2. Now type rstrui.exe and press Enter again.. Enter 'rstrui.exe' without quotes and press 'Enter'
    3. When a new window shows up, click Next and select your restore point that is prior the infiltration of FBI. After doing that, click Next. When 'System Restore' window shows up, select 'Next' Select your restore point and click 'Next'
    4. Now click Yes to start system restore. Click 'Yes' and start system restore
    Once you restore your system to a previous date, download and scan your computer with ReimageIntego and make sure that FBI removal is performed successfully.

Finally, you should always think about the protection of crypto-ransomwares. In order to protect your computer from FBI and other ransomwares, use a reputable anti-spyware, such as ReimageIntego, SpyHunter 5Combo Cleaner or Malwarebytes

Stream videos without limitations, no matter where you are

There are multiple parties that could find out almost anything about you by checking your online activity. While this is highly unlikely, advertisers and tech companies are constantly tracking you online. The first step to privacy should be a secure browser that focuses on tracker reduction to a minimum.

Even if you employ a secure browser, you will not be able to access websites that are restricted due to local government laws or other reasons. In other words, you may not be able to stream Disney+ or US-based Netflix in some countries. To bypass these restrictions, you can employ a powerful Private Internet Access VPN, which provides dedicated servers for torrenting and streaming, not slowing you down in the process.

Data backups are important – recover your lost files

Ransomware is one of the biggest threats to personal data. Once it is executed on a machine, it launches a sophisticated encryption algorithm that locks all your files, although it does not destroy them. The most common misconception is that anti-malware software can return files to their previous states. This is not true, however, and data remains locked after the malicious payload is deleted.

While regular data backups are the only secure method to recover your files after a ransomware attack, tools such as Data Recovery Pro can also be effective and restore at least some of your lost data.

About the author
Linas Kiguolis
Linas Kiguolis - Expert in social media

If this free removal guide helped you and you are satisfied with our service, please consider making a donation to keep this service alive. Even a smallest amount will be appreciated.

Contact Linas Kiguolis
About the company Esolutions

Removal guides in other languages

  1. Jim says:
    June 24th, 2012 at 6:48 pm

    I had this and found it in the start menu. I WENT INTO SAFE MODE ANF REMOVED. Now its booting up and working fine.

  2. Jack says:
    July 15th, 2012 at 5:38 pm

    Whats it called?

  3. Not PC Savy But... says:
    November 13th, 2012 at 3:53 pm

    I tried Malwarebytes and, after a full scan of 90 mins. and a reboot, I found it to worketh not! Arrrggghhh. I got rid of the beast, however, by doing something remarkably simple. I booted in safe mode with internet and then went to Guest user. From there, I simply used the system restore to a couple of days ago. Voila! No money spent, no code, no nothing. Back in the saddle I am.

  4. macq says:
    November 27th, 2012 at 1:20 pm

    how do you restore your computer to a previous date using windows 7?

  5. charlse says:
    March 3rd, 2013 at 8:43 pm

    all you need to do is higt f8 as soon as you turn your computer on keep hitting it tell you see a black screen saying boot in safe mode ect. use your arrow keys to higlight repare system it will load into it and then pick system restore to a recovery point of your choise 🙂

  6. Jay says:
    November 28th, 2012 at 8:09 am

    If it helps anyone I removed the virus doing the following:
    1. I shut down the computer
    2. disconected the internet connection
    3. downloaded Malwarebytes on another CPU to a thumb drive
    4. Re-booted the infected CPU
    5. downloaded Malwarebytes from thumb drive (warning voice was still playing in the background)
    6. install Malwarebytes
    7. run Malwarebytes (quick scan)
    8. prompted by Malwarebytes to re-boot
    9. virus gone.

    Hope this helps someone.

  7. ajapierce says:
    September 5th, 2013 at 9:36 pm


    Here is the technique that i have been successful with, without having to re-install windows.

    Im not sure what version of Windows, but it seems to work better on the slower operating systems like Vista, Windows 7 and Windows 8.

    If you Ctrl-Alt-Delete to get the home screen, use the “Logoff” function. As it is trying to logoff, hit cancel (to cancel the logoff process) once the FBI virus screen is gone.

    After you do this, you should be able to get back to your desktop and work like normal, however this is the time that you should be using Malwarebytes (the free version) to find and remove the files. There are file components and registry entries, sometimes the “explorer:run” key will have the virus there as well.

    Another program that is also useful is “TDSKiller.exe”, it is only for RootKit viruss, but sometimes the FBI virus comes with one.

    I have had a lot of success using this tactic, but please download Malwarebytes to a USB memory stick from another computer and run it on your machine, the FBI virus will block downloads of programs that will help remove it.

  8. Greg says:
    July 2nd, 2012 at 9:37 pm

    After rebooting my computer, I constantly clicked my Monzilla Firefox icon and got it to open ahead of the FBI malware. I did a system restore to a date that preceded the attack and everything has been operating fine since then. Nasty little virus go-go away.

  9. Rick says:
    July 4th, 2012 at 3:14 pm

    I downloaded the trial version of malwarebytes. It scanned my comp, and removed the virus successfully.

  10. Chrism says:
    September 14th, 2012 at 11:47 am

    I did the same thing, but I did NOT buy the software, and guess what? Its back, I will be buying the program this time you can bet.

  11. Not PC Savy But... says:
    November 13th, 2012 at 3:56 pm

    Dont spend the money unnecessarily. Use system restore. See the comments above. It works perfectly and its free.

  12. Strange but works says:
    July 5th, 2012 at 9:45 pm

    just throwing this out their. I downloaded pinnaclegamerprofile or something for game controllers on pc…point is it somehow intersects it. you must logoff and then cancel the logoff because the pinnaclegamerprofile gets stuck; and it actually gets rid of it, well for now until you take action. point is if you cant get rid of it, download that program it helps, but youll still see it upon every boot up

  13. GS says:
    July 9th, 2012 at 4:56 pm

    Free version of malwarebytes did it for me too.

  14. michael Walling says:
    July 30th, 2012 at 4:31 pm

    It has changed….now unable to bypass it in safe mode. Also the comouter infected did not have and admin password on it before infection…now it does and therefore cannot use somfunctions needed to delete virus

  15. mike says:
    March 5th, 2013 at 8:29 pm

    Yes mike it did change. When i go into safe mode the computer reboots itself and goes into back into regular mode were the virious takes over. It doesnt give me a chance to run malewarebytes before it reboots. Any suggestions?

  16. Sam says:
    May 5th, 2013 at 6:01 pm

    Same here reboots to the normal and I only have one account. Weird though i had chrome running in the back ground so when I hurried to log off it said this application is still running would you like to force quite. I said no and my comp was back to normal so I ran Microsoft security essentials and nervously went to bed. But my computer went to sleep which basically reset the virus and here I am. Will this actually do anything to my files by the way?

  17. jrfrye1 says:
    June 9th, 2013 at 10:15 pm

    ctrl alt del, Run Task manager. New process. windows system32control.exe control panel run system restore from control panel

  18. Goldie says:
    June 16th, 2013 at 4:03 pm

    My niece has gotten this in the past week on her laptop. I hit ctl alt del but when i click on task manager it goes back to virus….

  19. Jeanne says:
    August 4th, 2012 at 7:48 pm

    Malwarebytes worked for me

  20. scott says:
    August 6th, 2012 at 10:00 pm

    ctrl+alt+delete, log off, wait until it closes the “Virus” then scaned with my anti-virus, took it off.

  21. maureen says:
    August 10th, 2012 at 8:24 am

    So, this happened while my husbad was on the computer and they did a visus scan and a reboot scan and the virus is still on the computer and completely locked up. I cannot access SafeMode so now not sure what to do! I can load that SpyHunter onto a CD or USB, but I cannot get to the program to run it. The computer only shows icons, cannot open Start, cannot go into an icon, cannot go onto the web….nothing! Help!!

  22. Mike says:
    October 7th, 2012 at 7:59 am

    Point of inormation.
    1) When you try to access the computer, DO NOT CONNECT TO THE INTERNET.
    2) If you are connected, do a contol alt delete to bring up the option menu- You cannot start taskmanager so hit the logout key.
    3)When you get back to a non-connected computer, do a search for all files with the date that you think the system was infected i.e. 10/01/2012
    4) On my compuer, it brought up 2 items
    programs: ctfmon
    files: 12986228.dll

    5) Right click and open properties—-go to security settings and click on the edit key— change “allow” to “deny” for all boxes. Then press “Apply”

    There should also be a file that comes up when you search for the date in step 4—- repeat step 5 for this file also. If you go to details on the dll, the language is Russian and the A*Holes actually show a copyright.
    Then Restart your computer. and reconnect to the web.
    For me, this gave me access and now Im going to run the malware programs that are listed above.
    Point of information- I was running 2012 TrendMicro Titanium and it failed. It even said it stoped an attack on 10/01/2012 (which is how I knew the date to search fo)
    Last time I use trendMicro

  23. Lucas says:
    October 16th, 2012 at 8:03 am

    It worked, thank you

  24. Christina says:
    November 19th, 2012 at 10:29 am

    I have found a way to get to the internet through the “favorites” page. It allows me to use the computer but the problem still exists. Toshiba support wants me to wipe it clean to factory new. I am considering it.

  25. BILL BOBOB says:
    September 18th, 2013 at 1:03 pm


  26. harry says:
    August 14th, 2012 at 5:00 pm

    it really work in less than 15 min.

  27. Chuck says:
    August 28th, 2012 at 12:20 pm

    An updated version of Malwarebytes running in Safe Mode will find, isolate and destroy the FBI virus. It has to be run in the “Full Scan” mode though. Then reboot as normal and you should be okay.

  28. Alexandre says:
    September 19th, 2012 at 4:26 pm

    I just boot and after entering on windows press Ctrl …Alt…Del comes up the task manager window, 2 our 3 second s later the FBI warning starts and you will see on the task manager the ename of the file…after that press the power button till power off, start and boot again press F8 and boot from command prompt, search for the file ……….windows dir *.exe ,you will see all the execs files ….search for yours and delete.

  29. Meme says:
    September 24th, 2012 at 12:54 am

    I downloaded the trial version of malwarebytes, updated it. started in safe mode, It scanned my comp. Did not remove virus -Help

  30. Dominic says:
    September 24th, 2012 at 2:03 pm

    Just fixed my dads laptop after he got infected wit his virus.
    Use the free version of Malwarebytes, update the virus definitions and do a full scan.
    Also make sure you run the scan while the computer is in safe mode.
    Hope this helps.

  31. Anthony says:
    September 25th, 2012 at 5:42 pm

    Hi, recently been affected by the virus. I tried Malware did not work! What did was pressing F8 during startup of system so i can see the Safe Mode Options, click Repair the system, and do a system restore well before the attack happened. Been fine since….

  32. sanju says:
    September 26th, 2012 at 3:21 pm

    safemode with networking and download malwarebites and then run the files deleate the virus issue fixed..

  33. Joe says:
    September 27th, 2012 at 2:20 am

    Ctrl Alt Del to switch users to someone else on that computer who has admin. rights. Google ComboFix.exe and download it. Run it and if it asks for an update let it update, so you have the most recent version. Let it run, sometimes is doesnt seem like it is doing anything, but it will pop up a few windows. It will then run a scan, which takes about 10 to 15 mins, it will pop up a log of information for you, which it will also save for you. It will need to reboot your system, and then you should be fine.

  34. Adam says:
    September 27th, 2012 at 10:04 am

    Got it yesterday and downloaded the malwarebytes and it couldnt find the virus…. I think its changed names… I had to do a system restore to a previous point…

  35. Kate says:
    November 10th, 2012 at 5:13 pm

    This thing is really tricky and I ended up having to do a system re-set since malwarebytes and AVG did not do the trick.

  36. pissedatmalware says:
    September 29th, 2012 at 9:41 am

    Thanks Greg!!! I ran a Staten recover add it is working fine! Im now downloading spyhunter as I type, I dont need any future isses.

  37. yafet says:
    September 30th, 2012 at 9:55 am

    i really need help i went into safe-mode downloaded malware-bytes and it scaneed my computer it said their was 2 viruses i removed them but now when i get out of safe mode then the fbi warning virus still pops up. i called a fix ur computer place and they told me that the virus was in my network files so their is nothing i can do. is he right or is he just trying to take my money. also he said that if i restore my computer nothing will happen i really need help ASAP!!!!!!!!!!!!

  38. Mike says:
    October 7th, 2012 at 8:07 am

    See my comment for Maureen 8/10/12 above for a workaround. It gave me back control to go back on the web and download the malware removal programs. My computer was not accessed for a week, hence it was easy to see that some Russian Aholes loaded a program on 10/01/2012. Hope this helps

  39. Sharon says:
    September 30th, 2012 at 4:38 pm

    I downloaded multiple programs in safe mode to try to remove this virus – Norton, AVG, Lavasoft, Windows Defender… The one that worked is Malwarebytes!!!

  40. nick says:
    October 1st, 2012 at 12:54 am

    I nad malewarebytes trial already on my computer. I updated it and ran it in safe mode. It found 3 infections and i figured my computer was cleaned. When I rebooted the system the FBI screen locked up the computer again. What should I do now?

  41. Opcode says:
    October 1st, 2012 at 12:42 pm

    Try rolling back with System Restore to some time prior to infection.

  42. Asu says:
    October 2nd, 2012 at 11:54 pm

    Hi Nick,
    Try a system restore or run the Norton Power Eraser tool in safe mode with networking. Also please try to disable unknown start-up items from msconfig.

  43. lisa says:
    October 5th, 2012 at 2:34 pm

    i just had this happen to me. i restored my computer to an early date…which happened to be this morning when i was running virus scans..and it got rid of it. thank you all the people here you helped me and im very grateful. glad to know we are all smart people also.

  44. lisa says:
    October 5th, 2012 at 2:35 pm

    i got it when i was on spotify i dont know if that means anything

  45. Frank says:
    October 5th, 2012 at 5:00 pm

    This thing seems to have my keyboard locked up until windows opens. I cant open in safe mode. So FBI comes in and locks up in about a minute. If I try to open my virus protection to scan it will not allow it to open. Any iodeas on that?

  46. Mike says:
    October 6th, 2012 at 7:28 pm

    This guy just copied botcrawls website pretty much to the tee. Funny.

  47. Anonymous says:
    October 7th, 2012 at 3:03 pm

    Whoa this website is a rip off I just looked

  48. Shawn says:
    October 9th, 2012 at 1:01 am

    If the account that is infected and not a member of the Administrators group, youre in luck. Log in with an account that is a member of the Administrators group. With this account you can backup your My Documents, Favorites, Desktop and so on. Do not backup the entire profile because this virus hides in the registery and in the hidden Applications Settings folder of the infected profile. Next, go to control panel and users. Delete the account and select delete account files as well. Then recreate the account and log into the newly created account. You can restore the files that were backed up and have your account working perfectly again. No need to play in the registery or run a long virus scan. This process should take only minutes. After this, you should have learned your lesson and tell your husband to stay off of the porn sites.

  49. Constance says:
    October 9th, 2012 at 11:53 pm

    Hey my desk top has the FBI virus. However my laptop is working just fine. How do the virus get into your computer? I mean is there something I can NOT do in order fo rmy computer to stay safe? I dont wont nor need this. PLEASE HELP!!

  50. Ace says:
    October 11th, 2012 at 8:10 am

    I removed this for a friend last night. I used Malwarebytes trial version too. However, his OS would lock up seconds after booting up. I removed the hard drive from his PC, then I attached it to my PC with a USB to SATA adapter. (It attaches to my PC like an external drive). I then did a full scan and found 4 infected files on that drive. I removed them and replaced the hard drive. I was then able to boot his PC and everything is running normal again. For users still infected, after running Malwarebytes. Make sure you are running the latest version. Also, if you can access your OS, run Windows it in diagnostics mode. (This will prevent a network connection and scan all your files). Sometimes infected files can be in restore points too. Hope this may help someone.

  51. Dennis says:
    October 11th, 2012 at 8:56 pm

    I got the fbi block, turned off pc turned back on into safe mode. Then turned off. then back on without internet on and ran AdvancedSystemCare2013 virus scan and then system restore. Been fine since.

  52. Christian says:
    October 14th, 2012 at 7:43 am

    The FBI virurs claims that I was watching porn…..witch I was not……… first I was scared.Then I saw that the FBI symble was wrong.

  53. Paul G says:
    October 15th, 2012 at 11:05 pm

    So, I got hit with this piece of crap virus. BEST WAY to get rid of it…TRUST ME…First, hopefully you have a second user on your PC . Always set up a back door sign in as ADMIN. Dont use it unless you really need to….LIKE NOW !!!! Go to the web and bring down MALWARE BYTES. Its free but it is a TRIAL VERSION. Activate it through your alternate sign on, not the user that you contracted the virus under – you wont be able to anyway because of the “FBI LOCKOUT” Run the clean up twice. I bought the ultimate for $39.00 and boy was it worth it. Once you have run the complete application you can sign on as normally do. THEN RUN IT UNDER THE USER THAT ORIGINALLY GOT STUCK UP THE BUT WITH THE VIRUS. It will clean the files that are not shared as the user that was infected. Total time to fix this once you down load Malwarebytes is about 30 minutes. SO….SCREW FBI-$200.00 By the way, I didnt mention that I have Norton 360 and Windows invader running. This virus has an awfully long and thin needle.

  54. chris says:
    October 16th, 2012 at 8:38 am

    notice everyone with a thumbs up downloaded malwarebytes lol

    dont download the BS

  55. JOe says:
    October 17th, 2012 at 10:41 pm

    I run Spybot and like it BUT it does not find the FBI virus! Im not sure why since its been around for so long!

  56. MINDY says:
    October 18th, 2012 at 10:40 am


  57. qusaimodo jones says:
    October 18th, 2012 at 10:50 am

    i got the fbi “pay me $200 thing from an abandonware site a week ago. I unpluged my laptop immediately. restarted in safe mode, ran superantispyware, and afterward used system restore. virus is gone, may have been just dumb luck, but that worked for me

  58. Steve-O says:
    October 18th, 2012 at 2:25 pm

    The easiest way to get rid of this crap is to start in Safe Mode with Networking. Once there, launch your internet browser, google search for the malwarebytes anti malware. Download the FREE antivirus. It takes a bit to get downloaded. Launch the Malwarebytes program and let it run, this will kill the sucker. then restart your computer. Once in normal mode, do the malwarebytes scan again, it might well find one more bug that got missed in safe mode. No idea why that is. After that, you should be golden.

  59. DougB says:
    October 19th, 2012 at 2:28 pm

    I have malwarebytes Anti-Malware. I disconected from the internet, ran the program, and it found the three viruses. I deleted them, and that was it.

    If you dont have Malwarebytes, try what you have. Just make sure you are off the internet, or you wont be able to get to it.

    You might be able to downlaod Malwarebytes to a disc, then use on your computer offline, but, I dont know for sure. Good luck.

  60. 2spyware says:
    October 24th, 2012 at 4:08 pm

    If you visited this website you did so by mistake. 2-spyware has only negative reviews, links may lead to malware on this site so dont click anything. report this website if you accidentally visited it.

  61. rajesh says:
    October 26th, 2012 at 7:42 am

    Its worked.. thanks a lot..

  62. Marty says:
    October 26th, 2012 at 9:24 pm

    So how do I get to safe mode

  63. EWJ says:
    October 30th, 2012 at 6:01 am

    Press F8 while windows is starting up!

  64. 2-shittysite says:
    October 30th, 2012 at 4:54 pm

    What a shitty site. This site is so spammy and shitty even Google dropped them in search results.

  65. jimmyg says:
    November 5th, 2012 at 8:54 am

    I was able to get my computer back from FBI by booting up in a safe mode and going through the system restore procedure, choosing a date prior to the infection. I still need to remove the virus.

  66. bochiecole says:
    November 8th, 2012 at 3:25 pm

    google COMBOFIX, run it in safe mode and you should be good.

  67. A. says:
    November 9th, 2012 at 2:13 pm

    This virus was a joke. What i did was went into my configuration at the loading scrren and disabled all remote use of this computer, then went in safemode and ran malware bytes. It seems to be gone now, it was imbedded in my adobe acrobat files, and everytime it tried to update it would freeze my comp wit the fbi warning, but anyway its gone, its a scam and it is mildly easy to get rid of it so dont fear, it took me all night to figure it out, what without any internet

  68. Lisa says:
    November 9th, 2012 at 6:34 pm

    I dont know if I just got lucky here or what. My computer was locked up with the FBI warning screen so I simply rebooted with ctrl-alt-del and opened Malwarebytes as fast as I could. It then locked up on me right after clicking it but when I hit ctrl-alt-del again I had a warning that I could not shut down yet due to Malwarebytes. So I went back to the desktop and lo and behold I was able to update Malwarebytes, run a scan, and obliterate 4 little buggers. Ive had to combat much harder trojans and virus so to me this one is just like the post above mine describes “a joke”. *One word of caution is dont always believe solutions you google because they are often instructions to root the virus/trojan even further.*

    Of course you would need to have Malwarebytes installed already so Im sorry for the piss poor solution. I just hope my time spent here leaving this comment can help someone in the future. For good measure Id always keep Malwarebytes on any computer I owned or worked with just for when the day comes you need it to save your ass. It has served me greatly many times and Id recommend it 100 times over.

  69. Debbie says:
    November 10th, 2012 at 10:01 pm

    I had the FBI virus, removed it with malware but all my files have been changed to a block extension. I downloaded two different file extension “fixes” but they didnt work. Any suggestions?

  70. Patrick says:
    November 12th, 2012 at 11:59 pm

    Running safemode, tried delete commands, etc. through cmd prompt … “This command is not recognized as an internal or external command, operable program or batch file.” White screened. These files are the newest on my PC: MRT.exe, perfc009.dat, perfh009.dat, PerfStringBackup.INI

    The dates on several directories are also using current dates: . .. Config … Tasks

    I downloaded Malwarebytes onto a flash drive but cannot access the USB port. It has disabled DOS commands to change directories.

    What now?

  71. Old Man John says:
    November 13th, 2012 at 7:19 pm

    No go with scan with malwarebytes. Tried to load Spy Bot from flash drive as well as ccleaner but got ERROR sending request message. The server name or address could not be resolved. Tried in both SAFE MODE and SAFE MODE with networking. Whats with that? Also tried back dating to earlier time.

  72. Eddie says:
    November 14th, 2012 at 10:49 am

    I wasnt (and may still not be able to) boot into SAFE MODE – BSOD popped up and it went to reboot. I WAS able to reboot normally, although I had not desktop or menu bar, and starting explorer from the Task Manager seemed to triggered the virus. Task Manager itself showed nothing untoward until the virus took over. However, I WAS able to see a flashing Task Manager by holding down Ctl+Alt+Del, and I copied the name of the offending task – it had characters in it that are only available using Charmap, so I had to reboot, run it, and do a copy/paste to get it right. Another reboot and I got into RegEdit, searched for the task, and deleted it from HKEY_LOCAL_MACHINE/SOFTWARE/Microsoft/Windows/CurrentVersion/Run. That also gave me the name and location of the virus itself (in my profile under Local Settings/Temp) so I could delete it, as well. Nasty reinstaller (not the worst Ive seen) that I got around by disconnecting from the internet, but as soon as Id plug in, the virus, although now crippled, still popped up. I finally downloaded Malwarebytes on another computer, put it on an SD card, and ran it. IT needed internet access, but only requested it after it had been initialized, so, although the virus popped up once I was back online, Malwarebytes was running and so located and killed the virus. No sign of it so far, but I may have to rebuild the MBR in order to get into SAFE MODE should I ever need it.

  73. Caitlin says:
    November 14th, 2012 at 4:16 pm

    I got infected with this today, just a few hours ago. I disconnected from the internet and was able to log on to another admin account on the computer that did not seem to be affected by the virus. I transferred some important documents onto the secondary account and then deleted the infected one. It looks like the virus is completely gone, but is it really? I never ran antivirus software to remove it or booted in safe mode. This seems too easy.

  74. Henry says:
    November 15th, 2012 at 6:14 pm

    this malware requires you to pay in order for it to remove the virus

  75. Jackie says:
    November 15th, 2012 at 10:04 pm

    I thought it was real!! I got rid of it 10min ago But I googled “FBI on computer” on my phone and watched a YouTube video on it it was pretty easy Any could get rid of it (Im 14)

  76. Kelz says:
    November 17th, 2012 at 1:53 pm

    You need the full version of spyhunter, the free version will tease you letting you know it found it but you have to pay for a license.

    Malwarebytes pro trial version is your best bet or combofix. Use either one in safe mode.

  77. Hermes says:
    November 17th, 2012 at 3:54 pm

    My computer got infested recently with this nasty FBI ransom malware, I managed to run Malwarebytes when I rebooted my computer for 2nd o 3rd dont really know how many times , It was impossible to restart in Safe Mode with internet or any other Mode, it kept looping back to “start computer normally” so before the virus took over I hit the Malwarebytes launch Icon, it gives you a time window of about a 2 to 3 secs. Iam not a computer expert, maybe lucky, I was so piss off that I was doing any thing. But guess what, it worked, wooohooo. I clicked yes on the update window, Malwarebytes updated itself, and full scan of my computer, detected 3 ransom or fake FBI virus and GONE, FINITO, BYE.

  78. Danielle says:
    November 17th, 2012 at 5:40 pm

    I am trying but my computer does not even reboot in safe mode with networking nor safe mode with prompt command. What other choices do I have?

  79. albert123 says:
    March 31st, 2013 at 6:26 pm

    I could get my XP notebook PC into Save Mode or Save Mode with Internet.
    Upon clicking , an error message appears.
    Following is lost or damaged, can not start Window

    It also prompted me to “reload” the original OS CD.
    please help since I lost the original OS CD. Thanks

  80. DEE HUTCH says:
    November 18th, 2012 at 7:14 pm

    F8 to enter Safe Mode with Networking and ran Malwarebytes Anti-Malware software which was already on my infected computer. Seemed to have worked

  81. David says:
    November 18th, 2012 at 7:32 pm

    do the following steps:
    1. do system restore form the safe mode.
    2. use spy hunter in safe mode.
    3. use malwarebyte in safe mode.
    4. reboot your system in normal mode.

    you will never get back again this fbi virus…..

  82. Michael says:
    November 19th, 2012 at 2:20 pm

    I tried to start up in safe mode and it changed something in my bios that wouldnt allow me to do so. So I disabled my wireless and it stopped it from launching. Then I downloaded a couple of programs that took it off.

  83. Terry says:
    November 19th, 2012 at 7:49 pm

    Heres what fixed mine (no anti-spyware involved):

    1. Go to HKLUSoftwareMicrosoftWindowsCurrentVersionRun and look for the [random}.exe
    2. Delete value in key
    3. Go to location that the [random].exe was pointing to (mine was in the root of C:UsersInfectedProfile)
    4. Delete File(s)
    5. Reboot

    After login back in, I did run CrapCleaner and MalwareBytes and found the usual suspects of Malware, but the FBI virus has disappeared.

  84. Terry says:
    November 19th, 2012 at 7:50 pm

    FYI, that was all done in Safe Mode

  85. 5150 says:
    November 21st, 2012 at 9:15 am

    I removed the virus with combofix in safe mode but it left a .block extension and now I cant open any files. HELP!!

  86. ron says:
    November 23rd, 2012 at 2:00 pm

    how do i open the computer in safe mode? this is such a mess.

  87. BMW says:
    November 25th, 2012 at 12:52 am

    U can open your pc in safe mode by powering down, then when powering back up, constantly tap the F8 key untiil the safe black safe mode screen is visible. Use the up and down arrow keys to place a highlight on “safe mode and networking”

  88. Mauricio says:
    November 26th, 2012 at 6:37 am

    I used malwarebytes to remove it , and is for free..

  89. bob says:
    November 26th, 2012 at 3:42 pm

    I did got rid of it the easy way. I paid $ 200 and its gone.

  90. Rog says:
    April 4th, 2013 at 8:45 am

    You want us to believe YOU ARE STUPID but we think you need to brush up your english skills.

  91. VirusVictim007 says:
    November 26th, 2012 at 7:16 pm


    Sharing with you my successful removal of the FBI virus.

    While out of town my daughter informed that while playing fairies her computer went blank screen with sound.

    It turned out to be the FBI virus.

    Her computer is a Dell Windows 7 laptop running Norton Antivirus 360.

    To my surprise Norton did not catch it.

    This is one nasty virus.

    I tried all the techniques related to navigating and deleting files in the roaming or local folders.
    Also, tried the restore method several times, but the virus was preventing the restore to complete successfully.
    Next, I downloaded the It found two infections. I thought I was done but it did not work, the virus figured how to survive without those files.
    Next, I downloaded Malware bytes. It found another two infections. But then again, the virus found a way to survive without those files.
    I called Norton, GeekSquad etc. they wanted $100 to $200 to guide me over the phone on how to remove the virus.

    At this point, I had spent more than 8 hours loading and rebooting and wondering what else to do.

    A long time ago, I downloaded Avira Antivirus. It detected viruses Norton and McAffee could not detect.
    Currently paying for Norton. We use it at work and I use it at home.

    On another computer, I downloaded the Avira bootable rescue product for FREE.

    In addition, I downloaded Unetbooth.

    Unetbooth is used to “burn” a USB memory Stick as a DVD bootable drive.

    You download the ISO image onto your desktop and use Unetbooth to select the avira ISO file and the location where you inserted a USB Memory stick.
    It will format the USB Memory Stick with the Avira ISO bootable image.

    I inserted the Memory stick into the infected Laptop and restarted it. The laptop had already the booth sequence checking he USB drive first.

    It loads Linux and runs the antivirus. I clicked update to get the latest signatures and clicked on configuration to select delete file when unable to repair.

    After over two hours, the Avira rescue system found 14 infected files! Ranging from java, gif, exe. Just wondering why the other antivirus could not detect them!

    It could not delete some of the files. Indicating “archive scan abort”.
    I restarted my laptop in Safe mode and delete those files manually (3 of them).

    Then I restarted the laptop normally.

    It worked!

    I am switching to Avira. Those German guys make some good stuff.

  92. Jim says:
    November 27th, 2012 at 10:38 am

    I tried Dell, they took over my computer and it got worse. now F2 or F8 gets me options, but get a blue screen that says windows not usable, dell is sending a new disk and will talk me through install and try to backup my current files. anybody else have such problems? cost me $129 so far…

  93. landon says:
    November 27th, 2012 at 1:57 pm

    if you can get the task manager up and running, kill the explorer.exe process tree and then re-run explorer.exe and you should be able to work your computer to find what the virus has renamed itself to

  94. Jim says:
    November 27th, 2012 at 2:17 pm

    i get nothing. restart and hit F2 or F8 and I get the options of safe mode, etc., but when selecting anything it just locks up with an error message. tried disconnecting from the internet, just cant get anything at all to work. thanks though

  95. PORNHUB = says:
    November 28th, 2012 at 4:59 am

    can any one tell to me…. what does person write in 2 min and 6 sec in vidio ( in run) ??????????? plzzz

  96. Elaine says:
    November 28th, 2012 at 5:22 pm

    Thank you so much, this was the best answer. I would suggest to everyone.

  97. xslice says:
    November 28th, 2012 at 9:55 pm

    Download combofix. It will get rid of the virus. Has worked twice for me on XP.

  98. H B says:
    November 29th, 2012 at 4:07 pm

    shutdown the infected machine, go to a different clean PC, download malwarebytes on a flash drive. disconnect the internet connection from the back of the infected machine. insert the flash drive with malwarebytes then power up the infected machine without a internet connection. the FBI virus depends on a connection to take control of the computer. once infected machine boots up in normal mode, save the malwarebytes to the desktop from the flashdrive.
    once on desktop, right click and intall and run a full scan of the machine. Malewarebytes will find 3 files, one file shuts down automatic updates the the 2 other files run the FBI screen block. once malwarebytes is done, delete the 3 trojan viruses and restart the computer. upon restart connect the internet and get a full update of malwarebytes and run full scan again. this should eliminate the virus. has worked for me on a XP machine and have used to maintaine many other computers. Once a computer has malware you have to disconnect the internet connection and download malwarebytes to flash drive from a different computer and run on disconnect PC to get rid of all maleware, then determine if there is registrey damage. If registrey is damaged you will need to reload the operating system. Best of luck to all, Best Regards, The PC Guru

  99. JWPCPlusMore says:
    November 29th, 2012 at 10:42 pm

    Hello I am a PC Tech and encountered a new strain of this FBI virus, has white screen with FBI logo demanding $200 to unlock. As stated above as soon as PC boots into windows pop-up comes up with no access to any programs as TASKMAN.exe is blocked and window will not close via alt-f4 or tab either. This new variation however also infected and disabled ALL SAFE MODES with or without networking including MS-DOS prompt upon attempting to use f8 and selecting any choice PC loads about 20 files and Blue Screens and restarts no matter which option is selected. So upon learning this new info any attempt fails for safe mode so I pulled hard drive and ran via usb adapter on another PC and had full access to files. First tried Malwarebytes in regular OS found 2 trojans removed and restarted rebooted in original pc and still infected. Next I tried several more times with malwarebytes in safe mode and then avast, and finally avast boot scan. Scanners always find new Trojans and cannot remove. Finally I tried to manually remove registry settings above as well as manually deleting file libraries listed above and anything looking suspect. Upon rebooting still infected. Ultimately had to use customer restore cd and re-format PC after exhausting any and all alternative avenues, After system restore computer is functioning normal and scans come back clean. Beware this new variation completely locks the infected PC down including access to safe modes and obviously has new core directories and registry keys so watch out.


  100. jAMIE says:
    June 13th, 2013 at 12:36 pm

    Hi, my laptop is exactly how you described its totally locked out. Thats all i can do is restart it, safe modes are not making no difference. im no computer expert what is the best thing for me to do please?

  101. JWPCPlusMore says:
    November 29th, 2012 at 10:50 pm

    Also to those simply re-stating that virus does not open without internet connection, you are wrong virus is still active and at least in my case the page still opens just says cannot be displayed like a webpage trying to be accessed without connection. empty page still does not go away and when crtl+alt+del are pressed no dialog box or options of any kind come up including anyway to logoff or get to that function. All you get the entire time the infected machine is on is either the FBI page when connected to internet or a blank page without connection. Any and all keystrokes do not pull up anything nor does it make the page go away. Maybe a new variant either way Its nasty and all above indications do not work. When PC shuts down FBI page disappears and you can see a bunch of boxes saying taskman.exe is blocked right before it shuts down. I could not find any way to interrupt the shutdown process as this is only possible when power button is pressed on front of case.


  102. Monica says:
    November 30th, 2012 at 9:59 am

    The virus also creates scheduled tasks to reinstall itself. The process used to close regedit, taskman, etc. was running under svchost and the local account.

  103. Monica says:
    November 30th, 2012 at 10:02 am

    I used process hacker 2.8 to close the offending svchost process.

  104. freddy says:
    December 3rd, 2012 at 5:54 am

    try this .. its using your web cam right ?

    go into device manager and disable your web cam .. you can always enable it later if you want to use it . and in the future his little program wont work will it .

  105. Ryan says:
    December 6th, 2012 at 4:44 pm

    I had it and fixed it by doing a system restore

    I fixed it by force shut down of my laptop (held the power button) then when it prompted me for either loading windows normally or opening in safe mode. I clicked safe mode and let my computer load. The virus did not pop up and so i went into the start menu and in the bar that says “Search Programs and Files” i typed in “System Restore” and pressed enter. It then opened up the system restore and after i clicked the Inital “Next” I had 4 for backup dates. I picked the one from the 27th and let the system restore do its job. I am now virus free and i double checked to make sure all files were removed and none could be found or located.

  106. Bentley says:
    December 6th, 2012 at 9:14 pm

    Why has the real FBI not gone after these parasites? This is extortion and these b**tards should be arrested. I fixed this by going to safe mode and using system restore. Disconnecting the internet was the only way I could access safe mode. Good luck to anyone unfortunate to be attacked by these idiots.

  107. david says:
    December 7th, 2012 at 6:45 am

    i was able to get back to a previous date with system restore, but dies anyone know if the virus is still there?

  108. LLP says:
    December 7th, 2012 at 2:04 pm

    I saw the virus download to my computer and was unable to stop it. It was the one asking for $200. Since then, I have tried booting my computer up with both Safe Mode with Networking and Safe Mode with Command Prompt but I received a screen dump that showed an entire screen of directory folders on my hard drive and then a blue screen stating the computer must be shut down. When I start up the computer in normal mode, I am unable to access the internet. Not sure what my options are at this point? Is there any software that can be purchased that would allow me to fix this without having access to the Internet?

  109. Timmy says:
    December 10th, 2012 at 2:27 am

    Same here, its the latest version of the virus that counters every single comment that said that they removed it.

  110. Marc R says:
    December 10th, 2012 at 10:27 am

    Having another login account will help in that type issues. You can run the antivirus save.

  111. Nick C says:
    December 11th, 2012 at 6:13 pm

    How To Remove The FBI Virus In Ten Minutes — Five Easy Steps (This works with any variant or version of the FBI Virus or FBI Moneypak Virus) —

    Step One (1) — UNPLUG YOUR NETWORK CABLE FROM YOUR PC (or temporarily disable your wireless connection) after powering down your PC. THIS IS THE KEY STEP, since the FBI popup window the virus uses to lock up your PC cannot activate without an online connection.

    Step Two (2) — Power up your PC with the network still disabled, and boot to Windows as usual. Ignore any warnings about loss of internet/network connection.

    Step Three (3) — Go to the “System Restore” utility that comes with every Windows PC (In my Win XP system, it was under “Start”, then “Programs”, then “Accessories”, then “System Tools”, then “System Restore”).

    Step Four (4) — In the “System Restore” utility, select “Restore My Computer To An Earlier Time”, then click “Next”. On the next screen, select the “System Checkpoint” for the day before the virus showed up on your PC. If you are not sure when the virus first showed up, select a date that is several days before you first noticed the virus. (NOTE: The PC automatically creates at least one “System Checkpoint” per calendar day.) Click Next, then click next again to confirm your selected “Restore Point”. This will delete anything that was added or altered on your PC after the selected “Restore Point”, INCLUDING ANY TRACE OF THE VIRUS!!

    Step Five (5) — As the System Restore utility reboots your PC, plug your network cable back into your PC (or restore your wireless connection). Your PC should then reboot and begin functioning as usual.

  112. chris says:
    December 20th, 2012 at 8:24 am

    This doesnt work. I went back to a restore point and its still there.

  113. Tommy says:
    December 13th, 2012 at 11:28 pm

    Got the virus yesterday. Computer was locked so I went to safe mode and ran Malewarebytes, Superantispyware and Mcafee scans. The virus still remained so I did a system restore and the problem was solved. Sometimes these viruses lock the safe mode and I use Iyogi techs to get them out.
    Hope this helps.

  114. Robert says:
    December 14th, 2012 at 3:43 pm

    My neighbor has gotten infected by this virus. But my question, is how can you download the program, if the virus wont let you connect to the interenet. I downloaded your app, to a floppy drive to usb port. Since his cd rom drive is malfunctioning. I tried the floppy for him, and it recognized the spyhunter app download, but again, how can you download the program if the virus wont let you connect to the internet. You need to create a disk, or floppy that can remove the virus. He has a Windows XP.

  115. eesparky says:
    December 16th, 2012 at 8:20 pm

    System restore works just fine.

  116. genius says:
    December 18th, 2012 at 2:04 pm

    yes it all sounds nice and well, but what would everyone of you do if fbi virus would block your computer in the safe mode and you wouldnt be able to run anything. then what?

  117. brandi says:
    December 5th, 2013 at 10:37 pm

    This just happened to me. Its a pain in the butt and I couldnt use safe mode networking or safe mode with command prompt. Heres what I did. When you computer shows the safe mode options, at the top there is another option and it is repair computer or repair system. Click on it and follow the directions. Pretty easy and takes maybe three minutes.

  118. Jeff says:
    December 23rd, 2012 at 6:07 pm

    Went to windows menu and typed files in the search bar. then clicked on restore system files and settings from a restore point. did it that way and found it to LITERALLY be the EASIEST and QUICKEST way to remove this nasty mofo. working great so far!

  119. dude says:
    December 23rd, 2012 at 6:54 pm

    FBI virus. No1 has explained to us that cant safe mode our systems. My system just keeps rebooting. It goes it the f8 screen after trying to enter any safe mode. Please help.

  120. saved! says:
    December 27th, 2012 at 12:29 pm

    everyone who said anything about system restore, T H A N K Y O U!!!!! worked like a charm!

  121. Tyler says:
    December 29th, 2012 at 7:08 am

    Tryed unhooking the network, tryed each safe mode and no matter what i try it, the damn thing pops up before the desktop is able to load fully, control alt delete never worked.

    Please help 🙁

  122. ems says:
    December 30th, 2012 at 2:19 pm

    Turn on my cmputer n press f8… went to system security n did a system restore and was able to remove the virus. 🙂

  123. Mike says:
    December 31st, 2012 at 11:03 am

    If I attempt a system restore will everything that is currently on my pc be deleted?

  124. Chris says:
    January 3rd, 2013 at 6:42 pm

    this is the third time I have gotten it, I pay the 200 dollars because I think the FBI will use the money to help us avoid the financial cliff.

  125. Bibhu says:
    January 10th, 2013 at 1:34 pm

    Well, Its easy how everybody mentioned that system restore and it got fixed. But my dear friends system restore is a temporary fix, what about program data, app data, registry, who is going to take care of those?

    Easy way to remove FBI or so as to any Malwares (When you havent done anything stupid)

    1. Shutdown the PC
    2. F8 – Advance windows Options- Choose Safe mode with networking
    3. Ignore anything pops up… launch IE or go to ftp to download mozilla firefox (
    4. Download Malwarebytes, Super antispyware, trojan remover, hitman pro
    5. Install and run the scans
    6. Launch msconfig look for alphanumeric entry or anything which looks weird, now launch registry (regedit) as could get the entry, right click on the entry and delete it.
    7. By now all the applications downloaded and installed should have detected the infections, delete.
    8. Boot your PC to normal mode.
    9. All Above the rest…. It may happen that integrity and attributes of the windows files are changed.
    10. You may try to do perform to do repair install getting into recovery console if you have the OS disc or you may contact your respective manufacturer.

    Its foolish to pay the scammers… innocent people open your eyes.

  126. Tomo says:
    January 11th, 2013 at 3:23 pm

    System restore did it for me. Safe Mode>Control Panel>Security>Restore Computer to a previous time

  127. neqbaby says:
    January 16th, 2013 at 9:07 am

    Im in safe mode i need help with thereboot

  128. neqbaby says:
    January 16th, 2013 at 9:23 am

    Some one please help

  129. Jaguar says:
    January 17th, 2013 at 2:13 am

    This is what I have done twice.

    Switch user to other account (if you have one, needs to be admin) and system restore.

  130. Gabe says:
    January 17th, 2013 at 5:14 pm

    Used malwarebytes and works great computer back to normal

  131. Bryan says:
    January 18th, 2013 at 10:53 am

    What a bitch…. Took up 4 hours of my day! Finally loaded SpyHunter 4 and it got rid of it. Hopefully for good.

    I always wonder if people are actually stupid enough to pay people on these scams though….

  132. Mike says:
    January 22nd, 2013 at 12:58 am

    System restore works perfectly. I have not notice anything differant from before

  133. andy says:
    January 22nd, 2013 at 7:46 am

    I paid the money and the stupid FBI didnt unlock my computer.!! Im going to write my congressman and give him a piece of my mind.

  134. General Drake says:
    January 24th, 2013 at 2:47 am

    ***FOR THOSE WHO CANNOT GET INTO SAFE MODE READ THIS*** Boot in safe mode WITH COMMAND PROMPT. Type rstrui.exe which will do a system Restore. Then repeat the process into safe with command prompt—Then type exit and the command prompt will exit. Immediately hit ctrl-alt-del to bring up task manager. From there you can hit file- New task run- and then BROWSE for Malwarebytes…then check the box that says Create this task with Administer privileges. This will allow you to boot in to SAFE MODE as you could not before. Run Microsoft Security Essentials and SpyHunter to finish.

  135. Gregory says:
    January 25th, 2013 at 10:26 am

    I would not have been able to fix without another computer to get helpful info. If you are reading this off another computer, these are the steps I took to fix the problem. Be patient and do all the steps.
    1. First, copy and print these instructions into a Word document and print out, or make sure you stay on this page and dont leave until finished.
    2. Disconnect your internet connection. Very important.
    3. Turn off infected computer and boot up. While booting up, continue hitting F8 key to get to Safe mode. Choose Repair Computer option.
    4. You are then going to do a System Restore at previous point. Go back to a previous point that you feel the computer was fine. I had to do this a couple of times to earlier dates, because it said it wasnt able to do it. IMPORTANT: It said that it wasnt able to do it, but continue on. It will still work.
    5. Re-start computer and you should be in Safe Mode. Remember, you are still not connected to the internet.
    6. VERY IMPORTANT!!! Now go to My Computer and open up System Properties, and then Remote Settings and then un-check the Remote Assistance, hit Apply, OK This is why you are unable to get online, because this box is checked.
    7. Now plug your internet connection back in after you unchecked the Remote Assistance from the previous step.
    8. Reboot and you should now be able to get online. You are not done yet because the Trojan virus is still on your computer.
    9. Go to Control Panel, Uninstall programs, highlight Java if you have it and uninstall. Get Java off your computer. This can be a problem.
    10. I used to use AVG Security but that started giving me problems. I went online and installed the free version of Microsoft Security Essentials (free download). Make sure you uninstall any prior virus protection before installing new virus protection.
    11. Whatever virus protection you are using, run a quick scan. There is a good chance it will pick up the virus. Get rid of any quarrantined viruses that your scan picks up.
    12. This is also VERY IMPORTANT! Next, go to and download the free version of this. This picked up one more of the Trojan virus that was left on my computer. I did some research before I downloaded Malwarebytes software and felt comfortable with doing this. I am not trying to have anyone download anything bad or any viruses. I am unemployed and could not afford to pay someone like Geek Squad to fix this. This worked for me and I hope it will help others. This took me about an hour and a half doing the downloads and figuring how to get to Safe mode. My computer is now fixed and running well. I will now be using Malwarebytes to help prevent this form of bad virusus from infecting my computer in the future. Good luck!

  136. stephen says:
    January 28th, 2013 at 5:47 pm

    I got the virus from a site called “Find A death”

  137. Rick says:
    February 13th, 2013 at 3:59 pm

    So its a virus I got that, but is it true about the whole charging yours with criminal charges and what not ? Ive best seen this virus before and Im freaking out! Someone please help

  138. dOOM says:
    February 28th, 2013 at 3:20 pm

    You can get away from the FBI virus by disconnecting your cable modem from the wall. Then use F8 to enter safe mode , F-Lock key if you need to swich so keyboards use it . Then run system restore . Fit it fast and free. Had the virus twice works everytime Cheers mate dOOm.

  139. n0rdz says:
    March 2nd, 2013 at 4:38 am

    Thank you Spotify for sending me this virus!

  140. Khan says:
    March 9th, 2013 at 12:33 am

    Way of u cant get past the FBI virus

  141. im annoyed says:
    March 9th, 2013 at 7:08 pm

    this is my second time i had it same version too the first time i just went to safe mode and took the battery out now it just wont go away

  142. Hef says:
    March 17th, 2013 at 9:50 am

    You can try all the cleaners you want the only way to get rid of it is to reload it but if you do not have it online or just unplug the Ethernet cord you can still use your computer so you can save pictures and such just DO NOT save your reg file or temp files just save what you need then reload it I have had 3 computers tried everything manual clean is a waste of time just do the save and reload save a lot of time in the end and the customer will be happy if theres not a lot to save but to save more time go to offline updates theres a time saver for sure so Have A Nice Day!

  143. Hef says:
    March 17th, 2013 at 9:57 am

    P.S. system restore is a joke if you use this your just asking for more trouble dont use it never will unless your in it for the money its a waste of time.

  144. Rick says:
    March 21st, 2013 at 1:13 am

    I use Malwarebytes Anti-Malware its free just have to update all the time

  145. Don says:
    March 21st, 2013 at 12:35 pm

    I think the scammers must be reading all the “fix-it” posts and modifing the virus on the fly. I got the virus yesterday (03-20-2013) on an HP Pavilion a262n desktop. When I try to boot, the HP splash screen is disabled so there is no way to get to safe mode or to the BIOS utility. Even with the Internet disconnected, I cannot gain control of my computer. When I do the Ctrl-Alt-Delete on the virus page, it wont allow the Task Manager to run and it I click Logoff, it goes to the Adinistrator Login box and asks for a Password (which, of course, I dont have) and then proceeds to shutdown or go back to the virus screen.

    Has anyone else had this happen to them and, if so, were you able to get a fix?

  146. Bob says:
    April 3rd, 2013 at 8:25 pm

    Running Windows 8? search google for a “Windows 8 booy-up Password forgotten” It will help creat a CD or USB that you plug in and run during bootup. Fixed mine by resetting the password to NOT be needed. Wondering what else may be wrong though.

  147. Monkeydog says:
    March 24th, 2013 at 12:06 pm

    I have a computer say that it cant restore when in Safe Mode.

  148. Monkeydog says:
    March 24th, 2013 at 12:12 pm

    Some of these people commenting on this webpage cant write a sentence if they tried. Is this pure laziness or are they iliterate? Also if you are going give directions on how to do something please give the exact steps on how to do something. Dont just say to put Malwarebytes on a USB stick, tell us how to put an updated version on the stick. When you download Malwarebytes it goes from the Internet to your C drive, it opens, you can update it but it is not on a USB drive. How do you get it there?

  149. PennGuy says:
    March 25th, 2013 at 9:42 pm

    General Drake,
    A HUGE thanks for your solution. I could not enter Safe Mode until I read your post.
    After system restore ran the computer rebooted itself and Wiindows started properly. I was then able to run Malewarebytes which detected and removed the remaining virus.

    Thanks again!

  150. Johnny reb says:
    March 28th, 2013 at 1:52 pm

    Hey this deal just happend to me im in in the middle a massive essay and i cant get to it how do i get it to a flash drive

  151. Sandra says:
    March 28th, 2013 at 7:19 pm

    I just had this virus removed by a technician who said he hadt seen the FBI virus as sophisticated as this one on my computer. It had the green dot moneypak attached, requring $300 and a few photos in its window of porno. My screen shortly went white and only through safe mode (with another account), could I even see anything but was totally kicked out of any internet connection. The technician removed it the first time, susppecting it was gone only to have everything he removed, suddenly reappear through an arbitrary system restore that removed all fixes and brought the computer back to it being overtaken by the virus. After a second fix, he deleted all restore points and more in-depth removals and so far, so good……but who knows? He told me to never go on to any coupon sites, that theyre notorious for storing this virus in their backgrounds. Also, a lot of music and gaming sites are popular for this virus. I thought I considered myself a safe surfter and always keep my Norton Antivirus current which was another thing he told me…that Norton is far less superior to other programs and told me to consider the pay version of AVG which Ill get when my subscription with Norton is done. And one other suggestion he couldnt say enough times to me was to never download the other free malware, antispyware free programs that are notoriously imbedded with this virus?

  152. Shiruba says:
    March 30th, 2013 at 1:47 pm

    A friend of mine got infected with the just yesterday, It would automatically shut down if you booted it into safe mode….. I removed his HDD and externally connected it to my computer scanned it with malwarebytes took it right off, of course upon replacing his HDD I recommended he do another scan himself.

  153. Javier says:
    March 30th, 2013 at 10:14 pm

    Thanks everybody!!! Did a reboot and restore system to a previous date and….Boom……..Gone!!!!

  154. Raf says:
    April 30th, 2013 at 11:25 am

    my safe mode doesnt work what should i do

  155. Max says:
    May 1st, 2013 at 3:10 am

    Thanks for the advice on system restore, especially from General Drake and Gregory! I couldnt get into safe mode no matter how many times I tried. Even restoring the computer to one single point didnt work. I had to do a system restore 4 times before I could go back to a point without this annoying virus, and the last time that worked was when I went into safe mode with command prompt and typed in “rstrui.exe”. After that, windows started up normally. Thanks for the advice everyone, this saved my time!!!

  156. SSN says:
    May 9th, 2013 at 11:23 am

    I was simply working on a paper for a college class, logged in to my distance learning, and used a reference site that infected me, I guess my antivirus was weak. Fortunately I didnt lose much as I didnt have pictures or anything stored on my laptop, but I ended up having to completely start from scratch, losing anything unsaved this past month, bookmarks, etc…as no other options let me access my computer after it became infected. I tried EVERYTHING, I couldnt go to previous date fix, lets just say I tried everything, everything to outsmart the virus and I was stuck. I dont have the option of taking it in to be fixed as I dont have the cash for that. The virus took a pic of me via my webcam and added it to the warning information, ironically the same day a bot call was sent to my parents landline number requesting me by name and I dont think its coincidence. This is annoying and frustrating…if they got my pic via webcam, I am wondering if they got my personal info off my school profile as well and thats how they have my name and parents number. Stupid ransomware sucks!! The accusations were insulting!! The whole scam is insulting, these people who do this are small minded lazy people who dont want to work for an honest dollar. I am a single mother putting myself through college to make a life for me and my kids and these people live off scamming others, its criminal is what it is!!

  157. Adrian says:
    May 15th, 2013 at 3:15 pm

    After trying several removal techniques with no succes I finally found something that worked. Here are the steps:

    When confronted with the FBI locked screen press cntrl, alt, and delete simultaneously and hold until the screen turns blue with a short list.

    Click on the little red button in the corner and select restart

    Keep pressing F8 button repeatedly until you see the windows advanced option menu

    Click on repair computer

    Choose your preferred language

    Choose your administrator account and password and press “ok” to continue

    For Windows Vista or 7 click on system restore option

    At the next screen click next

    At the next screen choose a restore point before your computer was infected and choose next

    At the next screen confirm, then click finish

    Wait for system restore process to finish

    Click restart computer

    Update antivirus and run a FULL scan immediately


  158. Blue says:
    June 15th, 2013 at 12:05 am

    Thanks, Andrian. My computer is restored successfully.

  159. Bill says:
    May 15th, 2013 at 11:56 pm

    Its work for me. Thanks!!!

  160. Geokajo says:
    May 16th, 2013 at 2:19 pm

    After removing the FBI virus manually delete all restore points and manually create a new restore point.

  161. eddie says:
    May 23rd, 2013 at 6:10 pm

    Thanks adrian your method worked perfect

  162. Jeezus says:
    May 25th, 2013 at 3:29 am

    None of the methods above work for me…seems as though I got an “upgraded” version of this…any other suggestions? 🙁

  163. Jeezus says:
    May 25th, 2013 at 4:39 am

    Put Windows install/repair disk in a USB connected DVD drive. Chose to repair, restore from previous settings. Picked a point about a month before. Worked like a charm. Running HitmanPro now. Found 7 threats so far… :/ was working on finishing an action plan for teaching about anti-bullying at the community center tomorrow. Spent all night trying to fix the computer. Sigh

  164. Mata says:
    May 29th, 2013 at 6:49 am

    I never but never trust FbI or CIA
    And I did not do nothing wrong
    Only The Rats does

  165. trevor says:
    June 4th, 2013 at 1:25 am

    so i did a system restore and it didnt work any other opions?

  166. Ashley - 13 year old says:
    June 6th, 2013 at 12:39 am

    My computer has an different virus yet the same words… this didnt really help me :(. It said I had child pornography and abuse…. all I had was pictures of me and my family and my friends! How did I get this virus? Im not paying no 200 dollars for something I didnt do. Please help me…

  167. Ashley - 13 year old says:
    June 6th, 2013 at 12:45 am

    oh my goodness! I went on my laptop ( with virus on it ) and it deleted my internet explorer, firefox, and google chrome! I HAAAAAATE this! what do I do? Now it just made things worse.

  168. SAM says:
    June 6th, 2013 at 1:08 pm

    Since FBI virus is account specific. I have a better fix which needs no involvement of changing values in registry .

    1st attempt it goes to safe mode and runs scans > in a few days the issue reoccurs and will not allow booting to safe mode ,as in safe mode the system will have either the popup or the system will shut down

    What I am suggesting is:
    1. To go to safe mode with command prompt
    2. Type explorer .exe in the command prompt
    3. Click start > go to control panel > user accounts > create a admin account
    4. Restart computer and enter the new account
    5.Copy the data over and delete the new account first using the option under manage account
    6. Delete the physical folder under C:users

    Issue will be fixed

  169. Mikecorky says:
    June 11th, 2013 at 10:08 pm

    Ive had this virus and also a friend of mine had it too. Both times logging into Safe Mode then doing a system restore a few days earlier fixed the problem. My friend got it again and now it doesnt allow Safe Mode. Her pc will boot to Safe Mode but then immediately shut down.

  170. Cheriann says:
    June 12th, 2013 at 7:50 pm

    So when this happened to me, my fiancee just restarted the comp with no internet, made a new user with admin, deleted the old user, and now I can use my computer again. Does this mean the virus is fixed or…?

  171. Blue says:
    June 15th, 2013 at 12:00 am

    I am doing it right now exactly what you said. It is restoring files. Wow! It worked! My computer can restore completely. Thanks so much.

  172. Deb G says:
    June 25th, 2013 at 11:45 am

    This virus is a pain–after 4 days finally deleted it–Went to safe mode, bought Spyhunter 4 & registered it, ran scan–fixed 620 issues, including this FBI virus–money well spent. Important, because if you get it again–have this program to delete it again. I got this 3 times over the weekend–now, finally gone with this program..nothing else worked.. What a relief….

  173. Hunterdon says:
    June 30th, 2013 at 7:44 pm

    Going in the safe mode (by pressing F8 key at the startup in Windows 7) and using restore, I was able to get my computer working again.

  174. Scott says:
    July 13th, 2013 at 6:32 pm

    I got this screen lock FBI which locked up my Acer C7 Chromebook. It wouldnt let me close out the page so I used my mouse to shut the computer down. Stated it backup with another account had no problem. Signed out of that Identity and used my regular Icon everything was fine. I guess the OS residing on the cloud offered me extra protection.

  175. dragon says:
    July 21st, 2013 at 6:03 am

    so i got the fbi virus pop up. i use pale moon as my web browser. it let me close the pop up and it didnt freeze up? im confused. is the virus on my computer or not? everything is working fine it seems. so whats going on???

  176. Jake says:
    July 23rd, 2013 at 9:01 pm

    I had the FBI virus I was really concerned and scared that I never would get my computer to work again. So I took it down to best buy and I payed the $200 and I never seen it again. it was all worth it.

  177. Chris says:
    August 11th, 2013 at 3:08 pm

    1) Downloaded this —> (Malwarebytes Anti Malware) on a different computer
    2) Saved it on my Flash drive
    3) Restarted my computer into safe mode
    4) Launched the Malwarebytes Anti Malware program
    5) Restarted computer again and the Virus was Removed


  178. VIRUSSLAYER says:
    August 25th, 2013 at 11:20 pm



  179. pavan says:
    August 26th, 2013 at 6:46 am

    Hi. is this a new virus link i got it….please help me

  180. Anouymous says:
    August 30th, 2013 at 10:31 am

    Listen to this Guy! Helped out sooo much! THANK YOU!!!!!!!!!!!!!! But instead of deleting the account and making a new one just make a new one and scan the computer with MalwareBytes Anti-Malware.

  181. Oj says:
    September 28th, 2013 at 12:42 pm

    I am unable to get past the FBI screen and to my desktop in safe mode. is there a workaround?

  182. awesome says:
    November 16th, 2013 at 7:20 pm

    loging off and then cancelling is working so far on windows 7 , hopefully it all comes out.

  183. sujit says:
    December 23rd, 2013 at 7:23 am

    Hey check this fix for FBI virus.

    It helped 1000s.
    will help you too.
    Like, Share, Comment and help your friends also.

  184. nissa says:
    November 12th, 2014 at 6:37 am

    Anyone have easy steps to remove off galaxy in safe mode to delete the program but its not allowing me to uninstall or force stop. Help

  185. Dustin says:
    November 28th, 2014 at 12:00 pm

    I literally had this happen to me about an hour ago. I pulled my sd card, and reset my phone. U have to be quick about resetting it also otherwise you have to pull the battery and try again. When you get to the reset screen keep hitting the reset button. Itll still take you to the “FBI” screen but then will start the reset process.

  186. Dustin says:
    November 28th, 2014 at 12:03 pm

    I had to reset my phone. This happened to me an hour ago.

  187. tyler says:
    December 27th, 2013 at 1:59 am

    hi just want to thank you very much for this info when i saw that website i freaked out knowing that i havent pirated anything.
    I though i was being blamed but to discover it is a scam!!!
    some people are just horrible low down pieces of ****
    so thank you once again

  188. Derrick says:
    March 4th, 2014 at 5:26 pm

    Thank you for the help. My virus quit when I restarted my computer. It said I had a $500 fine.

  189. BigJohnson says:
    April 3rd, 2014 at 3:36 am

    Here is how you prevent this from happening again. If you run your browser Incognito mode files are not saved to your computer. So if the window pops up with the FBI warning, simply hit- cntr alt del and bring up the task manager, then force shut down of browser window. End of problem, restart the browser and reopen incognito window.

  190. Mike Hawk says:
    June 10th, 2014 at 12:28 pm

    How do you get the virus off your cell phone.

  191. Dustin says:
    November 28th, 2014 at 11:57 am

    I literally just had this happen to me. I had to pull the sd card then reset my phone. Hope this helps.

  192. jeff says:
    September 28th, 2014 at 10:30 pm

    I have a Samsung 10.1 notebook infected by the fbi virus, what can I do

  193. blastwave7 says:
    October 29th, 2014 at 2:24 am

    Thanks Romeo. Super simple. Gotta try on XP the same way thru command prompt and remove from parents computer. What we have to do is develop a counter-malware that infects the infector at installation. Were working on that but could always use input. Thanks again.

  194. syed says:
    December 27th, 2014 at 1:21 am

    Please can anyone help me.. My HTC616 is affected with FBI virus and ask me to pay $500. I have restarted my time with and without memorycard. Please give solution or drop me an email at

  195. aaliyah says:
    January 3rd, 2015 at 5:30 am

    thank you the unstalling worked

  196. cc says:
    February 9th, 2015 at 8:36 pm

    How can I get it out of a Kindle

  197. rowdg says:
    April 5th, 2015 at 10:03 pm

    how to unlock rca tabletwth fbi virus on it

  198. ce says:
    July 3rd, 2015 at 12:55 am

    This happend to my android tablet but it didnt log me off what does this mean…plz help im so scared

  199. ce says:
    July 3rd, 2015 at 1:30 am

    If i reset my tablet and do a new account will it go away. Plz reply

  200. william newton Lee says:
    July 30th, 2015 at 1:40 pm

    why would my neibors want to hack my book reader or my posts on line? in douglas arizona

  201. denise says:
    August 4th, 2015 at 8:52 am

    Hi I have a samsung galaxy s6 and an FBI virus scam is on my screen demanding 500$ or they will notify my contacts. I have contacted the FBI and they assured me that this is a scam. However, I am unable to get this off my screen. I am only able to turn off my phone. When it reboots it asks for a code. I dont have that unlock code. And I pray that … thaT is all that is needed to remove this darn thing. PLEASE HELP ME

  202. Look says:
    November 3rd, 2015 at 10:28 pm

    If this happens turnoff your phone and turn it back on. As soon as it opens unlock it go to your administrator drive or your storage whatever you want to call it immediately. There delete the apk. That has a suspicious name as said above.

  203. Adrian says:
    December 31st, 2015 at 8:18 pm

    FBI Whitescreen… Completely locked out while my daughter was on facebook. Already corrupted startup and I cant go into safemode. Is my laptop trash now?

Your opinion regarding FBI virus