What is your  Security Software installed??

Quads

At the moment it is the free version of AVG but I ordered Norton Anti-Virus and it should come by mail on July 3rd.

This is Norton products forum and you have AVG installed,

So I will not be removing it AVG has thir own forum for their products

Quads

Its on there temporarily because my one year subcription of Norton ran out I had get a new copy. I will be uninstalling it and use Norton Anti-Virus.

because users can say that (on offence)  but logs doin't show Norton or Symantec I can't do it.

The other one, I had recently actually was I did most of the work, until I figured out it was a illegal / cracked version.

For users reading this forum from whereever,   To break the FBI ransomware  find an entry that looks similar to this (due to system setups, user accounts the full path differs.

Find 

StartupFolder: [PATH].programs\startup\ctfmon.lnk - c:\windows\system32\rundll32.exe pointing to [Path]\Temp\wpbt0.dll,FQ10 (or FQ11)

Take that entry and tthe Ransom should be broken so that on a restart it doesn't load,  you still have to clean up the rest.

Quads

Ok, I found the ctfmon file as a shortcut in the startup folder.  Now what?  Do I delete it to the recycle bin?

Thanks for the info.

Once we get the file removed to stop the Ransom from restarting, what else needs to be cleaned up.

Thanks

OK so my dumb question is why can a computer get this kind of crap on it if I had a fully paid for licensed installed and updated version of norton on it?

And what elese do I need to remove to get rid of this thing?

John

FRST can be used to break it, so it won't run on the next Windows load.

OTL can break it after having it break it in Safe Mode.

Quads