*Please note this may be difficult for some users and there are other options to scan your hard drive during complications.This is a common practice for local computer technicians.If your computer is infected with the FBI virus it may become locked and a full-screen window may appear that claims to contain a message from the FBI. Download and Install CCleaner by Piriform to cleanup junk files, repair your registry, and manage settings that may have been changed. When the scan is complete click the Fix selected issues… Please note the infection will have a random name for the process [random] which may contain a sequence of numbers and letters (ie: USYHEY347H372.exe).The fake FBI message usually claims that the computer was used illegally and in order to avoid jail-time or other consequences the computer owner must pay a fine via Greendot Money Pak cards, UKash Vouchers, REloadit, Ultimate Gaming Cards, Bitcoins, Pay Pal, or other online payment or credit sources. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Current Version\Run\[random]HKEY_LOCAL_MACHINE\SOFTWARE\FBI Moneypak Virus HKEY_CURRENT_USER \Software\Microsoft\Windows\Current Version\Policies\System ‘Disable Registry Tools’ = 0 HKEY_LOCAL_MACHINE \SOFTWARE\Microsoft\Windows\Current Version\policies\system ‘Enable LUA’ = 0 HKEY_CURRENT_USER \Software\Microsoft\Windows\Current Version\Internet Settings ‘Warn On HTTPSTo HTTPRedirect’ = 0 HKEY_CURRENT_USER \Software\Microsoft\Windows\Current Version\Policies\System ‘Disable Regedit’= 0 HKEY_CURRENT_USER\Software\FBI Moneypak Virus HKEY_CURRENT_USER\Software\Microsoft\Windows\Current Version\Run ‘Inspector’ HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Current Version\Uninstall\FBI Moneypak Virus HKEY_CURRENT_USER \Software\Microsoft\Windows\Current Version\Policies\System ‘Disable Task Mgr’ = 0 HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\Current Version\Image File Execution Options\HKEY_CURRENT_USER\Software\Microsoft\Windows\Current Version\Run\Inspector %App Data%\Protector-[rnd]HKEY_CURRENT_USER\Software\Microsoft\Windows\Current Version\Internet Settings\Warn On HTTPSTo HTTPRedirect 0 HKEY_CURRENT_USER\Software\Microsoft\Windows\Current Version\Settings\ID 4 HKEY_CURRENT_USER\Software\Microsoft\Windows\Current Version\Settings\UID [rnd] HKEY_CURRENT_USER\Software\Microsoft\Windows\Current Version\Settings\net [date of installation] HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Current Version\policies\system\Consent Prompt Behavior Admin 0 HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Current Version\policies\system\Consent Prompt Behavior User 0 HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Current Version\policies\system\Enable LUA 0 HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\Current Version\Image File Execution Options\HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\Current Version\Image File Execution Options\AAWTray.exe\Debugger HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\Current Version\Image File Execution Options\HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\Current Version\Image File Execution Options\AVCare.exe\Debugger HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\Current Version\Image File Execution Options\AVENGINE.Even if you dont ask me I'll still tell you it was an extremely solid way to kick off 2015.
All these arab wife's are waiting for you, they want to show off how hot they actually are. Now, move on to the next steps (which is not a necessity if you removed the file above but provides separate options for troubleshooting). If you still can’t access the Internet after restarting in safe mode, try resetting your Internet Explorer proxy settings. It is now recommended to download Malwarebytes (free or paid version) and run a full system scan to remove FBI Moneypak malware from your computer if you do not have this application on your system.These 2 separate options and following steps will reset the proxy settings in the Windows registry so that you can access the Internet again. Click Lan Settings button and uncheck the checkbox labeled Use a proxy server for your LAN. “You may need an old school keyboard (not the USB, but the PC connector type) since the virus delays the USB startup. This virus is somehow complex, but is no match for Windows Defender.After the scan is complete, run again a full scan without a restart.” If you are having complications with Anti-Malware software a suggestion would be to slave your HDD, then proceed to scan.You will need a second operating computer and tools to remove your hard drive.
The FBI virus is still around but a lot has changed.