Dear Folks –
My computer has been hijacked by some kind of ransomware.
There is an annoying voice with an English accent saying “<Your (I think—word is slurred)> PC is blocked. To unblock the computer you must pay the fine through MoneyPak of three hundred dollars.” It has an elaborate display claiming to be from the FBI Cybercrime Unit, which can not be shrunk, shut down or moved. The start menu and Explorer bar are missing, as are all the icons on my desktop.
I am running Windows XP with Service Pack 3 on a Compaq 6910p.
<ctrl><alt><del> brings up the usual popup window, but when I press the button for the Task Manager it just goes back to the FBI display.
Attempting to boot the system into Safe Mode or Safe Mode with internet results in the Blue Screen of Death briefly flashing on my screen, lines scrolling by almost too fast to read, and then a reboot. The last line before the reboot refers to hpdskflt.sys.
Attempting to boot to the Windows Recovery Console results in the following message:
“A disk read error occurred.
Press Control+Alt+Del to restart.”
I borrowed a friend’s computer and downloaded Kaspersky Rescue Disk 10 and burned it onto a CD. I then ran it following the instructions given. When I tried to update the virus definitions it told me that the site was unavailable. The same thing happened when I tried to open the Kaspersky site with the Web browser provided by the rescue disk.
I am connected to the internet by an ATT Uverse account and router. I have both a WiFi and a physical LAN connection to the router.
So I ran the virus search without updating. I checked the additional box for a search of my C: drive. The report came back about 6 hours later and showed zero problems of any kind. However, when I rebooted my machine in Windows, it was still locked in the same way.
Now I don’t know what to do. Help!