FBI VIRUS

What is the FBI Virus?

The FBI virus is a malicious bit of code generally contracted via the internet from pornography websites, underground websites, or even legitimate websites that have been compromised. The virus can also be contracted via an external device such as an external hard drive or USB thumb drive.

The virus will first hijack your internet browser, appearing that you’re unable to close it.

This is an example screen shot of the FBI virus. Unfortunately, the virus has several different variations. As you can see, the virus will display your IP address, threaten criminal suites, and in some cases display your webcam for an extra scare.

Depending on the variation of FBI virus you’ve contracted, there will be different steps involved on how to remove it. I will discuss the most common.

FBI Virus Removal Process

First we need to get your computer into a reasonably safe environment to remove it. Reboot your computer and tap F8 repeatedly until you’re given the follow options.

Your computer should be displaying these options. Choose “Safe mode with networking”. We will need the internet to update our tools. Some variations of the virus will not allow you to boot into Safe mode with networking, and will require you remove it externally or via safe mode with command prompt.

After logging in successfully in safe mode, download ComboFix onto a thumb drive, and insert it into your computer. Follow the prompts given by ComboFix (you may need to update it).

After ComboFix finishes running, it will restart your computer and will have hopefully removed the FBI virus desktop takeover.

We recommend a scan with Malwarebytes and ESET NOD32 after running ComboFix to cleanup any residual infected files. Be sure to update to the latest virus definitions to ensure the programs are scanning for the latest malware threats.