DON'T ever send any money to those crooks! There is a ransomware circulating asking you for money to unlock your system. If you send them money, they NEVER send you the promised unlock key.
You can try to boot into safe mode. Tap the F8 key as soon as you get past the post screen to get the startup options.
Try to uninstall any unknown app you can find.
In the start menu, all programms, startup. Remove any entry you don't recognise. You can remove everything if you want. If you are not sure, move the entries to another location.
Open ther registry editor.
Navigate to:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
You can safely delete all values at that location.
Delete any entry in the \RunOnce part.
Navigate to:
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Delete every values.
Delete any entry in the \RunOnce part.
This will prevent applications to get launched automaticaly.
Open the explorer. Navigate to: Windows\system32\drivers\etc\
Open the extentionless hosts file in notepad.
Suppress all entries except for those:
127.0.0.1 localhost
Any line that you entered yourself.
The line begining with "#" are comments, or documentation.
Many malwares add entries here to prevent you from getting a cure, like accessing the Microsoft and AV sites.
Now, some advices:
You ABSOLUTELY MUST make sure that all Windows updated ARE installed as soon as possible. You MUST turn on the autoupdate feature. Set it to automaticaly download updates and ask you what to do. Then, install everything.
REASON: Most of the virus rely on you having unpatched flaws. Most virus exploit flaws that got patches some time ago, some times, over a year old...
Install an antivirus. I recomend AVG or Avira.
Both are available for FREE and do an excelent job.
Both can scan e-mail attachments before they can do anything.
Take the habit of asking confirmation BEFORE you install anything from an e-mail.
Place the attachments in a quaranteen folder for a few days and scan them for virus.
Electro
October 2011