Repairs Design Furniture
Expand
the main

Unlocking Windows: How to remove Windows lock banner? If you suddenly forgot the Windows password: I break the password! Viral locking computer

As a rule, it is Troyan from the WinLock family. It is easy to determine it: if an image of pornographic or, on the contrary, a business character appears on the screen, and at the same time the computer stops responding to the commands - this is our client.


The banner often contains the message "Your computer is blocked" and the sentence to send a paid SMS or make money on the specified account, - allegedly only after that a harmful banner (and with it and the PC lock) will disappear. On the image, there is even a field where you need to enter a special code that must come after the implementation of the above requirements. The principle of operation of such malicious elements is reduced to the substitution of the SHELL parameters in the shell of the operating system and the leveling of the functions of the WINDOVS conductor

There are several generations of extortionable viruses. Some of them are neutralized in a couple of clicks, others require manipulations of more serious. We will give ways by applying which you can cope with any Trojan of this kind.

Method number 1.

Task Manager

This method will work against primitive Trojanov. Try calling a regular task manager (Ctrl + Alt + Del or Ctrl + SHIFT + ESC key combination). If it succeeds, find in the list of processes what should not be launched and complete it.

If the dispatcher is not called, you can still use the processes manager through the Win + R keys. In the "Open" field, enter the word "notepad" and press ENTER, "thus you will open the Notepad application. In the subsequent application window, type arbitrary characters and briefly press the on / off button on your laptop or stationary PC. All processes, including Trojan, will immediately end, but the computer does not turn off. While the virus is deactivated, you can find files related to it and eliminate them or perform an antivirus check.

If you did not have time to install Anti-virus software, you ask: how to remove the virus extortion from the computer? In most cases, siblings of the evil family of WinLock are made through the directories of any temporary files or temporary browser files. First of all, check the way:

C: \\ Documents and settings \\ directory in which the username \\ and

C: \\ Users \\ Catalog by user name \\ APPDATA \\ Roaming \\.

They are looking for "ms.exe", as well as suspicious files with an arbitrary set of characters like "0.277949.exe" or "hhcqcx.exe" and remove them.

Method number 2.

Remove the virus files in a free break

If the first method did not affect Windows blocked - what to do in that case? It's not worth upset here. So, we encountered an advanced Trojan, which replaces the system components and sets the blocking to start the task manager.

In this case, we will have to choose work in safe mode. Restart the computer. When you start Windows, hold F8. In the menu displayed, select "Safe Mode with Command Line Support".

Further in the console should be written: "Explorer" and press ENTER - you start the conductor. After that, we prescribe the word "regedit" on the command line and press the Enter again. So we will call the registry editor. In it you can find the created Troyan records, and also - the place where its autorun is going on.

The paths to the files of the zlopacket component will most likely, in the shell and userinit keys (in the first it is prescribed explorer.exe, and in the "Userinit" it is easy to determine its semicolon). Further, the order of actions is: Copy the full name of the detected viral file with the right button to the clipboard, on the command line we write "del", after which we put the space and insert the copied name. ENTER - and ready. Now you know how to remove the virus-extortionist.

We also do with the other contagious files.

Method number 3.

System Restore

Load the system in safe mode, as described above. We prescribe in the command line: "C: \\ Windows \\ System32 \\ Restore \\ rstrui.exe". Modern versions will understand and simply "Rstrui". Well, naturally, ENTER.

The "Restore System" window will pop up in front of you. Here you will need to choose a recovery point, or rather, the date preceding the getting of the virus on the PC. It can be yesterday, maybe a month ago. In short, choose the time when your computer was 100% clean and healthy. That's all unlocking Windows.

Method number 4.

Emergency disk

This method suggests that you have time to download software from another computer or go to a friend. Although, maybe you probably have already acquired?

Special software for emergency treatment and recovery of the system by many developers is shipped directly in anti-virus packages. However, the emergency disk can also be downloaded separately - free and without registration.

You can use ESET NOD32 LiveCD, Comodo Rescue Disk, or. All these applications work according to one principle and can be placed both on CD, DVDs, so on the USB drive. They are automatically downloaded along with the integrated OS (most often it is Linux), block the launch of Windows and, respectively, malicious elements, scan the computer for viruses, remove dangerous software, treat infected files.

What if you forgot the password from the computer? This guide will tell you how to do if you forget the Windows password and how to solve this problem without reinstalling the operating system. In addition, we will consider other possible problems with passwords. Windows 10 and Windows 7 operating systems have improved security features compared to earlier Windows XP / 2000 systems.

By the way, it is possible on your PC one of the frequently used passwords, a complete list of popular passwords, see.

In the extreme versions of Windows, a more efficient password system is used, designed to be used in business so that no one without the necessary authority can access information on your computer. This is a stick about two ends. Most users at least once forgets some important password. And then the user / owner of the information becomes the enemy without access "for his computer.

Naturally, for each way of protection there is a way to get around it, especially if you have physical access to the computer.

In this article, we will look at various methods of protecting the computer using the password and how to get around them. We begin not with passwords of user accounts, but with no less important passwords, such as BIOS passwords.

How to "get around" Password BIOS?

Password BIOS. - One of the oldest ways to protect the computer from unauthorized access and one of the most common. Why? This is one of the most effective means if the user does not have access to the system unit. Otherwise, it is like locking the house into a variety of locks and leave the window open.

The default BIOS settings in all system boards do not store password information. So everything you need to do to remove the BIOS password - just reset the current settings by restoring the default configuration. But remember that the reset of the current BIOS settings will destroy not only the password, but all the same settings that you installed yourself.

There are two ways to reset the BIOS settings. Most system boards have a special jumper to clean CMOS (the memory in which the BIOS settings are stored). Usually this jumper is located near the battery on the motherboard, but it is advisable for complete confidence to refer to the instructions from the motherboard. On some motherboards, instead of jumper, there are simply two contacts that you need to close the metal object to reset the CMOS, such as a screwdriver.

If you have a jumper on your board, turn off the computer to clean the CMOS, install the jumper so that it closes the contacts of the jumper, and press the computer's power button. Your computer will not start loading, but the installations in CMOS will be reset. Remove the jumper and turn on the computer again. Most likely, you will see the request on the screen to press F1 to install the BIOS parameters. If you are satisfied with the default settings, press F1, and in the BIOS menu, select 'Save and Exit'. After that, the computer will boot as usual, with the exception of the BIOS password.

If you do not know where your board is the necessary jumper or there is no, which is quite possible, you will have to go to another. On each motherboard there is a battery that is a power source for CMOS memory, allowing you to save information. As a rule, this is a standard CR2032 battery.

To clean CMOS, turn off the computer and remove the battery (you may need a thin screwdriver). After 5-10 minutes, install the battery in place and turn on the computer. The default parameters will be installed in the BIOS, and the password will not be. To continue the download, you will need to press the F1 key, and if you set up the default settings, select the 'Save and Exit' menu that appears in the BIOS menu.

As you were convinced, all this is very simple on the desktop, but with a laptop, the BIOS password can become a serious problem. Due to the frequent theft of laptops, the manufacturers take care of accessing, bypassing the password, it was almost impossible. So, if you forgot the BIOS password from your laptop, most likely you will have to contact the manufacturer's service center.

What if you forgot the password from Windows?

If the circumstances have developed in such a way that you have forgotten the Windows password, then, we recommend that you reset it is guided by the built-in account called the administrator. This is done in safe mode, during boot or reboot your PC.

To restore access to your computer, you will need to simply press F8 and in the menu already opened in which some additional options for downloading your operating system will be presented to your attention, you will have to choose the aforementioned "secure mode". Next, you need to select an embedded account, which, by the way, by default, cannot be protected by any password.

If you are all done correctly, since the above-mentioned sequence of actions accurately complied with the above, then you should knock out a window with a message that Windows works in the required, "safe mode" that is as simplified as possible. You will need to click "Yes" and go to the control panel - user accounts where the account icon is the password from which you are your own and want to lose. On the left you must select the "Change Password" item and enter the appropriate window, and after and confirm the new password. Ultimately, that the above-mentioned changes have entered into their legal force, you will need to restart the PC.

How to hack Windows password on a computer or laptop?

In order to do this, you will have to adhere to the following sequence of actions:

  1. Prepare a CD, or the same flash drive to which a special set of resuscitation programs that intend to restore Windows will be recorded. You will need to insert it into the drive or in the appropriate port during the subsequent reboot of the computer. This resuscitation software package can be prepared independently by downloading a program there intended to separate, save and recover data, or even download some, are ready, RBCD 10.0, for example;
  2. During the PC start, in order to go to the BIOS, press the "Delete" button. There we will need to change the priority of the installation and assign the computer download from the CD-ROM. After that, we visit our boot disk into the drive and reboot PCs;
  3. Going into my resuscator disk, which should appear with us after the resuscitation package is loaded, we must select the editable copy of Windows and go to "System Recovery" mode - a section that will be in you at the bottom of the page;
  4. We are looking for a command line and enter the "regedit" there (we look for it in the dialogs of the same window). We find, and after and allocate the HKEY_LOCAL_MACHINE section, in which we need to choose File, and then Load Hive;
  5. Open the file "SAM" and select the section - HKEY_LOCAL_MACHINE \\_name \\ Sam \\ Domains \\ Account \\ Users \\ 000001F4. Twice click on the key placed there and go to the very first value located in the string that we need to replace the number 10;
  6. In the same section, select "File", and then "Load Hive". Click "Yes" to confirm the unloading of the bush. We close the registry editor, thus end the installation process, take the flash drive or disk and reboot the computer.

How to find out the password from the computer?

Question: How to hack the password on the computer, remains relevant until now. Unfortunately, it is really possible to find out the password from the computer, it is possible only correctly in hand in hand. Therefore, if you are not ready to spend a few hours of your free time on this process, we strongly recommend that you just reset it and come up with some kind of new one.

Again, it is much easier to just reset the password and come up with some new one. However, if you need to find out the password, we recommend that you use the program for this purpose what is called, from the image of which you will need to make a boot disk. By setting up the BIOS booting from the drive and installing this program, immediately at the input to the desktop, you will open the window in which you can see usernames, including administrator, as well as passwords from their accounts.

Worth the question: what to do if I forgot the password from my own PC, it is absolutely not necessary to use the above methods of its recovery. Password reset in the Windows 7 operating system, can also be made using the Net User command. For this case, during the restart of PC you need to press F8. Thus, you can open the menu allows you to make additional options for downloading this operating system in which you will need to choose not just "safe mode", and such that would also support a command line. While in it, you will need to choose the built-in administrator account and in the command interpreter window, immediately, after that, the system invitations appear where you need to enter the Net User Name "Password".


We assume that you yourself understand that instead of the "username" you need to enter the name of your local user account, and instead of the "password" you have a new password. If you are all done correctly, in order to close the window, you will need to register on the command line: EXIT and restart the PC.

How to reset the password on windows 8?

In the case of this operating system, things are much simpler! Password reset on Windows 8, can be implemented as follows:

  • You will need to click on the login screen to click on the special power icon, which is in the lower right corner of your screen;
  • Next you will need to press the SHIFT key and click "Reboot";
  • Click "Troubleshooting";
  • Click "PC Reset";
  • Click "Next" and the system will automatically restart in order to start preparing for the password reset.

How to reset the password on windows 10?

It's not so difficult to reset the password to users of Windows 10, of course, provided if they have access to email, or the same to the phone to which their account was tied. Otherwise, you will have to drop the password from the flash drive, as it has already been described above.

How to reset the Windows 7 administrator password?

Upload the Windows 7 administrator password is best through the Windows command interpreter. Observe the following sequence of actions:

  1. First, run it. You can do this while holding the following path: Start - Run - Start the program - CMD. In the command interpreter opened menu, you will need to enter: Control UserPasswords, after which you will open the window called "User Accounts";
  2. Highlight the password account from which you want to reset and do not forget to remove the checkbox of the "Require user name and password" checkbox;
  3. In the window that opens, you will need to enter, and after and confirm the new password. Next, in the command boot window, you need to enter Exit and restart the PC, as usual.

View passwords that store windows

In addition to the passwords of access of various users, Windows stores and a number of other, no less important: password connecting to the Internet, passwords of mailboxes or access to Web sites. They are usually quite a lot, so it is quite natural that they are forgotten with time.

The operating system offers the "Auto-Fill" function for passwords and other frequently entered information in browsers (Google Chrome, Yandex.Browser, Opera (Blink), Firefox, Explorer 11 and D.R.). So not a rare situation when the user enters the password once, and in a few months, naturally, can not remember it. Everyone understands that important passwords need to be recorded, but they do not all. And if you no longer remember the password, how to find out, because it is displayed in the form of a row of stars: ******?

The solution is offered programs from different manufacturers that can get a password from this row of stars. There are quite a lot of freely distributed programs to decode Windows passwords or hidden passwords from input rows in various browsers.

We will use the program from Passware. This is a convenient in handling a freely distributed program that analyzes the passwords hidden as stars and informs them to you. It is very easy to work with her. It is enough to highlight the string with the password and click the 'Recover' button.


Of course, there are also commercial versions of programs that, as a rule, have a large set of functions. For example, the Password Recovery Toolbox program scans the system and defines saved passwords, data stored for automatic fill, Outlook Express passwords, passwords for connecting to the Internet, etc. This information is then presented in a convenient form. A few more alternatives above the programs described:, or Password Viewer.

Windows XP users passwords

Windows XP stores user passwords in the changed form. For example, Password password will be stored as a string similar to this: 'HT5E-23AE-8F98-NAQ9-83D4-9R89-MU4K'. This information is stored in the file called SAM in the C: \\ Windows \\ System32 \\ Config folder.

This part of the SAM file is encrypted by the SYSKEY system utility to improve password security. The data required to decrypt information after SYSKEY is stored in the System file in the same folder. But this folder is not available to anyone from users. Access to it has only the operating system itself during its work. You can access the SAM and System files only running another operating system or connecting the disk to another computer with the Windows system.

All versions of Windows XP have an ADMINISTRATOR account. This name gives the user full access to the system and the ability to reset passwords of all other users. It can save you if you for any reason can not go under your usual password of the user. The specific use of the administrator password depends on the Windows XP version: XP Professional.

The administrator password is set during the installation of the operating system. If you recorded it or simply pressed Enter, leaving it empty, then you will easily enter the system as an administrator and reset user passwords. To enter the system in the administrator mode, on the screen with a greeting system, press twice Ctrl + Alt + Del, a window will appear to enter the administrator password.


When the computer boots, go to 'START \\ CONTROL PANEL \\ User Accounts' (Start \\ Control Panel \\ User Accounts) and change the required password. Since you are here, it is a good opportunity to correct your error if you left the administrator password empty. In addition, it is desirable to change the name of the 'Adminisrator' account. This name is known to everyone and use it first to access your computer. To change the account name, right-click on the 'My Computer' and select 'MANAGE'. Open 'Local Users and Groups' and open the 'Users' folder. Right-click on the 'Administrator' entry and change it.
XP HOME.

This system will not let you just get access to the computer in the administrator mode. First you will need to download the computer in the protection mode from failures. To do this: restart the computer; Immediately after testing BIOS, press F8 several times; In the menu that appears, select 'START Windows XP In Safe Mode' (download Windows XP in failure protection mode). When the computer boots, go to the name of the 'Administrator'. The default password is missing. Now you can change user passwords by going to 'START \\ CONTROL PANEL \\ User Accounts' (Start \\ Control Panel \\ User Accounts). When you finish, restart the computer in the usual way.
Creating a disk dropping passwords

Windows XP allows you to record information on the usual diskette that provides the ability to reset the password. Naturally, if you have already forgotten the password and cannot access the system, you cannot create any disk, but you will start such a floppy disk in advance to protect yourself from such randomness.

To create a floppy disk: Go to 'START \\ CONTROL PANEL \\ User Accounts' (Start \\ Control Panel \\ User Accounts); Select the name under which you entered the system; In the related task menu, select 'Prevent A Forgotten Password' (prevent password forget); Follow the instructions that running the wizard.

To drop passwords using a floppy disk: If you enter a password when entering the system is incorrect, the system will ask, or you have not forgotten; At this stage, you can use your floppy disk, following step-by-step instructions of the operating system.

Be careful: If you used the built-in Windows capabilities to encrypt files and folders, but did not install the operating system update (Service Pack 1), the password deletes will result in loss of encrypted information.

Windows XP / 7/8 / 10 password change utilities

There are special utilities that allow you to edit or reset the passwords of Windows XP / 7/8/10 users. The principle of operation of most of them is to download the minimum version of an alternative operating system, such as DOS or Linux, which can be accessed by access to files with passwords.

An example of such a utility can be found at this address: http://home.eunet.no/~pnordahl/ntpasswd/ work instructions, as well as files to create Linux boot disk, are available on the same site.

Please note that if you used the functions of the operating system to encrypt files and folders by changing the password using any program, you will lose access to encrypted data. In this case, the following method can help, allowing not to replace the forgotten password new, and know the old one.

Password selection and decoding

If nothing else helps, but you have physical access to the computer, it means not all is lost. You can rewrite Config and SAM files and try to decipher passwords that are stored in them using special third-party utilities. As we have said, this will have to use an alternative operating system, such as DOS or Linux. And when files are at your disposal, you can use one of the password decryption programs, for example, LC4 or.

You will need:

  1. Access to another computer.
  2. At least two empty floppy disks.
  3. An archiver designed to work with the command line, for example, RAR.
  4. The DOS or Windows 98 boot disk (the image of the required disk can be obtained at http://www.bootdisk.com/) or the minimum version of Linux (for example, Knoppix). The need for boot disks disappears if you can simply connect your hard drive to another computer. If you use the DOS boot disk, and the partitions on your hard disk use the NTFS file system, you will need a program to access them that allows you to view sections in NTFS format, such as NTFSDOS.
  5. The program for receiving passwords. We recommend using, since the Bat version of this program is free, and the free version of the LC4 is very limited.

Using the loading flash drive:

  1. If there are sections in NTFS format on your hard disk, copy the NTFSDOS file to your boot flash drive.
  2. Copy the archiver (RAR) on the boot flash drive.
  3. Load a computer from this flash drive. If there are sections with NTFS, type the NTFSDOS command, this program will show which letter is assigned to your system disk, and it will be necessary to use it instead of the letter C in the next item.
  4. Place the system files with passwords in the archive. For example, if you are using the RAR32 archiver, the corresponding command will look like this: RAR32 A -VA: \\ Systemandsam C: \\ Windows \\ System32 \\ Config \\ System C: \\ Windows \\ System32 \\ Config \\ SAM If the files do not fit on one USB flash drive, archiver Asked you to insert the second.

Hacking passwords

Each of your selected programs will display a list of accounts detected in the SAM file. Choose those of them, passwords to which you need to determine. If you are using, select ATACK TYPE: BRUTE-FORCE. If you used only the numbers in the password, check the 'All Digits (0-9)' item. Start the password selection process using the command from the Recovery menu.

The selection of the password can last from 10 minutes to several hours, or even a few days, and it may end up. Especially if letters in various registers, numbers and special characters are used in the password.

This is a good way to verify the reliability of your passwords. If you want to just check your password, do the steps described above and see how long it will take its selection.

Programs for hacking password in Windows

Software that can help you crack a password in Windows There is a huge amount. In addition to the above-mentioned program, there is also Windows Admin Password Hack. But, unfortunately, it is impossible to call it now because it works only in Windows 2000 / XP. Its closest replacement is MULTIBOOT 2K10, which is essentially a functional boot disk.

conclusions

In any case, if someone from your loved ones forgot your password on Windows 7, well, or you yourself have been forced to come across this - do not despair, there are a lot of solving this problem. Well, in order to: how to hack a password on a laptop - you no longer arose, we strongly recommend that you save them anywhere, in notes inside your own smartphone, for example.

We hope that you do not have to resort to the methods described by us. So that such a need has not arise, remember that all important passwords need to record. And if there is a real need to protect information on your computer, use passwords from characters in both registers and numbers and do not use ordinary words. In this case, your passwords will be very difficult to hack.

3 more useful articles:

    A program that checks the reliability of user user passwords. This utility uses network administrators to calculate users with ...

    A simple utility that allows you to display passwords hidden stars. Compatible with all browsers, among them and ...

    Windows Repair is a rare type of program that can save your personal computer almost from all ...

Greetings to you, dear visitor Blog Ferrmen. Surely, you heard, and maybe even got into such a situation when after a file or visiting a dubious site on the Internet, the PC suddenly became unmanaged. And even a banner appeared with the requirement to enter the code to unlock your computer which can be obtained by sending SMS or replenishing the score of the specified phone to a certain amount.

What do you think in this case? Submit to extortioners or still have a chance somehow unlock the computer without SMS? Let's look through several options for our actions in order not to become "" Doyle Cow "" for.

After all, after replenishing the account, they will already know your phone and most likely be able to log in at your cellular operator. So, it will not be much difficult to remove the money from your phone. But we will not despair and first try to cope with the problem yourself. So how?

Attempting to unlock from the banner through the task manager

This is one of the most simplest methods. Who knows, maybe fraudsters are not so literate and just bluff? So, call the task manager and remove the task performed by our browser. To do this, press the Ctrl + Alt + Del keys simultaneously (plusings, of course, do not press). Then in the window that opens, click "Run the Dispatcher":

This window can have different types, depending on the operating system, but I hope the essence is clear. Next appears the task manager. Here we must relieve the task of our browser. Click on the line with a browser and then on the button "Remove the task":


By the way, this method is applicable both for this and for any other task. For closing hung, for example. I must say, it is not always possible to do this from the first attempt, sometimes the task manager window flashes and disappears again. In such cases, it happens that it helps repeatedly pressing Ctrl + Alt + Del and repeated, and up to 10 times in a row! More, probably, it does not make sense. It turned out - good. Net worthy.

Attempt to unlock a computer through the registry

Now try the following option - more complimentary. We put the cursor in the code input field, click Ctrl + Alt + Del and look at the banner. Of course, it will not necessarily be the same as I have, but the proposal to send SMS or replenish the number and the line for entering the code or must be present. If, as a result of our actions, the cursor disappeared, it means the keyboard's attention switched to the task manager:


Now you can press TAB, and then enter and you must open an empty desktop, most likely, even without a "start". If this happened, now to "unlock our prisoner" you need to go into the registry, as viruses are usually prescribed there.

Click Ctrl + Alt + Del. Then "Run the task manager." In the new window that appears, the "File" window, then in the drop-down menu "New task (execute ...)":



In the following, we prescribe the command "Regedit" after which we press "OK":


You can call the "Run" command and easier if, of course, turn out on the keyboard of the Win + R button. Who does not know, Win is a key with a picture of Windows, usually downstairs in the left end of the keyboard. If everything happened we will be in. Here, be very attentive and careful. Do not touch anything superfluous. Because incorrect actions can lead to unpleasant, and sometimes unpredictable consequences in the computer.

So we need to get here: HKEY_LOCAL_MACHINE / SOFTWARE / Microsoft / Windows NT / Currentversion / WinLogon. I will show you two windows to be understandable where and what to press to implement this venture. In the first window, find a line with the inscription "HKEY_LOCAL_MACHINE" and click on the triangle to the left of it:


The list under this line will unfold. There it is necessary to find the "Software" string and also climb the triangle:

Do not scare the lists there are very large, about the bottom slider - move it to see the inscriptions completely. When it will come to WinLogon to WinLogon, already pressed on the triangles on the left, but on the word "WinLogon" itself. After that, translate the eye to the right panel, where it will be necessary to check the parameters: "Shell" and "userinit" (if you don't see the picture, it will increase):

We look at the Shell parameter - its value is only explorer.exe.. "" Userinit "" should look like this: C: \\ Window \\ ssystem32 \\ userinit.exe ,. Note that at the end after "EXE" is a comma! If there are some other values, then correct the above. To do this, it is enough to click on "Shell" or "" Userinit "" Right-click, click "Change", in the pop-up window to write the desired value. This, I think, will not cause you special difficulties.

Final work and actions for failure

In some cases, it happens that these parameters are in order. Then we find such a section: HKEY_LOCAL_MACHINE / SOFTWARE / Microsoft / Windows NT / Currentversion / Image File Execution Options and deploy it. If there is an explorer.exe subsection, we can remove without regret. Well, we did everything to unlock our "prisoner".

You can now restart the computer. If the virus is not more cunning, everything should

14.04.2016

Currently, there is a huge amount of viruses, good, modern anti-virus software can cope with the majority of "pests". Conditionally viruses can be divided into several groups, but the most common is spyware, advertising software and Trojans, which include and viruses - extortionists. Just about the latter and will be discussed in this article.

Recognize a computer infected with an extortionable virus quite simple. An image of a business, pornographic or other character appears on the screen. At the same time, the computer is either at all answers the commands, or responds, but the picture takes almost the entire visible area. This is our client - trojan familyWinLock Or speaking easier ,.

The banner located on the screen has the following content: " Your computer is blockedSend money to the account or paid SMS. " After that, the banner along with the locking computer promises to disappear. Also in the picture there is a field in which the code you should allegedly get after payment. Do not panic and hurry to part with money. We will tell you.

The virus under consideration has several varieties, depending on the generation. Older can be neutralized with a pair of clicks of the mouse button. Others will require much more serious training. Do not worry, we present all the options out of such a difficult situation that will accurately help remove any similar Trojan.

Method number 1 - Task Manager

This method will help in the fight against old, primitive trojans. Call the task manager ( C.tRL+ S.hIFT.+ E.sC on windows 10 or C.tRL+ A.lt.+ D.el. on older versions of Windows). If the dispatcher starts, try to find a suspicious point in the list of processes. Complete this process.

If the dispatcher does not start, try running the processes manager (keys WIN.+ R.). Enter the command " notepad." in field " Open". After that, a notebook should be opened. Dial Arbitrary Symbols in the window that opens and click Briefly (sharply) the power button on the PC or laptop. All processes together with Troyan must automatically end. The computer will be enabled.

Now is the time to delete all infected files. It is necessary to find them and remove or scan discs. .

Suppose that according to the ridiculous randomness of the antivirus on the computer you did not put in advance. How to be? Siblings WinLock Usually closed in temporary files, including browser files. Try checking the following paths:

C: \\ Users \\ Folder with username \\ app Data. \ Roaming. \

C: \\ Documents. And. Settings \\ Catalog with username \\

Find " mS.EXE."Or other suspicious files, for example, with an arbitrary combination of symbols of the type" 89SDFH2398.exe." or " Hgb.hd.exe." Remove them.

Method number 2 - Safe Mode

The first way failed, and you still do not understand how to unlock a computer from the extortioner virus? It is not worth upset. Just our Trojan is more advanced. It replaced the system components and set the task manager launching.

To troubleshoot a malfunction, restart the computer by holding the F8 key when the system is started. In the displayed menu, select " Safe Mode with Command Line Support».

Then dial " explorer"In the console and click ENTER. Such manipulation will launch the conductor. We prescribe the word further " regedit."In the command line, click again ENTER. After that, the registry editor will start. Here you will find a place from where the autorun of the virus is carried out, and also created by the records.

Look for the components of the wicker virus in the keys Userinit. and Shell.. In the first it is easy to find a comma, in Shell. He is prescribed as explorer. eXE. Copy the full name of the dangerous file we found in the clipboard using the right mouse button. We write " del."In the command line, then a space, and then insert the name copied earlier. Zhmem. ENTER And enjoy the result of your manipulations. Now you know how to unlock a computer from the extortioner virus. We produce this operation with all suspicious files.

Method number 3 - system restoration

After the manipulations have done, it is necessary to log in again using the method described in method No. 2.. Write the following on the command line: " C: \\ Windows \\ System32 \\ Restore. \\ rstrui.exe. "Or in modern versions of concise" rstrui.", Then click ENTER. The window will appear on the screen. " System Restore”.

You should choose a date that precedes the appearance of the virus. This date is called a recovery point. It can be for the year or just a day before that ill-fated date when your PC has been attacked by a virus. In other words, select a date in which your computer was healthy and 100% clean. On this unlocking is over.

METHOD №4 - emergency disk

To do this, you need to download the necessary software in advance, use the second computer or visit a friend for this purpose. Software for the restoration of the system and its treatment is usually embedded in antivirus programs. However, they can be downloaded for free, separately, without registration.

That's all, now you know how to unlock a computer from the extortioner virus. Father be careful.

Hello, my readers! It is unlikely that the ordinary user of the Windows operating system can be surprised by the extortion of money using WinLock harmful Trojans, more famous in the people as "Windows Locker".

And it's not surprising, because every second inexperienced user, ignoring the importance of the security of your computer, automatically sent himself to a white list of scams, which, as practice shows, quite deftly "bred for money" frightened and confused beginners who do not know how to react to such a situation.

Therefore, answering questions: how not to become a victim of deception? And what to do if Windows is blocked? I propose to carefully examine the material below, which guarantees the disposal of the problem with several clicks of the mouse.

Where does everything start

Once in the evening, as usual browsing various sites on the Internet, reading the news feed, your computer may hang. And a terrifying banner may appear in the center of the screen, which flashes almost the entire desktop and asks to send an SMS (which is obviously not free) or asks to replenish the account, on the mobile number specified in the requirement. Otherwise, all materials from the computer will automatically be destroyed.

I will give you several delight tips, what to do if Windows is blocked and asks the code. I will give the best options for unlocking the system.

Without unnecessary movements

Fortunately, for some Trojans, it is really possible to choose the unlock code, which is even rare, but completely destroys the virus from the system.

You can choose the necessary code using known antivirus databases (and more specifically in a couple of minutes you can find key data on their main pages).

WINDOVS unlock service is available from the company:

  • "Doctor Web "
  • « Lab Kaspersky»

Open the required page in case your system is blocked, you can from any other PC, tablet or phone.

Important ! Unlocking access to the system, it is not necessary to rejoice prematurely. The next step is to check the disc with any antivirus.

System Restore

Before switching to the complex and cunning methods of special software, I suggest to try to eradicate the problem on hand at hand, or rather, to call the task manager with the way for you (usually Ctrl + Alt + Del).

Happened? Then I congratulate you are dealing with the ordinary and simple Trojan, which is easily removed quickly and quickly.

  • We find a suspicious foreign process in the list of processes.
  • Forcibly complete it.

An example of how your virus can look.

Often, third-party process has a vague name and highlighted without a description. Remove those in the list and force them forcibly. I advise you to do it well and alternately until the banner disappears.

If the miracle did not happen, and the task manager is not called, then I propose to go to step to use a third-party process manager Explorer.exe, which can be downloaded by reference. The program can be started using the "Run" command (Click Win + R).

In the Explorer.exe directive, the suspicious process to identify is very easy.

Military strategy

Another way, with which you can cope with the virus, is to use some standard programs, including an ordinary notebook or WordPad.

To do this, you "blindly" (after all, you cannot close or hide the banner) will need:

  1. Run the "Run" utility (Win + R)
  2. Push the "NotePad" in it and click on the "ENTER" key.
  3. Ideally, under the banner window, a new text file will start, in which you type any (no matter what) text and press the power off button on the system.
  4. Further, all the processes running in the system will begin to end, except for a notepad that will ask you to "save" or "close without saving" a document (which we, of course, remain unchanged).
  5. After deactivating the virus, as in the previous way, find the location of Trojan and destroy it.

More advanced way

For hacker viruses, "unreal complex" Trojans, the method of opposition to the task manager or other system components will not help.

Therefore, it is time to move to heavy artillery, or rather a safe mode.

Step-by-step instruction:

  1. Reboot your computer, and at the time of loading the operating system, hold the F8 key (sometimes the other button, it depends on your PC).
  2. In a new window (presupposing the selection of the boot method), select "Safe Mode + Command Line."
  3. After downloading, we prescribe Regedit on the command line, click the Enter and run the registry editor.
  4. We analyze the registry editor running applications on the PC.
    Most likely you will see the full path to the Trojan files located in the Shell's key and in the Userinit branch. In "Shell", the virus is prescribed instead of explorer.exe, and in the "Yuzerinite" is indicated after the comma.
  5. Copy the full name of the virus to the clipboard.
  6. We prescribe in the "Del" command line, press the space and the right mouse button call the context menu.
  7. In the menu window, select "Paste" and press the Enter.

Voila, the first Trojan file was successfully destroyed. We carry out a similar operation with the second and subsequent (if any).

Well, that's all, the main active ways to restore data access to the data I registered. If all the above, the actions described are difficult for you to make ignorance and fear are even worse, I recommend that you pass the learning course " genius genemist" He will help you to gain courage and sort out in the basics of PC ownership.

I hope now I can be calm for you and for the safety of your information. Be sure to share this useful information with friends in Soc. Networks, for sure, this material will also be by the way. Do not forget to subscribe to blog updates and install reliable antivirus! To new meetings!

Yours faithfully! Abdullin Ruslan

Did not find an answer to your question? Look at here
Girls Equestria on the rollers that might Magic - a real victoryGirls Equestria on the rollers that might Magic - a real victory
Read onlineRead online "History of Iran and Iranians
Latest Caliphs from the Abbasid dynastyLatest Caliphs from the Abbasid dynasty