How to properly disable screen lock in Windows 7

Your Windows computer is locked: possible reasons for this phenomenon

So, let's start with the root causes of blocking the operating system itself, the registration record, the disk, or access to some applications. In general, there may not be many situations when it is reported that a Windows computer is blocked.

Among all the problems that occur most often, the following problems can be identified:

• the system is blocked due to lack of activation;
• access to programs is limited by the security system or administrator;
• The system is blocked by ransomware viruses.

Based on the presented root causes, we will now consider some solutions that can correct such situations. And let's start by blocking some functions of the system after installing it on the computer.

What to do if Windows 7 is locked after installation?

It is no secret that for all systems of this family, including the previously freely distributed tenth modification, a special license key must be entered during the installation process. However, in any installer you can skip this step, postponing activation of the operating system until later. The system will work, but its use is usually limited to thirty days.

If you do not enter the activation code during this time, a constantly hanging notification will appear on the screen in the system tray stating that, for example, Windows 7 is blocked. In other words, it will be impossible to use it fully. As is already clear, to correct the situation it is necessary to carry out activation. After the procedure is successfully completed and rebooted, the system notification that the Windows system is locked will disappear. Many users, unfortunately, constantly postpone registration, leaving this procedure for later, and do not at all monitor the expiration dates of the trial period. Thus, ordinary inattention leads to the fact that the entire system at one point stops working.

Using the activator

However, not all users strive to purchase official copies of the system and do not always have the necessary activation keys available. It is clear that in this case a message will again be displayed stating that Windows is blocked. What to do in such a situation?

There is a solution, although it can be attributed to some illegal actions on the part of the user that violate international law. However, this never stopped our user. If you want to activate the system without a key, just use utilities like KMSAuto Net, which perform this procedure automatically. The only thing you should pay attention to is the agreement to enter the reactivation process into the “Task Scheduler” (re-registration will be carried out every ten days). In addition, the file itself cannot be deleted. If an antivirus or the protection system of the OS itself (Defender and firewall) is triggered, the object must be added to the exclusion lists of all tools that monitor system security. In the firewall, you can immediately add a program to the list of allowed ones or create a new rule to run it. Exactly the same actions are performed in antiviruses.

2] Disable blank screensaver

If you are using a screensaver, make sure it is not set to blank. The problem is that you will never know that the screensaver is working.

• Type Screensaver in the search bar
• Click on Change Screensaver
• Check the drop down list to see if it is installed.
• If yes, change it to (no).

Click Apply and exit.

Administrator rights

But both the computer administrator and the system administrator can block access to Windows if network modifications are used. In this case, we are talking not only about limiting the use of programs or system tools, but even about the fact that logging in at the registered user level will simply be impossible.

So, if the administrator has blocked Windows 10 from logging in, the solution is obvious - you need to contact him to restore access. If you know the administrator username and password, the solution looks even simpler. Simply log in as an administrator, go to account management, select your registration and set the necessary rights or remove the lock. By the way, setting the appropriate rights to change system parameters or disabling control of “accounts” can also be useful if Windows 10 blocked the program, considering it unreliable when trying to install or when starting after its installation.

The simplest solution seems to be disabling UAC control, which can be accessed through the Windows search engine (so as not to rummage through various menus for a long time). In the settings window, you just need to move the slider to the lowest position, save the settings and restart. You can also disable the firewall and the TrustedInstaller service. If some applet has blocked Windows, you can unblock it, but by setting it to always run as administrator. To do this, use the properties section of the executable file or its shortcut with a check mark on the corresponding line so that the application always starts with the rights the user needs, and the system does not issue constant requests for trust. By the way, the same applies to the TrustedInstaller service, which can be disabled in the simplest way through the services section, where in the parameters it is first deactivated, and then the disabled start option is set for it in the startup type.

Blocking by viruses: options to correct the situation

Finally, one of the most common situations is the inability to log into the system, when a constantly hanging banner appears on the screen during the loading process notifying that the computer is blocked (Windows is blocked) due to visits to some dubious sites on the Internet or the distribution of unwanted content, which allegedly originates from your address.

In fact, the operating system itself does not provide for such a blocking, and the user is dealing with an ordinary ransomware virus, which, in addition to everything, also issues a requirement to pay a certain amount, after which the system should seem to return to normal. Do not even think about transferring anything to the specified details. You can get rid of this kind of virus using simpler methods:

• restore the system from a checkpoint;
• remove virus keys from the system registry;
• use antivirus software.

Why is Windows blocked?

Because you caught a virus from some dubious site. Perhaps these were cheats for a computer toy. Perhaps some program or Windows installation. I also had one case when this virus was caught while downloading an abstract.

By the way, very often on third-party sites the message “Your Flash Player is out of date, update it” pops up. If you click on it, you can catch this virus. Ignore such messages and update only manually and only from the official Adobe website.

More information on how to do this is written here: How to properly update Adobe Flash Player?

Something like this message pops up in browsers (with a virus, of course). In general, no one is immune from this.
And the ransomware banner appears everywhere: on Windows XP, 7, 8 or 10. You can, of course, install an antivirus and not go to dubious sites - this will reduce the likelihood of catching this infection, but there are no guarantees. Now let’s move on to the main thing and look at the most effective ways to remove the “Windows is blocked” banner.

Since your PC or laptop is not working and nothing can be done from it, in some cases you will need a second computer to solve the problem. It is with its help that you can find the necessary programs to remove the banner.

System Restore

Let's consider a situation where, for example, Windows XP is blocked. The system does not start, and at the stage of loading the “Desktop” the above banner appears.

To begin with, you can try to forcefully turn off your computer or laptop, then turn it on again and see if automatic recovery starts. If for some reason this does not work, turning it on and off will need to be done several times for the system itself to determine that an incorrect shutdown was performed.

If the recovery still does not work, the system does not boot, or at startup it turns out that the Windows account is blocked, you can use the classic method of selecting the boot type by pressing the F8 key at startup (in Windows 10 this option does not work, and you can use removable media). Here you simply choose to load the last working configuration and see how the system behaves.

If this does not help, try starting in safe mode, and then entering the system recovery settings through the “Control Panel” and performing a rollback using the checkpoint that preceded the virus’s penetration into the system (if there is no such point, click on link to show other points).

How to disable the lock screen in Windows 10

08/07/2016 windows

This instruction contains ways to completely disable the lock screen in Windows 10, taking into account that the previously present option to do this in the Local Group Policy Editor does not work in the professional version of 10, starting with version 1607 (and was absent in the home version). This was done, I believe, for the same purpose as disabling the ability to change the “Windows 10 Consumer Experience” option, namely in order to show us advertising and suggested applications. Update 2020: In version 1703 of the Creators Update, the option is present in gpedit.

Do not confuse the login screen (where we enter a password, to disable it, see How to disable the password when logging into Windows 10 and waking up) and the lock screen, which shows nice wallpaper, time and notifications, but can also show ads (just for Russia, apparently, there are no advertisers yet). Next, we are talking about disabling the lock screen (which can be called up by pressing the Win + L keys, where Win is the key with the Windows logo).

Note: if you don’t want to do everything manually, you can disable the lock screen using the free Winaero Tweaker program (the option is located in the Boot and Logon section of the program).

Basic ways to disable the Windows 10 lock screen

The two main ways to disable the lock screen include using the Local Group Policy Editor (if you have Windows 10 Pro or Enterprise installed) or the Registry Editor (for the Home version of Windows 10, also suitable for Pro), the methods are suitable for the Creators Update.

The Local Group Policy Editor method looks like this:

1. Press Win+R keys, type gpedit.msc into the Run window and press Enter.
2. In the local group policy editor that opens, go to the section “Computer Configuration” - “Administrative Templates” - “Control Panel” - “Personalization”.
3. On the right side, find the item “Prohibit the display of the lock screen,” double-click on it and set it to “Enabled” to disable the lock screen (that’s right, “Enabled” to disable it).

Apply the settings you made and restart your computer. Now the lock screen will not be displayed, you will immediately see the login screen. When you press the Win+L keys or select “Lock” from the Start menu, it will also not turn on the lock screen, but will open the login window.

If the Local Group Policy Editor is not available on your version of Windows 10, use the following method:

1. Press the Win+R keys, type regedit and press Enter - the registry editor will open.
2. In the registry editor, go to the HLEY_LOCAL_MACHINE\ SOFTWARE\ Policies\ Microsoft\ Windows\ Personalization section (if there is no Personalization subsection, create it by right-clicking on the “Windows” section and selecting the appropriate context menu item).
3. On the right side of the Registry Editor, right-click and select New - DWORD Value (including for 64-bit systems) and name the value NoLockScreen.
4. Double-click on the NoLockScreen option and set its value to 1.

When finished, restart your computer - the lock screen will be disabled.

If you wish, you can also disable the background image on the login screen: to do this, go to settings - personalization (or right-click on the desktop - personalization) and in the "Lock screen" section, turn off the item "Show lock screen background on the login screen" "

Another way to disable Windows 10 lock screen using Registry Editor

One way to disable the lock screen provided in Windows 10 is to change the value of the AllowLockScreen parameter to 0 (zero) in the HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\LogonUI\SessionData section of the Windows 10 registry.

However, if you do this manually, the next time you log in, the value of the setting is automatically changed to 1 and the lock screen turns on again.

There is a way around this like this

1. Launch the task scheduler (use the search in the taskbar) and click “Create a task” on the right, give it any name, for example, “Disable the lock screen”, oh, in the “Configure for” field, specify Windows 10.
2. On the Triggers tab, create two triggers - when any user logs in and when any user unlocks the workstation.
3. On the “Actions” tab, create the “Run a program” action, in the “Program or script” field, enter reg and in the “Add arguments” field, copy the following line

Using Registry Editor in Safe Mode

But let's assume that this had no effect. Again we see a situation where Windows is blocked by a virus application. What to do in this case?

First, you should boot into safe mode with command line support, and then call the registry editor through the console (regedit command). Now comes the most important part.

First of all, you need to find the Shell and Userinit keys in the HKLM branch, which are located in the Winlogon directory. For the first entry (without options), the value explorer.exe must be specified, and for the second, the full path to the executable file userinit.exe, which is located in the System32 system folder of the Windows root directory in the system partition (usually on drive C).

After that, you should check the similar section in the HKCU branch. Here in the same directory the above keys should not exist at all. If they are present, they must be removed. Then, to be sure, you need to check the Run and RunOnce directories in the HKLM and HKCU branches. In these sections you need to get rid of all suspicious entries in which the current values ​​are set to links to executable EXE files, the names of which consist of a meaningless set of characters (if for some reason you doubt whether to delete a certain key, just go to editing parameters by double-clicking and setting the value to one - this will allow you to disable the execution of the application, and if necessary, the value can be returned to its previous state after eliminating the main problems with the operating system itself, but after it has been restarted in working order).

Windows system is locked! How to solve a problem?

Is this the first time you have encountered such a problem as windows screen locking? Probably many have already encountered it (including me). I suggest looking at the classification of Windows system locks and how to eliminate them.

Before you start reading about locking the windows screen, I recommend that you read the following articles:

Installing windows on a computer

Why is Windows slow?

Types of computer screen lock

Type 1 are banners or porn informers that appear only in the browser window. The most easily removed type. They usually pretend to be additional plugins or browser add-ons. It usually looks like this.

Type 2 are banners that remain on the desktop after closing the browser and at the same time cover most of it. But users usually still have the option to open other programs, including Task Manager and Registry Editor.

Type 3 is a type of banners that loads after the Windows desktop is fully loaded. They close almost the entire desktop, block the launch of the task manager, the registry editor, and boot into safe mode. Some varieties completely block the keyboard, providing the user with only the number keys from their “interface” and a working mouse for entering code.

Type 4 is a type of banners that loads before the Windows desktop boots, replacing the explorer.exe file.

Type 5 is the so-called MBR.locker, which makes changes to the Master Boot Record of the hard drive and, accordingly, blocks normal loading of the OS.

How to remove Windows screen lock

What to do if infected with Trojan.Winlock

Do not comply with the demands of attackers under any circumstances . Know that the SMS you send will not cost as much as it is written, but much more, and besides, the system will not be unblocked for you. Tested and proven.

If possible, use online services for selecting an unlock code on the websites of antivirus software manufacturers (Dr.Web, Kaspersky Lab).

Perform a full scan of the computer with an anti-virus utility with the latest updates to the anti-virus database (for example, the “one-time” anti-virus Dr.WebCureIt or KasperskyVirusRemovalTool; it is advisable to download it from a “healthy” computer, even if the system is successfully unlocked by selecting a code). Open Task Manager (if possible). View suspicious processes. Try to end the process. Of course, in most cases the process is rebooted, but now you know which program is blocking, so you can remove it without any problems.

If a virus blocks access to certain Internet resources (usually popular social networks and sites with anti-virus software), you need to remove unnecessary entries (except for the line “127.0.0.1 localhost”) from the file C:\WINDOWS\System32\drivers\etc\hosts and clear the DNS cache (using the ipconfig /flushdns command as an administrator), and also clear cookies and cache in the browser.

If the virus completely blocks the Windows screen, you can try booting using a LiveCD and fixing the problem.

If the Trojan blocks normal safe mode, then when you press the F8 key, you must select safe mode with command line support. At this point in time, most winlockers are not able to block it. After downloading, you need to launch the registry editor using the regedit command and look for suspicious entries there. First of all, you need to check the HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon branch, in particular, explorer.exe should be written in the Shell parameter, and C:\WINDOWS\System32\userinit.exe in the Userinit parameter, (necessarily with comma). If everything is in order there, you need to check the same path, but in the HKEY_LOCAL_USER branch. It is also advisable to check the branches in which startup programs are registered, for example HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run. If suspicious entries are detected, they must be replaced with standard values ​​(in the case of autoload, deleted). After rebooting and logging in, the Trojan can be removed manually using an already known path. This method, although effective, is only suitable for experienced users.

In addition, some Trojans replace one of the files userinit.exe, winlogon.exe and explorer.exe in the corresponding directories. It is recommended to restore them from the distribution kit or the C:\WINDOWS\System32\DLLCACHE directory.

Locking the Windows screen can happen from a Trojan that creates a section HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\userinit.exe, where it registers a call to its executable file (most often debug.exe), and to resume system operation this section must be deleted.

Sometimes, if the system is completely locked, you can use “Hot Keys”

Ctrl+Shift+Esc Open Task Manager

Ctrl+Alt+Dell Open Task Manager

Ctrl+Esc Activate Start button

Win+D Minimize all windows (if it works, the Winlock window will not interfere)

Win+M Minimize all windows

Win+R Open the Run window

Alt+F4 Close active application (program)

Personally, I encountered this virus 2 times, and the virus was type 5. It was easier for me to reinstall the windows operating system. Also, I came across a Windows screen lock caused by downloading an update from a dubious site.

I advise you to watch a good video on unlocking windows

Also, I advise you to read an interesting article about centralized windows screen locking

Disk Cleanup

The next step if your Windows drive is locked is to clean it up. To do this, the same command line is used, but the abbreviation cleanmgr is written in it. In the window that appears, you need to check the boxes on all the lines that are present in the list, with the exception of the item for deleting backup files.

After editing the registry and the cleaning procedure, you can restart the computer and see how the boot will proceed. If for some reason starting is impossible again, enter explorer.exe in the command console, go to the Users folder, in your directory go to the AppData folder and in subdirectories delete files with the names that you got rid of in the registry.

If, when performing the specified actions with the registry and system partition, it is not possible to call the command line via start in safe mode, you will have to boot from removable media (installation or recovery disk/flash drive) and then perform similar procedures. The command console in this case can be activated in the fastest way through the combination Shift + F10.

Cleaning the registry from traces of the banner

If you have reached this point and previous attempts were in vain, then this method should help you unblock the ransomware virus by 98%.

I would like to note that all the actions listed below must be carried out extremely carefully and strictly according to the instructions. By editing registry keys, incorrect actions can cause irreparable harm to the system and all that remains is to reinstall Windows.

So, let’s start the system in safe mode; how to do this is described above. We wait for the download and launch the “Run” option in the field of the window that opens, enter the regedit command. After entering the command, a Registry Editor window will open in front of you.

Then navigate to the following path HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon

In the right column you will be able to see two parameters Shell and Userinit. Opposite these parameters there is a value column. There should not be anything superfluous in these columns (opposite the Shell parameter there should be the value explorer.exe, opposite Userinit the value userinit.exe). If there are additional values ​​there, then this is the result of a virus and you can safely delete everything.

Also, to ease your conscience, I advise you to go to the following address in the registry settings.....\Microsoft\Windows\CurrentVersion\Run and check if there are any unnecessary and unfamiliar programs in the right field of the window; if any are found, then delete them.

Reboot the computer and rejoice that the virus has disappeared.

I am almost one hundred percent sure that if everything is done correctly, the banner blocking the launch of Windows will disappear. But just in case, I’ll give you another way to remove ransomware. Of course, it is not as serious as the others, but sometimes it is no less effective.

AntiWinLocker application

But what should you do if even after this it turns out that your Windows computer is blocked by a viral application? This is where specialized utilities will come to the rescue. One of the most interesting is the described boot program, which allows you to start by being recorded on an optical or USB drive.

After starting the program, you must accept the license agreement and select automatic launch. Next, this tool will perform a full scan of the computer system and indicate where exactly the viruses are located. You can delete them immediately or leave such actions for later, but after the restart you will additionally need to launch some kind of anti-virus scanner. In theory, the system should boot in normal mode.

Kaspersky Rescue Disk utility

If the previous solution did not help, and again it turns out that your Windows computer is locked, you can use the equally effective Kaspersky Rescue Disk utility, which also starts from removable media.

After launching the utility, you first need to select the language and preferred interface (graphical is best). After this, you can either scan for viruses or go directly to unlocking the system. For the first option, all disks and partitions are marked, after which the scanning process starts.

For the second option, use the terminal line, called through the main menu button (like “Start” in Windows), and enter the line windowsunlocker in the console that appears. After this, a black window similar to a command console will appear, where three options will be offered. To instantly unlock, enter one, after which all you have to do is wait for the process to complete. However, even if an immediate scan is carried out and a virus is detected and it is removed or neutralized, starting the operating system will be possible. By the way, this particular program allows you to detect and eliminate almost all known threats, so its use in case of deep infection is as effective as possible.

AVZ program

Now there is another situation in which it turns out that Windows is blocked. The AVZ program or some kind of portable scanner can be used, so to speak, for a test shot - checking the system and/or restoring it and eliminating detected problems.

The application starts when the system starts from removable media or in safe mode, after which the recovery option is selected from the file menu. Mark everything you need and click the button to perform the selected actions. But it’s too early to rejoice. Next, you need to go to the built-in “Troubleshoot Wizard”, select system problems and the “All” item, mark all the lines and perform the necessary steps to scan and fix the faults found. After this, you need to use the browser settings and tweaks section in the same way, and then through the service menu go to the Explorer extensions editor, where you uncheck all the items marked in black. Next, through the same service menu, you need to go to the Internet Explorer extension manager and delete all the lines that appear in the settings window.

When your Windows computer is locked, running this application in Safe Mode may not work. If you want to use this particular option for starting the utility, you can use the system boot menu (F8) and select to first launch the recovery tool, and then use the command line, from which you need to launch standard Notepad by entering the notepad command. In this program, you should open the AVZ.exe file, selecting “All” in the file type, and run the antivirus executable file through RMB with the selection of the line “Open” and not “Select”, since using the second item will only lead to a text representation of the compiled file will be shown, rather than starting it as an executable applet.

Disabling the lock screen

If you have a password set in your operating system, then so that when you turn on the computer or after exiting sleep mode, Windows 7 does not constantly ask you for a password, you need to do the following:

1. Start again .
2. Go to the “ Control Panel ” section, which is located in the right column.
3. In the window that appears, find the name of the “ System and Security ” section and click on it.
4. In the next window, select the “ Power Options ” category.
5. In the window that appears, in the left column, select the section called “ Request password on wakeup ”. (You can get here in a simpler way: enter the phrase “password request” in the Control Panel search bar, press Enter, and then select the desired item from the list).
6. Place a checkmark next to the phrase: “ Do not ask for a password ,” and then click save changes.

Now you won't be locked out of Windows and prompted to enter a password when you wake up from sleep mode.

What to do if nothing helps?

As is already clear, viruses can block access to Windows quite simply. Typically, such situations are associated with outdated versions of XP, but it is far from a fact that later modifications cannot be subject to such effects.

However, returning to the main question, we can assume that none of the above solutions gave a positive result. What to do in such a situation? Here, as a last option, you can suggest removing the hard drive with the infected system, connecting it to an uninfected computer terminal and checking it for viruses using a portable antivirus launched from the computer to which your hard drive is connected. What to use? In principle, utilities like Dr. are a good idea. Web CureIt or KVRT from Kaspersky Lab. True, it will not be possible to mark the boot or hidden areas of the connected HDD in them, however, it is possible to use such a solution as a last option (of course, provided that no other measures help).

How to unlock Windows. Ransomware virus

Most computer users do not pay enough attention to security issues. Some of them simply do not suspect what dangers may lie in wait for them, others understand everything, but do not have the opportunity to correct the situation.

To combat all kinds of network attacks and viruses, firewalls, firewalls and anti-virus programs successfully function. But all of them are not able to guarantee 100% security, and there is no point in talking about free versions at all. Therefore, many users are faced with the problem of their computer being locked.

This usually happens after rebooting the computer. The reason is a common virus that entered the PC during the last user session.

Ransomware virus. What kind of animal?

The essence of how the virus works is very simple – it is introduced into the boot area to block actions. If most of these pests are simply designed to infect files or collect confidential information, then the ransomware virus is aimed at making a profit due to the careless actions of some users. The lock screen standardly offers to transfer a certain amount of money to a mobile phone, e-wallet or bank card. After this, the blocking should be lifted, but in reality everything turns out to be wrong.

If the virus has already entered the computer, then it can only be removed using specialized programs. Even after entering the correct code and starting the system, the result will be unpredictable. The next time you reboot, the screen will appear again and a new key will be required.

Treatment methods

There are several ways to unlock Windows: Using the database of screenshots from the official Dr. website. Web (https://www.drweb.com/unlocker). To do this, you need a working PC or gadget with an Internet connection. Using the comparison method, you need to identify the virus and enter the corresponding name in the screen lock input field. Boot in safe mode. This startup option prevents many processes and services from running that would normally start.

Next, you can run an antivirus program, check startup, remove suspicious applications that could introduce a virus and cause blocking. Using BIOS tools (UEFI). One option is to reset the time settings. If it doesn’t help, then you can use the built-in recovery tools that are present in modern BIOS. These are primary actions, the effectiveness of which is not so great.

To achieve a high probability of ridding your computer of the ransomware virus and removing the lock, you will need to perform more labor-intensive processes: Creating a bootable drive. The Internet is full of free assemblies that contain all the necessary tools to create a powerful diagnostic system. Following the instructions, you need to create a disk or flash drive containing antivirus programs and system recovery tools. You can create the required USB drive yourself.

You will need to manually enter code to create a menu and download your own set of software.

You can use a desktop PC with an antivirus program installed or Internet access. To do this, you will need to disconnect the infected machine from power, remove the hard drive and connect it to the backup computer. Now just run a scan with your antivirus program. If you don’t want to install it on your computer, you can use the Dr. utility. Web Cureit for a one-time check.

Instead of a total

That, in fact, is all that concerns the occurrence of problems when the system or some of its functions are blocked. If the operating system starts, you can immediately conclude that the bans are imposed due to lack of activation or represent security measures on the part of the system itself or the computer administrator. But in the case of messages appearing in the form of banners, this is a clear sign of viral influence.

As for eliminating problems and bringing the system into a normal working state, it is best to use KMSAuto Net for activation (the program is portable and does not require installation); to eliminate problems with prohibitions from the OS itself, disabling UAC control or granting yourself extended rights to change the system configuration or access to blocked programs. Well, in this case it can be impossible to fight viruses without utilities that start even before the main Windows modules are loaded.

Yes, and here's another thing. Even if the operating system starts in safe mode, under no circumstances is it recommended to use supposedly anti-virus programs like SpyHunter, since threats may be detected and will be, but it will be impossible to remove them or neutralize them without purchasing the main application. In addition, then getting rid of anti-virus applets of this type will be much more difficult than removing threats detected by other applications, for example, programs from Kaspersky Lab. So, if you are asked to download and install such utilities, it is better, as they say, not to take risks.

The computer is blocked by a virus. How to unlock your computer

The computer is blocked by a virus. How to unlock your computer

The computer is blocked by a virus.

How to unlock a computer.

One day you turn on the computer, and after loading the OS you see a banner that covers most of the screen and says that for one reason or another the computer has been blocked, and in order to remove the blocking, you need to send an SMS to some short number. At the same time, this banner does not move anywhere and does not allow any application to be launched.

First of all, you don’t need to send anything anywhere. The problem of blocking a computer can be solved, although not in a couple of minutes. All that happened was that your computer was picked up by a Trojan belonging to the Winlock family on some suspicious site. In general, they are not viruses in their pure form, but they cause quite a lot of trouble. Their popularity is understandable - the creators receive quite a decent income.

Most often, they penetrate the PC through unprotected ports, holes in the OS itself, and when running any unverified utilities, such as those that upload images to a VKontakte account. Such programs work on the same principle: blocking the entire computer or browser, and offering to send an SMS to a short number to receive an unlock code. Moreover, comments can be very different: from the need to urgently activate Windows to gaining access to Adult resources.

Appetites are also different. From 10 to 1000 rubles. SMS should not be sent in any case. Firstly, they will withdraw not 10 or 100 rubles from your account, but much more, and secondly, there is no guarantee that you will receive the code you need in return. And if you receive it, do not consider that you are insured against the reappearance of the same virus and the next blocking of your computer in a few days. source

In this article we will show you step by step how to deal with viruses that completely block the operation of your computer.

Using code generators

This is the most effective and easiest way to unlock your computer. The service is provided free of charge on their resources by all companies involved in the development of anti-virus software (Dr. WEB, ESET, Kaspersky Lab). You just need to enter the short number required by the Trojan into the code generator field. The generator from Doctor WEB has the widest capabilities - it can even select a code based on the appearance of the blocking banner.

There is only one drawback here - most likely it will not be possible to access the network from a locked computer - the browser will not start or we simply will not see it. You can try playing with the keyboard shortcuts: Win+E, Win+F, Win+R, Win+U. If it doesn’t help, and there is no computer connected to the Internet nearby, then proceed to the following steps.

Starting your computer in Safe Mode

In order to boot the computer in Safe-Mode mode, you must hold the F8 function key for 3-5 seconds at startup, and then select the “Safe Mode” startup option in the menu that appears. However, if you managed to “catch” a very well-thought-out Trojan on the network, which deletes part of the system registry responsible for safe mode, this action may not work.

So, safe mode has been launched and now we can open the browser and use the code generators already described. If the codes do not work or there are problems with your Internet connection, then proceed to the next step.

Open “Start/Run” and in the command line window that appears, enter the command “msconfig”. In the window that opens, look for the “Startup” tab and delete all items that cause suspicion (xodecc.exe, plugin.exe, winloker servis.exe, servikes.exe, synsql.exe, onlain servis.exe, exxplore.exe). When deleting, look carefully at the “Command” field; it shows which application the component being removed belongs to. So you can delete something you need.

In safe mode, there is another option - rollback to a previously made Windows restore point. But this will have an effect only in one case, if the “backup” has not been disabled and the existing points are not damaged by the virus.

From my extensive experience, I can say that this operation helps only in very rare cases. For five years now I have been using one unique program, Rollback RX, which allowed me to forget about Trojans and all other viruses. The essence of its work is that it continuously monitors the state of the OS system files and periodically takes pictures of them. You can roll back to the desired one both while Windows is loaded and before it starts loading. With proper program settings, it is possible to remove a lock from any computer in literally five minutes. You just need to note that this program is intended for “lazy” and advanced users.

But let's continue. If even when loading in safe mode the blocking banner does not disappear, then the “Task Manager” can help (called by simultaneously pressing Ctrl+Alt+Del). In safe mode, as a rule, the dispatcher is not blocked and is available. It is there that you can successively remove suspicious tasks and try to get rid of the blocking.

Loading from Live CD from Doctor WEB

This disk allows you to remove the lock from your computer and restore the machine’s functionality when, due to the active work of viruses, starting from the native HDD is not possible. The disk includes Linux OS, a file manager, a browser and an anti-virus scanner - everything you need to treat your PC.

The distribution can be freely downloaded from the official Doctor WEB resource, then copied to disk and the computer started from it. There, on the website, it is described in detail how to do this correctly.

It was possible to remove the lock from the computer. What's next?

It's too early to calm down. It is necessary to completely clean the system of any traces of the Trojan. This is done using free scanners from Doctor WEB (Cure IT) or from Kaspersky Lab (Virus Removal). If the damage is strong enough, then you can additionally use AVZ software (searches for and removes viruses, and also treats the consequences of their activity).

Finally. It makes sense to complain about scammers to the company that provided this short number. These companies do not encourage fraudulent activities using their numbers. One last thing: print out this article on how to unlock your computer so that you always have it handy, not in your locked computer.