Aim: get easy money
Target: enterprises and individuals
Attribute: Ransomware
Hazard index:
FBI Online Agent Android virus belongs to what we call ‘MoneyPak virus’ which contains FBI virus, Department of Justice virus, United State Cyber Security virus and the Firewall of the United States. ‘FBI Online Agent Has Blocked Your Computer/Android Phone for Security Reason’ warning message demands a $200 MoneyPak payment as a ransom for actions violating laws on copyrighted material to be put on the state’s account, claiming which will unblock the sealed screen in 1 to 48 hours.
‘FBI Online Agent Has Blocked Your Computer/Android Phone for Security Reason’ message is totally fraudulent, though it lists down several Articles, detected files that are claimed to be copyrighted ones improperly downloaded/ viewed; shows details on address, responsible agent, emails. Please bear in mind that no State department will collect ransom in such informal way by suddenly locking down the whole screen. Once the demanded amount of money is submitted, there will be little chance that the hacker will help unblock ‘FBI Online Agent Has Blocked Your Computer/Android Phone for Security Reason’ fake message.
Just like Ukash, MoneyPak, also known as greendot MoneyPak, is a prepaid card which has been widely considered to be a convenient way to complete a purchase without bankcard/ credit card mainly in U.S.A.. It features itself with functions like reload a prepaid card; add money to PayPal; make a payment; add funds to serve and cash deposit. Because of its conveniency, many reputable financial commodities have made cooperation with it, such as Paypal and metroPCS, and it has made itself as the most competitive prepaid card again Ukash.
MoneyPak payment method can be deemed as a secure payment. However, more and more fake police Android virus turn to use it to make them more convincible as well as assure that real money will be transferred into their pockets. Without the strict regulations on online account, it is quite difficult for police to trace down the real hacker behind ransomware. For this reason, ‘FBI Online Agent Has Blocked Your Computer/Android Phone for Security Reason’ employs MoneyPak payment method.
By virtue of Trojan, ‘FBI Online Agent Has Blocked Your Computer for Security Reason’ virus is capable of overwriting the original vicious file after encrypting the original codes into another folder placed in the protected area by Windows. Hence, anti-virus programs will not able to remove FBI Online Agent virus even after deleting all detected items as detected items are fake ones. There is another worrisome characteristic of ‘FBI Online Agent Has Blocked Your Computer for Security Reason’ virus which is the ability to form a backdoor. After injecting its registry entries into database of a system, FBI Online Agent virus manages to manipulate the configuration to its satisfaction to shape a hole which can be easily exploited by deadly virus, leading to irritating consequence where search results are hijacked/ redirected frequently, surfing experience is ruined by ceaselessly pop-up ads; computer is running sluggishly; etc.. To crown it all, the hole is made use of transmitting vicious code to threat victims to quickly hand over money by further corrupting the target computer:
The helping procedure can be cumbersome since FBI Online Agent virus manages to disable build-in services by arbitrarily modifying the kernel part of a machine. Anyway, the solution will stand a larger chance to help regain functional computer than submitting heavy money. Get down to unfreeze ‘FBI Online Agent Has Blocked Your Computer for Security Reason’ message by strictly following the steps now.
One: Enter into ‘Safe Mode with Networking’ to see if it is available; if so, remove ‘FBI Online Agent Has Blocked Your Computer for Security Reason’ virus there.
1. Click “start”.
2. Put ‘regedit’ in Run box and press Enter key.
3. Press and hold Ctrl+F to search for Winlogon.
4. Anckor the key labeled Shell in the right pane.
5. Right click on it and replace it with ‘explorer.exe’ to help remove ‘FBI Online Agent Has Blocked Your Computer for Security Reason’ virus.
Two: Enter into ‘Safe Mode with Command Prompt’ if ‘Safe Mode with networking’ is down.
ⅠEnter into Safe Mode with Command Prompt.
at the right bottom together.
Create a new user account with administrator right.
Three: All forms of Safe Mode become useless.
1. Put Windows 7 CD in your optical drive.
2. Restart to boot from the DVD.
3. On the “Install Windows” screen, select for appropriate language, time and keyboard before clicking on “Next” button.
4. Click “Repair Your Computer” on the next screen.
5. When led to“System Recovery Options” screen, select the operating system you want to restore if any listed, and click “Next”.
6. Select “Startup Repair” when “System Recovery Options” screen shows up.
You will see the picture below:
Click on Startup Repair and let the wizard finish.
It is perfectly normal that the computer restarts after it finishes the process.
Many people would like to know the ways to prevent FBI Online Agent virus. Before that, we need to know the dissemination routine of ‘FBI Online Agent Has Blocked Your Computer for Security Reason’ virus. Nowadays as computers are connected by Internet, network has become the main source to be commonly utilized for virus invasion and propagation. Should there be any vulnerability on web applications, it becomes more likely to be infected with ‘FBI Online Agent Has Blocked Your Computer for Security Reason’ virus. The secondly popular way for such ransomware to plague PC users is to cheat users to download Flash Player/ Adobe by popping up fake message that looks just exactly like the genuine one. Also, there are other ways to help ‘FBI Online Agent Has Blocked Your Computer for Security Reason’ virus get into a computer, they are:
(1) sending links pointing to poisoned sites or fraudulent sites offering download service through instant message;
(2) sending luring but vicious links that would download virus codes upon a click is made by emails making up by hackers;
(3) streaming videos, especially the ones containing pornographic content, on either reliable or unreliable resources.
Therefore, we can take some steps accordingly to prevent getting ‘FBI Online Agent Has Blocked Your Computer for Security Reason’ virus:
Download up-to-date patches for installed browsers/ programs/ Windows and put them into practice.
Do not click open any attachments in an Email sent by strangers.
Do not accept or run files/ documents sent through chat tools casually.
No visit to unknown foreign web sites, especially the ones containing pornographic content or offering video downloads.
Besides, we should also enhance secure coefficient by:
activating Windows Firewall or the ones produced by other reputable anti-virus programs.
employing IDS (Intrusion Detect System) to analyze collected information on computer networks or computing system in an attempt to help detect any action violating security policy and sign of under attack.
utilizing Web Monitor to achieve real-time understanding of the online environment, making it possible to be far away from vicious situation before getting virus.
updating virus signatures on a regular base.
blocking connections to vicious web sites at gateway.
Conclusion:
Ransomware including ‘FBI Online Agent Has Blocked Your Computer/Android Phone for Security Reason’ virus has become one of the most severe problems in western countries. The occurrence of ransomware is on the rise. What makes the situation even worse is that encryption algorithm ransomware uses is getting complicated and highly insured, reaching the extremity of modern cryptography. As a consequence, PC and Android users manage to remove ransomware away without getting their encrypted files back. Because of this, there are some PC and Android users willing to submit the money so fix in the fraudulent message. As far as we have learned, no more than 1% PC users who paid the non-existent fine obtain back their encrypted documents. In such case, it is highly recommended to backup cherished documents at ordinary times.
