Police ransomeware

Mikes

New Member
Thread author
Jan 15, 2013
6
Downloaded your HItman Pro onto a USB stick and went through your instructions/. However, the infection is still active and lin control of my computer...
 

kuttus

Level 2
Verified
Oct 5, 2012
2,697
Hi and welcome to the malwaretips.com forums!

I'm Kuttus and I am going to try to assist you with your problem. Please take note of the below:
  • I will start working on your malware issues, this may or may not, solve other issues you have with your machine.
  • The fixes are specific to your problem and should only be used for this issue on this machine!
  • The process is not instant. Please continue to review my answers until I tell you your machine is clear. Absence of symptoms does not mean that everything is clear.
  • If you don't know, stop and ask! Don't keep going on.
  • Please reply to this thread. Do not start a new topic.
  • Refrain from running self fixes as this will hinder the malware removal process.
  • It may prove beneficial if you print of the following instructions or save them to notepad as I post them.
Your security programs may give warnings for some of the tools I will ask you to use. Be assured, any links I give are safe.


Before we start:
Please be aware that removing malware is a potentially hazardous undertaking. I will take care not to knowingly suggest courses of action that might damage your computer. However it is impossible for me to foresee all interactions that may happen between the software on your computer and those we'll use to clear you of infection, and I cannot guarantee the safety of your system. It is possible that we might encounter situations where the only recourse is to re-format and re-install your operating system, or to necessitate you taking your computer to a repair shop.

Because of this, I advise you to backup any personal files and folders before you start.
<hr />

Are you able to start the computer in safe mode or any other mode in Advance Boot Options?


<h3>STEP 1 : How to Start your computer in Advance Boot Options</h3>
<ol><li>Remove all floppy disks, CDs, and DVDs from your computer, and then <>restart your computer</>.</li>
<li><>Press and hold the F8 key as your computer restarts</>.Please keep in mind that you need to press the F8 key <>before the Windows start-up logo appears</>.
<em>Note</em>: With some computers, if you press and hold a key as the computer is booting you will get a stuck key message. If this occurs, instead of pressing and holding the "F8 key", <>tap the "F8 key" continuously</> until you get the Advanced Boot Options screen.</li>
<li>On the Advanced Boot Options screen, use the arrow keys to <>highlight Safe Mode with Networking</> , and then <>press ENTER</>.
<img title="Safe Mode with Networking screen" src="http://malwaretips.com/images/removalguide/safemode.jpg" alt="[Image: Safemode.jpg]" width="539" height="292" border="0" /></li>
</ol>
<hr />
 
Last edited by a moderator:

Mikes

New Member
Thread author
Jan 15, 2013
6
Mikes said:
Downloaded your HItman Pro onto a USB stick and went through your instructions/. However, the infection is still active and lin control of my computer...
Hi there glad to have you at my elbow!

The malware does not let me boot up in any safe modes nor does it allwow me to start up from a rescue disk.
 

kuttus

Level 2
Verified
Oct 5, 2012
2,697
If you can't boot, we are going to be using a Windows Recovery Environment to help disinfect the system so it may boot again. You will need access to another computer and a CD to perform the following. If you rather use an USB for this, please follow the instructions here

If you choose to use a CD,

Download the OTLPE Standard REATOGO Windows Recovery Environment.
  • Place a blank CD-R disc in to your CD burning drive.
  • Download OTLPEStd.exe and double-click on it to burn to a CD using ISO Burner.
  • Reboot your system using the boot CD you just created.

    Note : If you do not know how to set your computer to boot from CD follow the steps here
  • Your system should now display a REATOGO-X-PE desktop.
  • Double-click on the OTLPE icon.
  • When asked "Do you wish to load the remote registry", select Yes
  • When asked "Do you wish to load remote user profile(s) for scanning", select Yes
  • Ensure the box "Automatically Load All Remaining Users" is checked and press OK
  • OTL should now start. Change the following settings
    • Change Drivers to Non-Microsoft
    • Press Run Scan to start the scan.
    • When finished, the file will be saved in drive C:\_OTL\MovedFiles
    • Copy this file to your USB drive if you do not have internet connection on this system
    • Please post the contents of the OTL.txt file in your reply.

<hr />
 

Mikes

New Member
Thread author
Jan 15, 2013
6
The malware does not let me boot up in any safe modes nor does it allwow me to start up from a rescue disk.
 

kuttus

Level 2
Verified
Oct 5, 2012
2,697
Are you able to see the Boot Device menu? When you try to Boot from the Rescue Disk what you are getting?
 

Mikes

New Member
Thread author
Jan 15, 2013
6
Yes,sorry - my keyboard driver decided to stop working.

I downloaded the rescue disk, but it won't fire up - I've burnt three cds but when trying to book the computer, each each gives me a blue screen with a message. I also treid dwonloading the program file , ut I got eactlly the same...
STOP 0x000000 (0x8DA528, 0xC0000034,0x00000000, 0xo
00000000
 

Mikes

New Member
Thread author
Jan 15, 2013
6
kuttus said:
Mikes your last replay was a Blank one...
Yes,sorry - my keyboard driver decided to stop working.

I downloaded the rescue disk, but it won't fire up - I've burnt three cds but when trying to book the computer, each each gives me a blue screen with a message. I also treid dwonloading the program file , ut I got eactlly the same...
STOP 0x000000 (0x8DA528, 0xC0000034,0x00000000, 0xo
00000000
 

kuttus

Level 2
Verified
Oct 5, 2012
2,697
Are you able to Enter into BIOS Settings? If you are able to Enter into BIOS Settings change your Boot Priority... Change the First Boot Device as CD/DVD.. Then try to Boot from the Boot CD/ Rescue Disk we created...
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top