This locked up my PC and I have to manually turn it off and start it back up without internet connection to keep it from locking up again. As soon as I connect the internet cable to locks up again. When it locks up it has a full-screen information display, the task manager and registry editor are disabled and the system hot keys are disabled to avoid the termination. The full screen has FBI at the top and a lot of descriptions that basically say you did someone the FBI does not like and you need to pay $100 to unlock your computer.
I did a full system scan but, even though there were a few thinks it deleted and then scan pre-Windows with some more deletions, once Windows restarted and I reconnected the internet cable the PC locked up again.
In doing some Google seraches I found this appears to be called FBI Randsomware or the FBI MoneyPak virus. How do I remove this?
[*]Select All Users
[*]Under the Custom Scan box paste this in netsvcs
%SYSTEMDRIVE%*.exe
/md5start
services.*
explorer.exe
winlogon.exe
Userinit.exe
svchost.exe
/md5stop
CREATERESTOREPOINT
[*]Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
[*]When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
[*]Attach both logs