Windows 7 Forums

Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.


Windows 7: UKASH Virus .....again :(

31 Mar 2013   #11
keebsuk

Windows 7 Home Premium 64bit
 
 

Darren,

sorry to hear of your problems, I hope you can get it sorted.

Would you mind telling me how you picked up this virus, it's just to satisfy my curiosity.

Andy


My System SpecsSystem Spec
.
31 Mar 2013   #12
IoNGeNeRaL

Windows 10 Pro x64 (UPGRADED - 10/20/2016)
 
 

Not to be a pest or pain, but I too would like to know any information as to how you picked this one up? o.O
My System SpecsSystem Spec
31 Mar 2013   #13
Britton30
Microsoft MVP

Windows 7 Ultimate X64 SP1
 
 

Try this suggestion from Jacee:
ADWcleaner
My System SpecsSystem Spec
.

31 Mar 2013   #14
cottonball

Windows 7 Home Premium
 
 

AdwCleaner is a good program, and is used to remove malware remnants if the system is not locked by the ransomware. I am sure our Jacee's (whom I have known and worked with for years) recommendation was in this type of scenario.

In darrenj1471's predicament, with the computer locked by the ransomware, it is another story.

There are some bootable CDs used to remove the locked ransomware.
Some that come to mind are:

HitmanPro.Kickstart
Kaspersky WindowsUnlocker
Dr.Web® LiveCD

Have personally experienced success with HitmanPro.Kickstart, however, have not tried the Kaspersky's bootable CD above. HitmanPro.Kickstart marketing has focused on ransomware removal.

There are also other methods such as going into Safe Mode with Networking, and launching MSConfig, but sometimes the ransomware takes over in Safe Mode also.

These infections are sometimes a bear to get rid of.


From Wiki-Security: Method of Infection

Quote:
There are many ways your computer could get infected with Ukash Virus. Ukash Virus can come bundled with shareware or other downloadable software.

Another method of distributing Ukash Virus involves tricking you by displaying deceptive pop-up ads that may appear as regular Windows notifications with links which look like buttons reading Yes and No. No matter which "button" that you click on, a download starts, installing Ukash Virus on your system.

Ukash Virus installs on your computer through a trojan and may infect your system without your knowledge or consent.
Have also seen reported where an email with certain content has gotten some Users infected.
My System SpecsSystem Spec
31 Mar 2013   #15
VistaKing

Windows 7 Ultimate 32-Bit & Windows 7 Ultimate 64-Bit
 
 

We could go through the registry if you would like
My System SpecsSystem Spec
31 Mar 2013   #16
cottonball

Windows 7 Home Premium
 
 

If the computer is locked, it won't be thru Start > Run, type in: regedit
My System SpecsSystem Spec
31 Mar 2013   #17
VistaKing

Windows 7 Ultimate 32-Bit & Windows 7 Ultimate 64-Bit
 
 

Yes I kno it will be from the installation DVD
My System SpecsSystem Spec
27 May 2013   #18
darrenj1471

windows 7 64 bit
 
 

Errr I have it AGAIN, and I followed your advice again ie went and got another copy of Hitman Pro kickstart and booted pc from USB device but this time my infected pc says 'Your Licence for Hitman Pro has expired' ???? and wont let me remove malware found ?? Please help

As for how Im contracting it , I dont fully know but suspect its from a site which streams sports events
My System SpecsSystem Spec
27 May 2013   #19
cottonball

Windows 7 Home Premium
 
 

What AntiVirus program are you using? Is it not picking up this infection when you go to its source?

Three times infected with the same thing is not good.


Please go to the Farbar Recovery Scan Tool Download page.
Select the 64-bit download.
Save the program to a USB pendrive, or an external hard drive.

Next, plug the drive into the problem computer.



>>>Restart
  • As soon as the BIOS is loaded begin tapping the F8 key until the Advanced Boot Options menu appears.
  • Use the arrow keys to select the Repair your computer menu item.
  • Select your language settings, and click: Next
  • Select your User account and click: OK (If you did not set a password, leave blank.)
On the System Recovery Options menu you get the following options:
  • Startup Repair
  • System Restore
  • Windows Complete PC Restore
  • Windows Memory Diagnostic Tool
  • Scan your computer's memory for errors.
  • Command Prompt
Select Command Prompt
  • In the Command window, at the bliking cursor type notepad and press: Enter
  • In Notepad, under the File menu select: Open
  • Double-click Computer, find the flash drive letter, remember what letter it is, click on it, and press: Open
  • Close out of Notepad.
  • Click the Command Prompt window
  • Type g:\frst64.exe, and press: Enter
    Note: Replace the drive letter g with the drive letter of your flash drive!
  • The tool starts and prepares to run. Follow the prompts.
  • Click Yes to the disclaimer.
  • Press: Scan
When done scanning, the program saves a FRST.txt report on the flash drive.


Close Notepad, then, click the Command prompt window, and type exit, and press: Enter
Remove the USB drive.
Back at the System Recovery Options, press: Shutdown


Please provide the FRST.txt in your reply.
It is located in the USB drive.

Note: If you have any older copy of FRST on the external drive, please remove it, as this program is updated very frequently. You need the newest version.
My System SpecsSystem Spec
27 May 2013   #20
darrenj1471

windows 7 64 bit
 
 

Ok think ive followed the steps and attached is the txt file output

Look forward to next steps

Im using AVG fyi


Attached Files
File Type: txt FRST.txt (30.4 KB, 13 views)
My System SpecsSystem Spec
Reply

 UKASH Virus .....again :(




Thread Tools Search this Thread
Search this Thread:

Advanced Search




Similar help and support threads
Thread Forum
explorer will not start after having ukash virus
last week i got the ukash virus. i did a restore point, ran several malware detection progams and have got rid of the virus but now explorer will not start flashes white then disappears. i think the problem is some files were corrupted. this is the missing files how do i find then and reinstall...
System Security
Help with the Ukash Virus Please
Hi. My laptop has recently gotten the Ukash Virus. It won’t let me start the laptop in any version of Safe Mode (either With Networking or With Command Prompt). By reading some of the other posts on this site I think I need to download something called Windows Defender Offline? Is this right?...
System Security
HELP > ukash virus :(
:cry: Followed the instructions from this thread http://www.sevenforums.com/system-security/249497-ukash-virus-simply-wont-go-away-help-pleeeaase.html Need a little help Please and thanks
System Security
Ukash virus simply won't go away - help pleeeaase
Hello Firstly , I am new here so if I'm in wrong area or miss some etiquette I whole heartedly apologise up front but I'm panicking and need help. I have a windows 7 64 bit Samsung laptop which has contracted The ukash virus and I'm having to type this from my phone. I have watched many vids...
System Security
I need help removing Ukash virus please!
Im fixing a laptop here that is infected by the Ukash virus. After some research there seems to be a few different versions. They all do the same thing tho. They lock your computer and show a screen sayin your PC has been locked because you where on some illegal websites. They give you a link...
System Security
UKASH virus
Hi all, I have downloaded defender to a usb stick, problem is it wont boot from the stick. I have the UKASH virus and can't even get into safe mode it just throws me out. If my machine is not formatted to boot from usb and I can't get in to change it what options do I have. Is there a way of...
System Security


Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd

All times are GMT -5. The time now is 05:39.

Twitter Facebook Google+



Windows 7 Forums

Seven Forums Android App Seven Forums IOS App