Hi, I'll be happy to help with this issue
firstly to reassure you, yes - this is a scam
and there are several variants of similar scams doing the rounds
what we will need to do is to try and boot into your account using Safe Mode with Networking
and from there, download, install and run Malware Bytes
I thought so. Do I have any options that you know of other than wiping my hard drive, to remove their program that is denying me access to my computer/
are you on a different computer right now?
NO, I'm on the same computer, but don't have admin privleges. I have MalewareBytes already installed and have run it. It isn't showing any malicious activity.
thanks - is that with a full MalwareBytes scan?
yes it was
ok - we will need to reboot and login to your account via Safe Mode
and then delete some files from there
I can list the files/instructions here and then you can give that a try?
If I reboot in safe mode, will I have admin privleges. Sorry, I'm not very computer literate , but I know that I set up the admin acct. so the kids wouldn't be able to access certain programs, etc.
Yes, you'll have admin privileges
and able to run explorer etc
If you can list them, that'd be great.
ok - I'll start listing them below
1. Restart the computer and tap F8 to display the Windows boot menu
2. Choose Safe Mode
3. Login with your normal user account
4. Open Windows Start Menu and type %appdata% into the search field and press Enter.
5. Navigate to: Microsoft\Windows\Start Menu\Programs\Startup
6. Remove ctfmon
7. Open Windows Start Menu and type %userprofile% into the search field and press enter.
8. Navigate to: Appdata\Local\Temp
9. Remove rool0_pk.exe
10. Remove [random].mof file
11. Remove V.class
Just in case:
The virus files may have names other than “rool0_pk.exe” but file names should appear similar with the same style of markup. There may also be 2 files, 1 being a .mof file. Removing the .exe file will fix FBI Moneypak. The class file uses a java vulnerability to install the virus and removal of V.class is done for safe measure.
If for some reason any files or folders aren't visible
you may need to choose the option to display hidden folders
Once those steps have been followed, then the virus should be removed and restarting the machine should let you access the account again normally
Thanks for your help. I'll be sure to give you excelent feedback. Thanks again, my wife and I were both freaking out over this.
no problem - happy to help
Awesome service, thanks again