This computer is configured to require a password in order to start up

startup password virus

 

When you get scammers calling claiming to be from Microsoft and they want access to your computer to fix a virus, they really are not from Microsoft. They will tell you that your computer has somehow contacted them and that you have a virus.  I have heard people tell me they got the call while the computer was turned off, and believe it or not they will fall for this complete SCAM.  When they gain access they will install a program that locks you out of your computer by putting a rogue registry file that will show prior to the Windows boot menu as shown above:  login box asking for a password you never set. This box comes up before the windows logon screen regardless if you have a preset password or not. You cannot bypass it by starting up in any option of Safe Mode – not even Safe Mode with Command Prompt. This is what you do to fix it.

You have to find a bootable utility disk like ERD Commander or Hirens Boot Disk, Boot up from the disk, not the infected hard drive and what you will do is backup the current registry files and recover the most recent registry backup which is available.

Navigate to %SystemRoot%/Windows/System32/config

You need to make a backup of the Following Files First

– Default
– System
– Security
– SAM
– Software

Then Navigate to Windows/System32/config/Regback

Copy all the contents from that folder to the previous config folder and say Yes to overwrite existing files.

Restart Your computer.

Windows will come up with a checkdisk prompt and you will let it run and do its thing.

*If check disk doesn’t run automatically you can run it manually by typing ‘chkdsk /r’ in the run command.

Windows will then logon normally without prompting you for the virus password.

 

 

Posted in Computers, Fraud, Laptop/Notebook, Security, Virus/Malware