Jump to content
Login new information ×
Login new information

FBI Cybercrime Division Virus

Knightmare

By Knightmare
in Software Chat

 Share

Recommended Posts

Knightmare

Knightmare

Posted
Posted

My friend's computer was infected with this virus. They are running Windows 8 and they were on a site that doesn't even sound real. Anyway, I ran my typical scans to remove the infection, but the scans do not detect any infected files. The weirdest part is that the virus is affecting the IE app on the start menu only. If I access IE from the desktop, it works fine. Is there a way to uninstall and reinstall the IE app? I tried looking online but had no luck in finding a solution.

fbi-cybercrime-division-virus_1.png

Link to comment
Share on other sites
  • Replies 8
  • Views 1.6k
  • Created
  • Last Reply

Top Posters In This Topic

  • Knightmare

    3

  • mike.mt

    2

  • SnakeMasteR

    1

  • jackieo

    1

Popular Days

Top Posters In This Topic

Popular Days

Popular Posts

cruelsister
cruelsister

These ransomware trojans basically act in the same way. When the initial file is run, it will spawn off a payload which causes the system freeze usually in the directory Users/(whatever the computer n

locolol

locolol

Posted
Posted

A few weeks ago I removed a variation of it booting with Hiren's Boot CD (Mini XP) and then using:

RogueKiller

Rkill

AdwCleaner

Junkware Removal Tool

(Before that i tried to use the Hitman-Kickstart method but no luck)

Hope it helps -_-

Link to comment
Share on other sites
cruelsister

cruelsister

Posted
Posted (edited)

These ransomware trojans basically act in the same way. When the initial file is run, it will spawn off a payload which causes the system freeze usually in the directory Users/(whatever the computer name is)/App data/Roaming. You will see either an exe or a dat file there. Sometimes it may be in Users/(whatever the computer name is)/App data/Roaming/Microsoft.

The problem is that most of these things will also start up in Safe Mode, so no help there. The best way to manually remove it would be to start the computer in Safe Mode with Command Prompt (this will work in ~98% of the cases). So boot into this (safe mode with CP) and at the command prompt window type explorer . You will then see the desktop show up beneath the Command Prompt Window. Now close the CP windows and get into whatever file manager is on the system (windows explorer will do). Go into the directory I listed above and look for the file in Roaming and delete it. Remember that in the root Roaming directory there should be NO exe OR dat files hanging out. If you see one, there is the issue. These things are actually really easy to manually fix with the steps above. Shouldn't take more than a minute t do it.

When things are cleaned up and you can boot into Windows download and install Malwarebytes. Run it to clean any registry entries that point to the file you previously deleted.

Finally, note the link to Malwaretips given above. Lots of smart folks there just waiting to help out.

Edited by cruelsister
Link to comment
Share on other sites
mike.mt

mike.mt

Posted
Posted

My friend's computer was infected with this virus. They are running Windows 8 and they were on a site that doesn't even sound real. Anyway, I ran my typical scans to remove the infection, but the scans do not detect any infected files. The weirdest part is that the virus is affecting the IE app on the start menu only. If I access IE from the desktop, it works fine. Is there a way to uninstall and reinstall the IE app? I tried looking online but had no luck in finding a solution.

@Knightmare..If I'm reading this correctly the Win8 Start Menu Tiles Internet Explorer link has become corrupted by the nasty....I take this is so as from your post you are able to install & scan with A/V , Anti-malware apps, open Windows Explorer etc..

If after running with latest defs of Malwarebytes & other good removal solutions that members above have suggested... All is OK...

You will probably have to manually edit & reset the corrupted link..... I am unaware of an auto fix for this..... If there is one, maybe another member can point you in the right direction??

Hoping you get a speedy result!!

Link to comment
Share on other sites
jackieo

jackieo

Posted
Posted (edited)

MoneyPak

E6qXvzT.png

here ya go, :) try this

Fake FBI MoneyPak scam

If that doesn't work maybe try this...

How to use Trend Micro AntiRansomware Tool
http://esupport.trendmicro.com/soluti...

Download AntiRansomware Tool
http://esupport.trendmicro.com/media/...

Britec Homepage
http://www.briteccomputers.co.uk

Edited by jackieo
Link to comment
Share on other sites
Knightmare

Knightmare

Posted
  • Author
Posted

My friend's computer was infected with this virus. They are running Windows 8 and they were on a site that doesn't even sound real. Anyway, I ran my typical scans to remove the infection, but the scans do not detect any infected files. The weirdest part is that the virus is affecting the IE app on the start menu only. If I access IE from the desktop, it works fine. Is there a way to uninstall and reinstall the IE app? I tried looking online but had no luck in finding a solution.

@Knightmare..If I'm reading this correctly the Win8 Start Menu Tiles Internet Explorer link has become corrupted by the nasty....I take this is so as from your post you are able to install & scan with A/V , Anti-malware apps, open Windows Explorer etc..

If after running with latest defs of Malwarebytes & other good removal solutions that members above have suggested... All is OK...

You will probably have to manually edit & reset the corrupted link..... I am unaware of an auto fix for this..... If there is one, maybe another member can point you in the right direction??

Hoping you get a speedy result!!

How do I manually edit and reset the link? I've tried to remove and pin it again, but that didn't work.

Link to comment
Share on other sites
mike.mt

mike.mt

Posted
Posted

My friend's computer was infected with this virus. They are running Windows 8 and they were on a site that doesn't even sound real. Anyway, I ran my typical scans to remove the infection, but the scans do not detect any infected files. The weirdest part is that the virus is affecting the IE app on the start menu only. If I access IE from the desktop, it works fine. Is there a way to uninstall and reinstall the IE app? I tried looking online but had no luck in finding a solution.

@Knightmare..If I'm reading this correctly the Win8 Start Menu Tiles Internet Explorer link has become corrupted by the nasty....I take this is so as from your post you are able to install & scan with A/V , Anti-malware apps, open Windows Explorer etc..

If after running with latest defs of Malwarebytes & other good removal solutions that members above have suggested... All is OK...

You will probably have to manually edit & reset the corrupted link..... I am unaware of an auto fix for this..... If there is one, maybe another member can point you in the right direction??

Hoping you get a speedy result!!

How do I manually edit and reset the link? I've tried to remove and pin it again, but that didn't work.

Check that IE is set to be default browser, otherwise according to posts elsewhere the tile will not work...

To reset Win 8.* start screen to default tiles:-

http://www.howtogeek.com/178667/how-to-reset-the-windows-8.x-start-screen-to-the-default-tiles/

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...