Mant thanks for your reply to me greeting. As I am brand new to 'the world of the Forum' I am more than a little lost on this site! I have a very severe problem with a computer. I am not as yet able to see how to post this problem correctly and hope you wil assist. To explain:
The title it needs as a heading is
FBI Ransomware infection (latest UK version) If you could either redirect this or explain to me how to do so myself I'd be most grateful.
I am not an expert, but the guy who helps me with my IT has told me to give you the following information:
The PC infected is a Dell Vostro 1700 running XP Pro SP3, which has been hijacked by the UK "Kent Police" version of the FBI Ransomware infection. This is the version that in Safe Mode puts up a white screen before any useful action can be taken.
There is an extra complication you need to be aware of on this PC: there is a separate system partition which just contains NTDETECT.COM, ntldr, and boot.ini, providing the option to boot to the main (infected) partition, or a spare boot partition, also running XP but with different apps installed for occasional use.
The main boot partition containing MS Office etc. is now unusably infected, but the PC will still boot to the alternative XP partition. However, because the trojan hides itself so well, from the usable spare partition, no anti-malware stuff (including MalwareBytes) can find any problem when scanning the the infected boot partition (or the system partition, although presumably no infection here because it still allows the second option boot).
Because the system partition is separate from the infected boot partition, HitmanPro's usually effective Kickstart can't be used because it only seems to work with a common system & boot partition.
I'd be grateful for any help you can give me regarding this and also how to direct my posts accurately to the correct area of the forum without inconveniencing others.
Many thanks in advance,