Fake FBI Computer Lock Message

This fake message claiming to be from the FBI (Federal Bureau (of) Investigation) was created by some group of cyber hackers, is easy to fool non-experienced casual computer users, but if you're like me, and you are very experienced in the field of computers, you should know better.

This message is a type of Ransomware virus. It will "Hijack" your computer to perform how the creator(s) programmed it to be in the hopes of scaring you into paying them a certain amount of money.

This particular virus was implemented into a lot of copies of well known software. It is not uncommon for people to get this message. It makes your computer start up a realistic-looking lock message telling you that your computer screen is being monitered. It will also give you multiple fake "offences" you have commited. Some of them might be illegal Gambling, Downloading illegal software/music/movies/art, or downloading other copyrighted material.

On the right hand side, it will tell you that you can unlock your computer and prevent this from happening again by purchasing a money card of 200USD and entering it's code here. Keep in mind, this card is real, and if you enter the code, they WILL get the money, but your computer will still be locked. Now, the difficulty of fixing this varies on your computer. On my Windows XP, I just had to click "Shutdown" in the startup menu, it then said that it is attempting to shut down a program called "DEACON." I clicked the X on the window before it finished. I then had the virused program moved to the vault. I then went to the vault, and I un-installed all programs that were in it.

But this just happened to work on my computer. On some computers, it can be much more difficult to "kill" the virus. But before you go out and pay someone to delete it for you, or buy a new computer, read the steps on how to delete the virus from your system

Step 1: Run your computer in safe mode and then open up Command Prompt.

Step 2: Once in Command Prompt, type in the following:

reg delete hkcu\Software\Microsoft\Windows\CurrentVersion\Policies\System /v DisableRegistryTools /f

and press enter

Step 2: Type in the following:

reg delete hklm\Software\Microsoft\Windows\CurrentVersion\Policies\System /v DisableRegistryTools /f

and press enter

Step 3: Run regedit.exe You can either use Command Prompt to go to it, or use Run to.

Step 4: Remove NoDesktop from the tab HKCU>Policies>Explorer

Step 5: Remove DisableTaskMgr from the tab HKCU>Policies>System

Step 6: Remove HideIcons from the tab HKCU>Explorer>Advanced

Step 7: Set Explorer.exe as shell in HKLM>Winlogin

Step 8: Remove shell from HKCU>Winlogin

Step 9: Find the perimeter with the odd name in HKCU>Installed Components, copy it, and search for it in HKLM>Installed Components. Remove the perimeter in both HKCU and HKLM.

Step 10: Restart your computer

If you do not have the time to do this, you can download this Automated Ransomware Remover