[wumbobabo]

Hey guys. So my uncle's windows xp old dell computer got infected with a pretty wicked virus (picture is attached). From what I can gather it's saying windows isn't legit in german, and wants 100 euros from a paypal account to make it legit...

Obviously its legit because its a dell with the serial number on the case @_@

Anyways when you do a fresh boot, windows will load up for about 30 seconds while it's loading all of the components and I can even click the start menu to try and msconfig and stop it from starting up and ctrl alt delete quickly but I can't view the msconfig nor the task manager. I have no idea what this virus is even called so I can't even google how to fix it. If anyone has a fix or just the name of it so I can google how to fix it that would be great

Thank you

Attached Thumbnails

• 

[Advertisements]

Hi are you able to access safe mode at all ? This is called Ransomeware and we may have to work outside of windows

If not then .....

OK next we will work outside of windows then Please print these instruction out so that you know what you are doing

• Download OTLPENet.exe to your desktop
• Ensure that you have a blank CD in the drive
• Double click OTLPENet.exe and this will then open imgburn to burn the file to CD
• Reboot your system using the boot CD you just created.Note : If you do not know how to set your computer to boot from CD follow the steps here
• As the CD needs to detect your hardware and load the operating system, I would recommend a nice cup of tea whilst it loads
• Your system should now display a Reatogo desktop.Note : as you are running from CD it is not exactly speedy
• Double-click on the OTLPE icon.
• Select the Windows folder of the infected drive if it asks for a location
• When asked "Do you wish to load the remote registry", select Yes
• When asked "Do you wish to load remote user profile(s) for scanning", select Yes
• Ensure the box "Automatically Load All Remaining Users" is checked and press OK
• OTL should now start
• Drag and drop this attached scan.txt into the Custom scans and fixes box, or double click the scan box
  
• Press Run Scan to start the scan.
• When finished, the file will be saved in drive C:\OTL.txt
• Copy this file to your USB drive if you do not have internet connection on this system
• Right click the file and select send to : select the USB drive.
• Confirm that it has copied to the USB drive by selecting it
• You can backup any files that you wish from this OS
• Please post the contents of the C:\OTL.txt file in your reply.

[Essexboy]

Hi are you able to access safe mode at all ? This is called Ransomeware and we may have to work outside of windows

If not then .....

OK next we will work outside of windows then Please print these instruction out so that you know what you are doing

• Download OTLPENet.exe to your desktop
• Ensure that you have a blank CD in the drive
• Double click OTLPENet.exe and this will then open imgburn to burn the file to CD
• Reboot your system using the boot CD you just created.Note : If you do not know how to set your computer to boot from CD follow the steps here
• As the CD needs to detect your hardware and load the operating system, I would recommend a nice cup of tea whilst it loads
• Your system should now display a Reatogo desktop.Note : as you are running from CD it is not exactly speedy
• Double-click on the OTLPE icon.
• Select the Windows folder of the infected drive if it asks for a location
• When asked "Do you wish to load the remote registry", select Yes
• When asked "Do you wish to load remote user profile(s) for scanning", select Yes
• Ensure the box "Automatically Load All Remaining Users" is checked and press OK
• OTL should now start
• Drag and drop this attached scan.txt into the Custom scans and fixes box, or double click the scan box
  
• Press Run Scan to start the scan.
• When finished, the file will be saved in drive C:\OTL.txt
• Copy this file to your USB drive if you do not have internet connection on this system
• Right click the file and select send to : select the USB drive.
• Confirm that it has copied to the USB drive by selecting it
• You can backup any files that you wish from this OS
• Please post the contents of the C:\OTL.txt file in your reply.

[wumbobabo]

ok im starting this process now. and no even in safe mode it would come up with that message

[Essexboy]

OK if I have the right variant it should be fairly easy to fix

[Essexboy]

Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.