Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Metropolitan police ukash trojan - need help removing [Closed]


  • This topic is locked This topic is locked

#1
Kev Pike

Kev Pike

    New Member

  • Member
  • Pip
  • 1 posts
Hi there,

I require help to remove the Metropolitan Police ukash trojan virus from my girlfriends laptop running vista business. It was unfortunately taken on last night (1st March) and when I told her to boot in safe mode over the phone, after logging in as the correct user it simply loaded a white screen saying 'please wait while the connection is beeing established' with what I presumed was a German trsnlation underneath. Obviously this is part of the virus. She has since come home from university today for help.

I originally tried following the online guides of booting up in 'safe mode with command prompt' and install the 'grindinsoft trojan killer' via the usb drive i had plugged in however it would not allow me to access the usb drive. I then tried the manual removal however I couldn't access 'regedit' as was blocked by adminstrator options. Only malware program that was on was microsoft essentials which couldn't detect it in 2 scans. I then searched for it manually by searching for .exe to find it in windows. I saw what I presumed was the virus, a load of random characters then .exe extension. I clicked this to make sure it was. It then brought up the white screen with the 'please wait while the connection is beeing established' again so knew I had found it.

I then hard reset it and tried to boot up in 'safe mode with command prompt' again but when i get past the log in again it continually brings up the white screen, like it did for my girlfriend last night. I have tried all 3 different 'safe modes' and it happens on them all.

How can I remove it when I cannot even get into safe mode?

Thanks in advance for the help.
  • 0

Advertisements


#2
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Do you have the ability to create a CD - that we can then use to boot into the system ?

OK next we will work outside of windows then Please print these instruction out so that you know what you are doing
  • Download OTLPENet.exe to your desktop
  • Download the attacherd scan.txt to a USB drive
    [attachment=56425:scan.txt]
  • Ensure that you have a blank CD in the drive
  • Double click OTLPENet.exe and this will then open imgburn to burn the file to CD
  • Reboot your system using the boot CD you just created.Note : If you do not know how to set your computer to boot from CD follow the steps here
  • As the CD needs to detect your hardware and load the operating system, I would recommend a nice cup of tea whilst it loads :)
  • Your system should now display a Reatogo desktop.Note : as you are running from CD it is not exactly speedy
  • Double-click on the OTLPE icon.
  • Select the Windows folder of the infected drive if it asks for a location
  • When asked "Do you wish to load the remote registry", select Yes
  • When asked "Do you wish to load remote user profile(s) for scanning", select Yes
  • Ensure the box "Automatically Load All Remaining Users" is checked and press OK
  • OTL should now start
  • Drag and drop the scan.txt into the Custom scans and fixes box, or double click the scan box
  • Press Run Scan to start the scan.
  • When finished, the file will be saved in drive C:\OTL.txt
  • Copy this file to your USB drive if you do not have internet connection on this system
  • Right click the file and select send to : select the USB drive.
  • Confirm that it has copied to the USB drive by selecting it
  • You can backup any files that you wish from this OS
  • Please post the contents of the C:\OTL.txt file in your reply.

  • 0

#3
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP