We'd like to remind Forumites to please avoid political debate on the Forum... Read More »
We're aware that some users are experiencing technical issues which the team are working to resolve. See the Community Noticeboard for more info. Thank you for your patience.
📨 Have you signed up to the Forum's new Email Digest yet? Get a selection of trending threads sent straight to your inbox daily, weekly or monthly!
metropolitan police virus/blue screen
Options
claire07
Posts: 670 Forumite
in Techie Stuff
Would appreciate any help. OH was on desktop last night (Windows XP) and seems to have ended up with the Metropolitan Police virus. I tried to load in safe mode this morning but ended up getting blue screen saying Windows has shut down to prevent damage and giving suggestions to check for viruses and some technical refs starting with Ox numbers.
I've looked at other threads and they all seem to have been able to get to the desktop in safe mode.
However as I can't get past the blue screen to the safe mode screen what should I do? I was hoping to do a system restore but can't the way it is.
I've looked at other threads and they all seem to have been able to get to the desktop in safe mode.
However as I can't get past the blue screen to the safe mode screen what should I do? I was hoping to do a system restore but can't the way it is.
0
Comments
-
Can you boot to safe mode with command prompt?
Otherwise: http://support.kaspersky.com/viruses/rescuedisk0 -
If you're able...Can you boot to safe mode with command prompt?
Using another computer, download the Microsoft safety scanner (MSS) to a USB memory stick
Restart the computer, press F8 continually until you reach the Advanced Boot options menu. Choose Safe mode with command prompt.
When it loads, log onto your normal administrator account & at the command prompt type explorer
This will open Windows Explorer (not Internet Explorer) where you'll be able to navigate through your file system. Plug in the USB drive and navigate to the MSS you downloaded and run that.
http://www.microsoft.com/security/portal/Threat/Encyclopedia/Entry.aspx?Name=Trojan%3aWin32%2fReveton
Other method (Requires safe mode with networking if you can achieve this): http://www.bleepingcomputer.com/virus-removal/remove-police-central-e-crime-unit-reveton-ransomware
Scroll down to: Automated Removal Instructions for Police Central e-crime Unit Ransomware using the Emsisoft Emergency Kit:0 -
No, whenever I try any of the 3 safe mode options I get the blue screen. Also in addition to the Ox reference numbers it says to run CHKDSK/F. Is there any other way to get it to go into safe mode past the blue screen?0
-
The Kaspersky rescue CD doesn't require safe mode or that you boot into windows, so may be the better option.
You might want to follow the instructions in this tutorial for running chkdsk:
http://forums.whatthetech.com/index.php?showtopic=955740 -
Thanks for that. I'll give downloading the Kaspersky CD a try first and see how that goes.0
-
I've downloaded the Kaspersky Rescue Disk and done as it said to alter to boot from a cd in the booting up list. However it keeps saying there is no disk in the drive and it will not run.
I realise I must be missing something but is there any way I could do a system restore without having to go through to safe mode? Sorry if these are dumb questions but not used to this happening.0 -
-
That did it! That's great and thanks for all your help.
Is there anything else I should do to make sure it's all gone? I'm just surprised it got through microsoft security essentials and want to make sure it doesn't happen again.0 -
-
The 3rd party browser plug-ins Poppy mentions (You can add Java RE to Adobe) are to blame for the vast majority of this kind of malware installing through exploit. Malcoders realise the browser market is split so have a range of browser agnostic exploits.Stop using Internet Explorer
Update Adobe Reader and Flash to the latest version
Make sure Windows Update is set to automatically download security patches
IE is more secure now than previously and integrates well with MSE. Of course, change browsers if you wish, but the point I am making is outdated plug-ins will see you infected no matter what the browser.
Malware usually installs through a "Dropper" . Malcoders constantly repack and obfuscate these droppers to avoid detection by antivirus software. I've logged a malicous url before & seen the dropper it delivers being repacked every few hours to avoid AV detection. The AV companies are always playing catch up.Is there anything else I should do to make sure it's all gone? I'm just surprised it got through microsoft security essentials and want to make sure it doesn't happen again.
This should take 2-3 minutes.
Download DDS from the link below and save it to your desktop:
Link
After you've downloaded it and saved it to your desktop:- Double click DDS to run it.
- When it's finished, DDS will open two logs:
- DDS.txt
- Attach.txt
Copy & paste the contents of just attach.txt for now and post it here (you may need to split the log over separate posts)0
This discussion has been closed.
Confirm your email address to Create Threads and Reply
Categories
- All Categories
- 351K Banking & Borrowing
- 253.1K Reduce Debt & Boost Income
- 453.6K Spending & Discounts
- 244K Work, Benefits & Business
- 598.9K Mortgages, Homes & Bills
- 176.9K Life & Family
- 257.3K Travel & Transport
- 1.5M Hobbies & Leisure
- 16.1K Discuss & Feedback
- 37.6K Read-Only Boards