malaware has locked my computer. what can I do ?

  bigdavey 08:45 AM 11 Jan 13
Locked

My computer won't boot up I get a screen saying I have done all sorts of illegal stuff and I have to pay a fine, I have tried holding f8 and gone into the reboot in safe mode, but this virus has hijacked the safe boot as well so it kicks back into normal startup halfway through the safe boot!!

I am totally stuck for ideas, i don't have restore disks, I am running XP. If there is a way to wipe the system back to factory settings or if I can download some boot disk or usb boot drive that would help I don't care if i lose data.

thanks guys

  HondaMan 08:53 AM 11 Jan 13

Probably shows something which purports to come from Metropolitan Police.

Search in this site fort "Trojan Killer"

  bigdavey 08:57 AM 11 Jan 13

yes its pretending to be from the police it would never fool anyone. I have looked at virus removal stuff but I can't acess the pc at all, I need some way to just reset it to factory, or to get it into safe mode maybe booting from a disk or a usb drive....

  Chronos the 2nd 09:01 AM 11 Jan 13

Have a look here. Or here.

  onthelimit1 09:45 AM 11 Jan 13

I had this virus - the version I had would not let me start in safe mode, but a bootable kaspersky rescue disc found and got rid of the nasty. You should not have to do a factory reset.

  Secret-Squirrel 09:48 AM 11 Jan 13

"or if I can download some boot disk or usb boot drive that would help"

Because you're unable to access Safe Mode your options are somewhat limited. Don't worry too much just yet as you'll probably be able to remove the infection by starting the PC with the Kaspersky Rescue Disk - see here for full details.

  SillBill 09:50 AM 11 Jan 13

on the limit1

I also used Kaspersky Rescue Disc 10 then Malwarebytes found the remains and quarantined the nasty.

  bigdavey 15:01 PM 11 Jan 13

I have done what you say, used the kaspersky disk, but I still have this problem. maybe i am doing something wrong, with the disk, i did a scan all sectors and it found some trojans and i think it quaranteened them, but I still cant get it to boot up to the desktop I still get that screen "your computer is locked"

I am happy to do a restore to factory if there is a way, I use this mostly for email and facebook and theress no data that is important on there. Thanks so far, i thought I'd got it fixed!!

  Fruit Bat /\0/\ 15:27 PM 11 Jan 13

Do you have a XP Pro CD?

Restore XP

Boot to the command prompt and type:

%systemroot%\system32\restore\rstrui.exe

Press Enter and follow the on-screen prompts to restore to an earlier date/time

if will not boot to command prompt then:

Restore from recovery console http://www.myfixes.com/articles/system

boot from the XP CD. Start Windows Setup and press R to access the recovery console. Select your Windows installation, then type the administrator password – press Enter if there isn't one. Now enter the following commands:

CD C:\ CD "system volume information_resto~1" DIR

You'll see a list of restore point folders with names such as RP1, RP2 and so on. Pick the restore point you wish to use, using the folder date stamps to guide you. Enter the commands:

CD RPx (the restore point you chose) CD SNAPSHOT

This takes you into the folder containing the restore point snapshot files. Copy the Registry backups so that they overwrite the existing Registry files.

COPY Registrymachine_system C:\Windows\System32\Config\System COPY Registrymachine_software C:\Windows\System32\Config\Software COPY Registrymachine_sam C:\Windows\System32\Config\Sam COPY Registrymachine_security C:\Windows\System32\Config\Security COPY Registryuser_.default C:\Windows\System32\Config\Default

Type the command exit to close the Recovery Console and restart the PC.

You should now be able to boot normally scan the machine using Malwarebytes and Hitman pro

Follow Step 2 from here to see how to use malwarebtes and hitman pro

  onthelimit1 15:35 PM 11 Jan 13

Have you tried Chronus's second link?

  bigdavey 15:38 PM 11 Jan 13

I'm afraid I don't have the disks, its a pre installed version xp home edition :(

Advertisement

This thread is now locked and can not be replied to.

Should I upgrade to Windows 10? Windows 10 is now available, so do you have to upgrade? 8 reasons…

Why Vodafone’s frequency choice should interest you: The benefits of 800MHz

Digital visionaries discuss Designing the Future

OS X Yosemite vs Windows 10: The Mac and PC operating systems go head to head UPDATED