1. Welcome to TechPowerUp Forums, Guest! Please check out our forum guidelines for info related to our community.

Ransomeware virus heads up

Discussion in 'General Software' started by pantherx12, Dec 19, 2011.

  1. pantherx12

    pantherx12 New Member

    Joined:
    Jan 2, 2009
    Messages:
    9,714 (4.65/day)
    Thanks Received:
    1,699
    Location:
    ENGLAND-LAND-LAND
    Just spent the last two hours getting rid of the "Strathclyde Police UKASH virus"
    Now this thing shot straight past my Anti virus software, it's definitely a fucker!

    Basically you get a full screen message saying you've been watching violent images/child porn/other illegal business ( In my case it told me I had been sending out messages linked with terrorism :laugh:)

    And it will ask you to send money via UKASH in order to unlock your pc.

    Now this a well documented virus how ever the version of It got seamed to be an upgrade and had disabled an awful lot of stuff that I would usually be able to use to quell a virus attack.

    ( The main one being it disables task manager as soon as it gets on your system)

    I had to follow instructions from various places this one was the most useful and will fix the problem for most people http://deletemalware.blogspot.com/2011/06/remove-metropolitan-police-ransomware.html

    Whilst your in safe made be sure to boot up your virus scanner and let it do a full scan before you reboot back into regular windows.

    You may have to re-enable task manger via reg edit

    It can do quite a bit of damage to the registry you may have to clear it up manually after wards.
     
    Last edited: Dec 20, 2011
    travva, Mussels, scaminatrix and 3 others say thanks.
  2. 95Viper

    95Viper

    Joined:
    Oct 12, 2008
    Messages:
    4,375 (2.02/day)
    Thanks Received:
    1,582
    Location:
    στο άλφα έως ωμέγα
    You sound worse than the virus/malware! Just joking.:laugh::roll::laugh:

    Thanks for the heads up.
    Do you remember, what site hit you with the bugger.
    or, what software, etc.
     
  3. stinger608

    stinger608 Dedicated TPU Cruncher & Folder

    Joined:
    Nov 11, 2008
    Messages:
    7,150 (3.34/day)
    Thanks Received:
    3,557
    Location:
    Wyoming
    Did you also try ComboFix?
     
    Crunching for Team TPU More than 25k PPD
  4. Radical_Edward

    Radical_Edward

    Joined:
    Jan 24, 2010
    Messages:
    3,587 (2.11/day)
    Thanks Received:
    1,927
    Location:
    Oregon, USA
    Jesus, that sounds like a nasty one.
     
    Crunching for Team TPU
  5. TheMailMan78

    TheMailMan78 Big Member

    Joined:
    Jun 3, 2007
    Messages:
    21,007 (7.87/day)
    Thanks Received:
    7,556
    Any idea where your scored this bastard so we can avoid it?
     
  6. pantherx12

    pantherx12 New Member

    Joined:
    Jan 2, 2009
    Messages:
    9,714 (4.65/day)
    Thanks Received:
    1,699
    Location:
    ENGLAND-LAND-LAND
    Some streaming porn site :laugh:

    I believe one of the top results for "hardcore streaming" in google :laugh: :toast:


    So protip : stick to familiar websites XD


    I think it's safe to say as usual it got in via Java though : /


    Naw Just to be on the safe side I stopped all services/start up programs from launching as well, meant I couldn't connect to internet to download anything.
     
    Last edited: Dec 19, 2011
  7. TheMailMan78

    TheMailMan78 Big Member

    Joined:
    Jun 3, 2007
    Messages:
    21,007 (7.87/day)
    Thanks Received:
    7,556
    I hate Java. I mean every virus I have ever gotten has been via Java.
     
    pantherx12 says thanks.
  8. Jetster

    Jetster

    Joined:
    Jan 17, 2010
    Messages:
    4,983 (2.91/day)
    Thanks Received:
    2,016
    Location:
    Oregon
    Maybe you better send them the money:cool: not
     
  9. Frick

    Frick Fishfaced Nincompoop

    Joined:
    Feb 27, 2006
    Messages:
    10,625 (3.39/day)
    Thanks Received:
    2,239
    Wasn't there a virus like this some years ago? I think I read about it in a computer magazine..
     
  10. NinkobEi

    NinkobEi

    Joined:
    Nov 27, 2006
    Messages:
    2,045 (0.72/day)
    Thanks Received:
    340
    man the last one I had invaded Safe Mode. Couldnt even load up a web browser in safe mode to see how the hell to fix it. Ended up doing a system rollback and then loading safe mode with malwarebytes. Moral of the story: dont leave internet browsers open while you are at work/asleep.
     
  11. erocker

    erocker Super Moderator Staff Member

    Joined:
    Jul 19, 2006
    Messages:
    39,671 (13.28/day)
    Thanks Received:
    14,066
    Bummer. With all of the STD's around and being vigilant to practice safe sex it doesn't even matter. We get viruses from fapping now. The future sucks.
     
    pantherx12 and NinkobEi say thanks.
  12. LAN_deRf_HA

    LAN_deRf_HA

    Joined:
    Apr 4, 2008
    Messages:
    4,543 (1.92/day)
    Thanks Received:
    939
    What browser? If you're on firefox and running adblock remember to use fanboy's list. Easy's list doesn't believe in blocking porn site ads, like they're punishing you for being a deviant or something haha
     
  13. pantherx12

    pantherx12 New Member

    Joined:
    Jan 2, 2009
    Messages:
    9,714 (4.65/day)
    Thanks Received:
    1,699
    Location:
    ENGLAND-LAND-LAND
    On firefox, just I didn't reinstall my add ons last time I reinstalled windows.

    Got NoScript and ad block installed again, and I'll never let them leave my side again.

    This one left unchecked can compromise safe mode and even disable boot from disc D:
     
  14. TheMailMan78

    TheMailMan78 Big Member

    Joined:
    Jun 3, 2007
    Messages:
    21,007 (7.87/day)
    Thanks Received:
    7,556
    I have adblock for IE but cannot find a noscipt equivalent yet.
     
  15. Completely Bonkers New Member

    Joined:
    Feb 6, 2007
    Messages:
    2,580 (0.93/day)
    Thanks Received:
    516
    Anyone know how I can LOCK DOWN JAVA? Is there a way to sandbox that biatch?
     
  16. Lazzer408

    Lazzer408

    Joined:
    Jan 6, 2007
    Messages:
    2,547 (0.90/day)
    Thanks Received:
    338
    Location:
    Illinois
    [rant]

    It pisses me off to no extent how Microsoft enabled things like this to get into the computer in the first place. WHY is the ability to disable taskmanager even in the reg to begin with? Or the group policy editor? Or the registry itself? Why do we even need a reg? Remember when every application kept it's own settings in it's own ini or cfg file located in it's own folder? Why did MS feel the need to "stuff everyones' eggs in one basket"? Here's another fuckup from MS... If you introduce a new 64bit OS then the program files folder should be "program files (x64)" but instead they "break" every 32bit application designed to install to c:\program files by changing it's name to c:\program files (x86). And how about these "application data" folders? Shouldn't an application's data be stored in the folder for the application such as "c:\program files\put_your_own_shit_here" ?

    Are they really THAT stupid over there at MS or are they doing this on purpose? I can only imagine how much money is made, by both techs and criminals, over such an obvious flaw in design. What's their kick-back? It's usually more profitable to make a better product and I'm sure they are well aware of the problems. They must be making more money leaving these issues then fixing them. Who's filling their pockets? If this conspiracy is false, then they really are that stupid.

    As far as why taskman-disable (gpedit) is there in the first place... It's so retailers can keep someone from screwing up the demo computers on display. Or to keep someone from screwing up their workstation. Or to keep someone from screwing up the Kodac kiosk at Walmart. What MS should have done was make a "Kiosk Edition" of Windows that could be locked down. Instead, what have they done? They taped a slimjim to every car door, placed a hammer at every window of your home, taped a bomb to your children and left detonators scattered around the mall. In other words, they gave every criminal the tools to destroy your computer and called it "features".

    [/rant]
     
  17. Completely Bonkers New Member

    Joined:
    Feb 6, 2007
    Messages:
    2,580 (0.93/day)
    Thanks Received:
    516
    [​IMG]
     
  18. TheMailMan78

    TheMailMan78 Big Member

    Joined:
    Jun 3, 2007
    Messages:
    21,007 (7.87/day)
    Thanks Received:
    7,556
    Or just not look at porn.
     
  19. trickson

    trickson OH, I have such a headache

    Joined:
    Dec 5, 2004
    Messages:
    6,494 (1.81/day)
    Thanks Received:
    956
    Location:
    Planet Earth.
    Where are you people getting all these viruses from ? I mean it has been years since I have even seen a virus on my computer ! I think I got one one time and that was it . STOP LOOKING AT GAY PORN !
     
  20. TheMailMan78

    TheMailMan78 Big Member

    Joined:
    Jun 3, 2007
    Messages:
    21,007 (7.87/day)
    Thanks Received:
    7,556
    Porn and warez.

    The only time I have been hit is via java and I can honestly say its always been looking for image reference for my work. Ive never been hit looking at the naked ladies.
     
  21. trickson

    trickson OH, I have such a headache

    Joined:
    Dec 5, 2004
    Messages:
    6,494 (1.81/day)
    Thanks Received:
    956
    Location:
    Planet Earth.
    Well I have never had a java virus . I just do not get it . Years of having java NOT once infected . and what kind of images are you looking up ? I mean yeah things like this happen but man the amount of them seems to be climbing !
     
  22. TheMailMan78

    TheMailMan78 Big Member

    Joined:
    Jun 3, 2007
    Messages:
    21,007 (7.87/day)
    Thanks Received:
    7,556
    What do you use for a scanner? Because honestly your system may have been compromised years ago and you don't even know it.
     
  23. trickson

    trickson OH, I have such a headache

    Joined:
    Dec 5, 2004
    Messages:
    6,494 (1.81/day)
    Thanks Received:
    956
    Location:
    Planet Earth.
    I use MSE that is all .
     
  24. pantherx12

    pantherx12 New Member

    Joined:
    Jan 2, 2009
    Messages:
    9,714 (4.65/day)
    Thanks Received:
    1,699
    Location:
    ENGLAND-LAND-LAND
    Well apparently I got it from a video of a lady and her friends playing doctor, she had a lot of friends :laugh:

    Its been ages since I've had a virus as well.


    Last time I had one I owned a dell :laugh:
     
  25. TheMailMan78

    TheMailMan78 Big Member

    Joined:
    Jun 3, 2007
    Messages:
    21,007 (7.87/day)
    Thanks Received:
    7,556
    Thats a start but MSE alone is not enough. Protection is like the layers of an onion. Ive caught infections three out of four scanners missed. MSE included.
     

Currently Active Users Viewing This Thread: 1 (0 members and 1 guest)

Share This Page