It's free to register, to post a question or to start / join a discussion
Tried to remove UK Police Ransomware and Vista not working - help!
Likes # 0
Posted May 13, 2013 at 10:23AM
My wife recently had her laptop (running Vista) infected with the UK Police Ransomware which was locking everything out. After some searching we came across the HitManPro malware removal app. We created a USB bootable of this and successfully ran a scan on the laptop, and it requested it delete the file 77cbc18d.exe which it advised was "suspicious". Many other methods had failed to get this far so it looked like a major success! However, now when we boot up the laptop it goes into Vista as far as asking for the user password, then comes up with the DOS command screen containing the following error message:
77cbc18d.exe is not recognized as an internal or external command, operable program or batch file.
I've tried the DOS Shutdown command, rebooted, etc but it continues to boot up into this same DOS window, and will not go into Windows at all.
Our problems are therefore: 1) Was removal of this file actually successful in removing the virus? 2) How can we fix the above DOS error message and successfully boot the PC into its normal Vista environment.
Many thanks for any help, tips or advice. We're relatively PC literate but not fantastic techies sorry.
Likes # 0
Posted May 13, 2013 at 11:43AM
Go on youtube and search your problem there is a tutorial on there by "Britec09" who does very helping tutorials.
Likes # 0
Posted May 13, 2013 at 11:48AM
I can select the Safe mode options, but whichever I choose it still puts me into the MS DOS window with same error message as above.
I typed MSCONFIG and disabled all items for startup, rebooted and it has still brought me back into the dreaded MS DOS box.
How can I get into admin mode via an MS DOS command, in order to do the SCANNOW?
Likes # 1
Posted May 13, 2013 at 12:28PM
1) Was removal of this file actually successful in removing the virus?
Partly it has removed the ransom screen message and lock up but the part of the virus starting the ransom screen is still there.
2) How can we fix the above DOS error message and successfully boot the PC into its normal Vista environment.
I think the way forward is to do a system restore to a point before the problem started. As you cannot get into Vista you will need to do it from the Advanced tools menu.
You need to look at Windows Repair Your Computer options.
- Startup repair - This automatically fixes problems that are preventing Windows from starting
- System Restore - This will Restore Windows to an earlier point in time
- Windows Complete PC Restore - This will completely restore your entire PC - programs, system settings and files - from a back up that you have previously created (Available in Windows Vista Business, Enterprise and Ultimate editions only)
- Windows Memory Diagnostic Tool - This checks your computer's memory hardware for errors
- Command Prompt - This opens a Command Window
With the Complete PC Restore Option you must have made a backup of your system, either on your hard drive or on a set of DVDs, in order to use this option. If you don't have a backup then don't use this option
How you access the repair options will depend upon whether you have a Windows installation disk or whether your operating system came pre-installed by your PC manufacturer.
Pre-Installed Options NOTE
If no repair options are available your PC manufacturer may have replaced the tools or customised them. Check your Computer Manual before proceeding.
1/ Start your PC
2/ If your PC has one operating system Press and Hold the F8 key as your PC starts. If the Windows Logo appear you will need to start again
3/ If you have a dual boot system a Boot option menu will appear. Highlight the Windows operating system and Press the F8 key
4/ In both cases, if all has gone well, an Advanced options screen will now appear
5/ Highlight the repair Your Computer option and Press Enter
6/ Select a keyboard layout, and then Click the Next button
7/ Next select your user Name and Enter your Password, then Click OK
8/ The recovery options should now appear
Windows Installation Disk NOTE
1/ make sure your PC can boot directly from the Windows DVD. Obviously, most modern PCs can. With older machines you may need to check the PC's BIOS
2/ Start the PC
3/ Immediately insert the Windows DVD into the DVD drive
4/ A Black screen will appear with the words 'Press any key to boot from CD or DVD'
5/ Press Any key to start the booting process
6/ A new screen will now appear with a progress bar. The legend say's 'Windows is loading files'
7/ After a few minutes the Microsoft copyright window ill appear and another small progress bar will be visible
8/ You will next see a Blue curtained screen
9/ After a short while the Language option screen will appear
10/ Select your language and keyboard language and the Click the Next button
11/ At the bottom left of the next screen - the Install screen, Click on the Repair Your Computer option
12/ The System recovery options will now search for your Windows installation
13/ Once the Windows installation has been located, Highlight it and then Click the Next button
14/ You are now presented with the set of recovery options
15/ Click on the Option you require and follow the onscreen prompts
Likes # 0
Posted May 13, 2013 at 12:39PM
Thank you Fruit Bat ... I've done this and having already inserted the Vista install disk it presents me with the option STARTUP REPAIR, upon selecting this it says the following...
Startup Repair Could Not Detect A Problem
And requests I click on Finish
Going to try SYSTEM RESTORE now from same menu...
But this comes back with ... No Restore Points Have Been Created On Your Computer's System Disk
Am I heading in the right direction??
Likes # 1
Posted May 13, 2013 at 1:01PM
System restore must have been turned off then or else the malware has turned it off?Start in safe mode choose CMD prompt.Right click run as administrator and then type sfc/scannow and see how that goes?
Likes # 0
Posted May 13, 2013 at 1:05PM
Yes am in Safe mode with Command Prompt. Laptop just showing the usual MS DOS box with the error message in. Have tried right click within this box but doesnt offer an admin option (just mark, paste, select all, scroll, find). Outside this box right click doesn't come back with anything...
Likes # 0
Posted May 13, 2013 at 1:29PM
In safe mode you'll have to go to start/all programs/accessories and right click command prompt and choose run as administrator and then enter sfc/scannow
Likes # 0
Posted May 13, 2013 at 1:48PM
no system restore point makes this hard.
You cannot run sfc and it would do no good anyway - you have a virus program that is booting with windows that needs to be removed.
This virus will have a random name making it hard to find.
do you have any docs, photos emails etc. on the machine that you are desperate to keep hold of? or is everything backed up?
If you can afford to lose all the data on the machine (due to having it backed up or nothing important on it) then the machine can be rest to factory condition.
Pleas give make and model for instructions on how to do this.
Likes # 0
Posted May 13, 2013 at 1:54PM
Maybe have to restore to factory settings from the advanced repair menu.There's an option to do this and save any files/user accounts?
Reply to this topic
This thread has been locked.