Met Police Scam

Started by Lona, Sep 17, 2013, 11:54:15

Previous topic - Next topic

0 Members and 1 Guest are viewing this topic.

Lona

My hubby got the Met Police scam on his laptop (Samsung R720) and I tried to get rid by doing a system restore. 

That didn't work so I then ran Samsung repair and it made things worse.

When PC boots up it goes right to the command prompt saying windows\system32>. I can type in there but don't know what to type.  When I do ctrl alt delete it doesn't come up right but I can close down PC from there.

I ran Kapersky boot disc and it found loads of viruses but when I rebooted I can still only get to the command prompt.

I've ran out of ideas.


If one took the Scots out of the world, it would fall apart
Dr. Louis B Wright, Washington DC, National Geographic (1964), from Donald MacDonald, Edinburgh :thumb:

Steve

No use to you, as I don't use windows however it may help if someone knows the OS as it may possible to 'repair'.
Steve
------------
This post reflects my own views, opinions and experience, not those of IDNet.

Gary

Damned, if you do damned if you don't

Steve

Thanks Gary, it does appear that there is a possible solution further down that page.
Steve
------------
This post reflects my own views, opinions and experience, not those of IDNet.

Glenn

Glenn
--------------------

This post reflects my own views, opinions and experience, not those of IDNet.

Simon

That's a link to this thread, Glenn.  I think she's already looked here.  ;D
Simon.
--
This post reflects my own views, opinions and experience, not those of IDNet.

Glenn

Glenn
--------------------

This post reflects my own views, opinions and experience, not those of IDNet.

Simon

It's coming back to this thread on my iPhone.   :dunno:
Simon.
--
This post reflects my own views, opinions and experience, not those of IDNet.

Lona

#8
Quote from: Gary on Sep 17, 2013, 12:07:01
This may help sounds similar. http://www.tomshardware.com/answers/id-1674756/cmd-prompt-appears-booting-windows-hitmanpro-remove-trojan.html

I can get into the registry using the Kapersky boot disc and when I go down to software/Microsoft there is another folder there called mircosoft. Looking in that there is windows\current version\ policies\ext\CLSID. I wonder is this valid registry entry?

Also under winlogon I have GPE Extensions and there's nineteen entries which I can't make head of tail of


If one took the Scots out of the world, it would fall apart
Dr. Louis B Wright, Washington DC, National Geographic (1964), from Donald MacDonald, Edinburgh :thumb:

Simon

Can you get into Safe Mode, Lona?
Simon.
--
This post reflects my own views, opinions and experience, not those of IDNet.

Lona

Quote from: Simon on Sep 17, 2013, 13:37:12
Can you get into Safe Mode, Lona?

Doesn't matter whither I choose safemode or safemode with networking I still boot in to the cmd screen C:\windows\system32


If one took the Scots out of the world, it would fall apart
Dr. Louis B Wright, Washington DC, National Geographic (1964), from Donald MacDonald, Edinburgh :thumb:

Simon

There was a thing Sandra was always on about, called 'fixmbr'.  I don't know if this will help, but might be worth a read:

http://www.sevenforums.com/general-discussion/17521-how-fix-mbr-through-command-prompt.html
Simon.
--
This post reflects my own views, opinions and experience, not those of IDNet.

Lona

I tried that Simon and it said Access denied as you do not have sufficient privileges. You have to invoke this utility running in elevated mode. What the hell is elevated mode? lol


If one took the Scots out of the world, it would fall apart
Dr. Louis B Wright, Washington DC, National Geographic (1964), from Donald MacDonald, Edinburgh :thumb:

Glenn

Right click on the cmd prompt icon and select 'Run as administrator'
Glenn
--------------------

This post reflects my own views, opinions and experience, not those of IDNet.

cavillas

I did find this and it might help,
To solve the boot issue:1.Put the Windows  installation disc in the disc drive, and then start the computer.
2.Press a key when you are prompted. 
3.Select a language, a time, a currency, and a keyboard or another input method, and then click Next .
4.Click Repair your computer .
5.Click the operating system that you want to repair, and then click Next . 
6.In the System Recovery Options dialog box, click Command Prompt .
7.Type Bootrec /RebuildBcd, and then press ENTER. •If the Bootrec.exe tool runs successfully, it presents you with an installation path of a Windows directory. To add the entry to the BCD store, type Yes. A confirmation message appears that indicates the entry was added successfully.
•If the Bootrec.exe tool cannot locate any missing Windows installations, you must remove the BCD store, and then you must re-create it. To do this, type the following commands in the order in which they are presented. Press ENTER after each command.


Bcdedit /export C:\BCD_Backup

ren c:\boot\bcd bcd.old

Bootrec /rebuildbcd
1.Restart the computer.
Good Luck
------
Alf :)

Lona

Sorry Alf none of that worked

I got as far as Bcdedit /export C:\BCD_Backup but after that it couldn't find anything


If one took the Scots out of the world, it would fall apart
Dr. Louis B Wright, Washington DC, National Geographic (1964), from Donald MacDonald, Edinburgh :thumb:

Simon

Looks like your options may be narrowing towards a full Windows Recovery, Lona.  :(
Simon.
--
This post reflects my own views, opinions and experience, not those of IDNet.

Lona

Quote from: Simon on Sep 17, 2013, 17:06:19
Looks like your options may be narrowing towards a full Windows Recovery, Lona.  :(

I know but Hubby didn't backup any of his files. I can't get into his network from mine as his connection is gone. I think I might try ethernet to ethernet between the two pcs to see if I can get into his files.


If one took the Scots out of the world, it would fall apart
Dr. Louis B Wright, Washington DC, National Geographic (1964), from Donald MacDonald, Edinburgh :thumb:

Simon

Don't take my word for it, but I thought a Windows Recovery didn't affect your files - it's basically an overlay install, replacing missing bits and repairing problems.  But do hold on for further advice on that, as I'm not certain. 
Simon.
--
This post reflects my own views, opinions and experience, not those of IDNet.

Glenn

Download and burn a copy of Hirens 15.2. Boot from it and select Mini XP, once that loads you will have access to the hdu to copy off the files to a flash drive or external HDU.
Glenn
--------------------

This post reflects my own views, opinions and experience, not those of IDNet.

Steve

I wonder as I'm using a Mac that it's taken a fair bit of time to find a download link for Hirens, certainly it's pretty comprehensive.
Steve
------------
This post reflects my own views, opinions and experience, not those of IDNet.

Simon

Simon.
--
This post reflects my own views, opinions and experience, not those of IDNet.

Steve

#22
There's no download link there for me!
Steve
------------
This post reflects my own views, opinions and experience, not those of IDNet.

Simon

Now you come to mention it, I can't see a link either.  Maybe it's hidden unless you're using Windows?  :dunno:
Simon.
--
This post reflects my own views, opinions and experience, not those of IDNet.

Clive

Forgive me for asking Lona, but what is this Met Police scam you've been infected with and how did you acquire it?  I'm just surprised that anything got underneath your radar.  I've just had a very clever e-mail purporting to be from my credit card company and received on the exact date I would expect to be told my bill is ready to be viewed online.  It said there was an urgent message for me and the click the link to receive the informations.  The logo was spot on but the "informations" triggered an instant alarm bell.  I used my usual link access the account and, unsurprisingly, there was no message for me. 

Lona

Quote from: Simon on Sep 17, 2013, 17:17:32
Don't take my word for it, but I thought a Windows Recovery didn't affect your files - it's basically an overlay install, replacing missing bits and repairing problems.  But do hold on for further advice on that, as I'm not certain. 
I tried a windows recovery from disc but with the same results. I managed to get into the laptop from this PC using ethernet to ethernet cable and was able to copy all his files onto a memory stick so if I have to do a complete installation of windows it's just a matter of re-installing his software. 
I'm going to go into the registry via Kapersky boot disc and delete that mircrosoft folder that's spelled wrong just to see what happens.


If one took the Scots out of the world, it would fall apart
Dr. Louis B Wright, Washington DC, National Geographic (1964), from Donald MacDonald, Edinburgh :thumb:

Lona

It wasn't my computer Clive, it was Hubby's.  He wanted to know why everybody was talking about Geordie Shore so decided to google it.   ::)


If one took the Scots out of the world, it would fall apart
Dr. Louis B Wright, Washington DC, National Geographic (1964), from Donald MacDonald, Edinburgh :thumb:

Simon

Simon.
--
This post reflects my own views, opinions and experience, not those of IDNet.

Clive

Me neither!  But I didn't think for one moment that you would fall for anything like that.   :D  Mrs Clive fell for a happy birthday scam from Facebook a few days ago and it took me an afternoon to sort that out!

Gary

Geordie Shore is a god-damn awful  TV show about drunk Geordie girls and guys who shag alot and make fools of themselves, it's reality TV at worst and there is no good reality TV, there was a huge fuss in the media about it years ago, and its still running. Doubt that would give a virus, maybe turn his hair white though.  ;)
Damned, if you do damned if you don't

Lona

Quote from: Gary on Sep 17, 2013, 22:04:57
Geordie Shore is a god-damn awful  TV show about drunk Geordie girls and guys who shag alot and make fools of themselves, it's reality TV at worst and there is no good reality TV, there was a huge fuss in the media about it years ago, and its still running. Doubt that would give a virus, maybe turn his hair white though.  ;)

He's learned his lesson, Gary >:D


If one took the Scots out of the world, it would fall apart
Dr. Louis B Wright, Washington DC, National Geographic (1964), from Donald MacDonald, Edinburgh :thumb:

Lona

Had to do a complete re-install in the end. Trying to set up his hotmail account on livemail and can't remember the settings :(


If one took the Scots out of the world, it would fall apart
Dr. Louis B Wright, Washington DC, National Geographic (1964), from Donald MacDonald, Edinburgh :thumb:

Simon

Ouch!  Sometimes a complete reinstall is the quickest and best way though, otherwise you could have spent days trying to sort it out, and at least he'll have a nice clean PC to bugger up again!  ;D
Simon.
--
This post reflects my own views, opinions and experience, not those of IDNet.

Gary

Sorry to hear you had to do a reinstall Lona  :(
Damned, if you do damned if you don't

Lona

Surprise surprise, after re-installing I couldn't believe it when the D drive was still intact.  I thought when it said you would lose all your data it would be like back to the factory settings.

Most of his photos and important docs were on the D drive so I spent all that time and could have re-installed yesterday instead of wracking my brains trying to sort things.


If one took the Scots out of the world, it would fall apart
Dr. Louis B Wright, Washington DC, National Geographic (1964), from Donald MacDonald, Edinburgh :thumb:

Simon

If the D drive was a separate partition, it should have remained intact. 
Simon.
--
This post reflects my own views, opinions and experience, not those of IDNet.

Steve

I think in the end the re install will give you potentially less issues in the future.
Steve
------------
This post reflects my own views, opinions and experience, not those of IDNet.

Lona

Quote from: Simon on Sep 18, 2013, 07:10:12
If the D drive was a separate partition, it should have remained intact. 

The laptop came with two drives from new so I thought when I re-installed it would wipe the lot. What an operation setting up his windows live email account via hotmail.  It wouldn't accept his password and had to set up new password which had to consist of capital letters plus numbers. It just shows that nothing is perfectly private as they sent his link via my hotmail address. Here was me thinking I was anonymous


If one took the Scots out of the world, it would fall apart
Dr. Louis B Wright, Washington DC, National Geographic (1964), from Donald MacDonald, Edinburgh :thumb: