Options
PC blocked
Paperhouse
Posts: 1,724
Forum Member
✭✭✭
I seem to have ransom ware on my PC. Even when not connected to the Internet my screen is taken over by an official looking page which states 'ATTENTION! Your PC is blocked due to at least one of the reasons specified below'. I am then accused of downloading porn and invited to pay a £100 fine. The page occupies all of my screen and I have no access to any computer function. What should I do?
0
Comments
In my opinion this is the only way to be sure of removing all of the malware of this type.
Whatever you do do not click on any links in the popup or even think about paying anything.
There are plenty of 'general' removal guides, but it's best to follow one which is specific to your exact version:
https://www.google.co.uk/search?q=ATTENTION!+Your+PC+is+blocked+due+to+at+least+one+of+the+reasons+specified+below
A lot of the guides will just encourage you to download their own (sometimes dodgy) software, so again, post more information so we can identify the malware.
In the meantime, see if you can boot into Safe Mode by tapping F8 as soon as you switch on.
Good luck...
That's the one 'Ukash scam'. But I can't find any way of starting in safe mode. Arrows don't work and neither does F8. Looks like a trip to my friendly PC repair man!
http://forums.digitalspy.co.uk/showthread.php?t=1815658&highlight=
You need to boot from a rescue disk if safe mode is not working.
If you mean that F8 and the arrows aren't being recognised as keypresses, that's usually down to a USB keyboard issue. Using a PS2 keyboard or altering a setting in the BIOS ('Enable Legacy USB' or words to that effect) will normally fix it.
Or, since I have no idea of how to do that, visit my friendly PC repair man.
At the end of the day, it's whatever is simplest for you...Good luck.
That could be an issue max especially if OP is using XP but I've seen a couple of posts on here in the last month or so where it disables safe mode.
True. The ones I've seen recently prevent Safe Mode from loading, but it's not clear from the OP's description if they can even call up the F8 menu.
Safe Mode not working makes it a bit harder to fix, but you still have the option of using a rescue disk (as per L8T's link), a Linux disk, or by connecting the drive to another machine and scanning/manually removing the infected files.
A lot of this ransomware consists of just a couple of .exe files, which are easily spotted and removed - as long as you can actually access them. Some, however, are far more difficult to remove.
For the avoidance of doubt, I can't call up any menu.
You absolutely sure it had disappeared? Perhaps it's just gone into lurking mode and is pilfering your login details for all sorts of sites without the user noticing. I'd be very cautious about knowingly having seen a virus of this nature on my PC, then not seeing any sign of it after taking no action myself - I'd be pretty convinced it was still there.
I would suggest that you tell your daughter to run Malwarebytes on her laptop. Perform a "full scan" of the C: drive.
The following keeps appearing on the screen..........
RunDLL Error loading C:\PROGRA~3\Jelwib.dat the specified module could not be found
Also..........
When doing a McAffee scan the follow appears on a blue screen...........
IRQL_GT_ZERO_AT_SYSTEM_SERVICE
Any ideas?