Share via

FBI Virus; How to

Anonymous
2012-12-08T14:04:27+00:00

friend has fbi virus. i know files to delete, but can't get to command prompt

Windows for home | Other | Security and privacy

Locked Question. This question was migrated from the Microsoft Support Community. You can vote on whether it's helpful, but you can't add comments or replies or follow the question.

0 comments

Answer accepted by question author

  1. Anonymous
    2012-12-09T12:44:40+00:00

    See this :

    http://123seminarsonly.com/Blog/how-to-remove-fbi-moneypak-virus

    To remove this infection you need to start the computer in safe mode.

    After that Delete the FBI MoneyPack Virus Files

    Windows Vista/ 7

    C:\Users{User Profile}\AppData\Local\Microsoft\Windows[Random]\ [Random.exe]

    C:\Users{User Profile}\AppData\Local\Microsoft\Windows\ [Random]

    C:\Program Data\lsass.exe

    C:\Program Data[Random.exe]

    C:\Program Data\csrss.exe

    C:\Users{Your User Name}\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ctfmon.exe

    Windows Xp

    C:\Documents and Settings\ {User Profile} \Local Settings\Application Data\Microsoft\Windows[Random.exe]

    C:\Documents and Settings\ {User Profile} \Local Settings\Application Data\Microsoft\Windows[Random]

    C:\Documents and Settings{Your User Name}\Start Menu\Programs\Startup\ctfmon.exe

    C:\Windows[Random.exe](eg. Pmfjyiaj.exe)

    MORE IMPORTANT THING DON'T FORGOT TO DELETE ALL THE TEMP FILES ON THE COMPUTER.

    In order to avoid all this type infections from the internet please remove the temporary files from the computer daily. 

    Please use the following method to remove those temporary files.

    1.      Press “Windows” and “R” keys simultaneously on your keyboard.

    1. In the text box in the Run window, type %Temp% and click OK. A folder full of files and other folders will appear.

    All of the folders and files you see in this Temp folder are no longer being used by Windows and can safely be deleted.

    1. To remove individual folders or files, hold down your Ctrl key while left-clicking on each item you want delete. Release the Ctrl key when you're finished.

    To delete these items, hit your Delete key or choose File and then Delete from the menu.

    1. Confirm that you want to delete the files by clicking Yes on the Confirm Multiple File Delete window that opens.
    2. If you'd instead like to remove everything inside the Temp folder, choose Edit and then Select All from the menu.

    Note: If you're prompted that there are hidden files in this folder, just click on OK to bypass the message. A few hidden files hanging out in the Temp folder probably aren't important enough to worry about.

    1. Now that all of the files and folders are selected, hit your Delete key or choose File and then Delete from the menu.
    2. Confirm that you want to delete the files by clicking Yes on the Confirm Multiple File Delete window that opens.
    3. After all of the files have been deleted you can close the window and empty your Recycle Bin, permanently removing the files from your PC.

    Tips:

    1. You may receive a Error Deleting File or Folder message while the files are being deleted. This just means that one of the files is in use by a program right now. Click OK, close all open programs, and repeat the steps above. If you still receive the message, try restarting your PC and repeating the process again.

    Find the step by step removal instructions here.....

    http://malwaretips.com/blogs/remove-fbi-alert-moneypak-virus/

    http://123seminarsonly.com/Blog/how-to-remove-fbi-moneypak-virus

    1 person found this answer helpful.
    0 comments

Answer accepted by question author

  1. Anonymous
    2012-12-08T15:11:29+00:00

    friend has fbi virus. i know files to delete, but can't get to command prompt

    http://ask-leo.com/how\_do\_i\_remove\_a\_virus\_if\_it\_prevents\_me\_from\_download\_or\_installing\_anything.html

    Sometimes this works if you can get into Safemode....you can't get in there thru Sys Config Utility either?

    Try going into Safe Mode, download/install/run Malwarebytes Free:

    Go to www.malwarebytes.org and download, install, update and run the free version – just follow the prompts.  Select Download Free – at the end of the installation is a dialog with 3 check boxes:  The first option is to Enable Free Trial of Malwarebytes Pro and you must uncheck the first option to install the free version without real time protection enabled.   You may need to rename the installation file to 123.exe or something similar to prevent the malware from disabling/blocking the installation.  Or you might want to download the installation file to a flash drive or CD and then install Malwarebytes on the infected computer.

    And/Or

    One of the Answers Forum users maintains an excellent guide on computer security matters to include removal of this “ransomware.”  See the following compliments of  Brian M- for suggestions on how to resolve your problem: http://www.selectrealsecurity.com/remove-ransomware/  Brian includes a discussion about the new Hitman Pro procedure to combat such infections using http://www.surfright.nl/en/kickstart which is also available as a trial download.

    And/Or

    See: http://malwaretips.com/blogs/remove-fbi-alert-moneypak-virus/

    Hope this helps...

    0 comments

0 additional answers

Sort by: Most helpful
Most helpful Newest Oldest