FBI Virus

[AmaxB]

If you have encountered this ransom infection, cleaned the victim and are greeted with a Black Screen & CMD window upon rebooting.
Open the Task Manager (Ctrl, Alt, & Delete keys pressed at the same time will bring it up) Under the File Tab select New Task and type
explorer.exe hit enter and the desk top will come up or in the CMD window type explorer.exe & press enter then type exit & press enter. (close the CMD window)
This is not the fix it just brings up the desk top...
The virus/s is, are gone if cleaned correctly and the machine is no longer sick but the virus has changed a value in the registry. So you can
stop Malware scans you'll not find the problem, you must correct the winlogon value

Open regedit from run
in the editor under
HKEY_Current_User\SOFTWARE\Micrsoft\Window NT\Current Version\Winlogon and look to see if Shell is set to 'CMD.exe' if so change
it to "explorer.exe
The malware infected the winlogon shell for your user profile only (not administrator or other users) if other user accounts have the black screen on start up than
have a look at HKEY LOCAL MACHINE.

Smiles to Ya