New
#11
Darren,
sorry to hear of your problems, I hope you can get it sorted.
Would you mind telling me how you picked up this virus, it's just to satisfy my curiosity.
Andy
Darren,
sorry to hear of your problems, I hope you can get it sorted.
Would you mind telling me how you picked up this virus, it's just to satisfy my curiosity.
Andy
Not to be a pest or pain, but I too would like to know any information as to how you picked this one up? o.O
AdwCleaner is a good program, and is used to remove malware remnants if the system is not locked by the ransomware. I am sure our Jacee's (whom I have known and worked with for years) recommendation was in this type of scenario.
In darrenj1471's predicament, with the computer locked by the ransomware, it is another story.
There are some bootable CDs used to remove the locked ransomware.
Some that come to mind are:
HitmanPro.Kickstart
Kaspersky WindowsUnlocker
Dr.Web® LiveCD
Have personally experienced success with HitmanPro.Kickstart, however, have not tried the Kaspersky's bootable CD above. HitmanPro.Kickstart marketing has focused on ransomware removal.
There are also other methods such as going into Safe Mode with Networking, and launching MSConfig, but sometimes the ransomware takes over in Safe Mode also.
These infections are sometimes a bear to get rid of.
From Wiki-Security: Method of Infection
Have also seen reported where an email with certain content has gotten some Users infected.There are many ways your computer could get infected with Ukash Virus. Ukash Virus can come bundled with shareware or other downloadable software.
Another method of distributing Ukash Virus involves tricking you by displaying deceptive pop-up ads that may appear as regular Windows notifications with links which look like buttons reading Yes and No. No matter which "button" that you click on, a download starts, installing Ukash Virus on your system.
Ukash Virus installs on your computer through a trojan and may infect your system without your knowledge or consent.
Errr I have it AGAIN, and I followed your advice again ie went and got another copy of Hitman Pro kickstart and booted pc from USB device but this time my infected pc says 'Your Licence for Hitman Pro has expired' ???? and wont let me remove malware found ?? Please help :)
As for how Im contracting it , I dont fully know but suspect its from a site which streams sports events
What AntiVirus program are you using? Is it not picking up this infection when you go to its source?
Three times infected with the same thing is not good.
Please go to the Farbar Recovery Scan Tool Download page.
Select the 64-bit download.
Save the program to a USB pendrive, or an external hard drive.
Next, plug the drive into the problem computer.
>>>Restart
On the System Recovery Options menu you get the following options:
- As soon as the BIOS is loaded begin tapping the F8 key until the Advanced Boot Options menu appears.
- Use the arrow keys to select the Repair your computer menu item.
- Select your language settings, and click: Next
- Select your User account and click: OK (If you did not set a password, leave blank.)
Select Command Prompt
- Startup Repair
- System Restore
- Windows Complete PC Restore
- Windows Memory Diagnostic Tool
- Scan your computer's memory for errors.
- Command Prompt
When done scanning, the program saves a FRST.txt report on the flash drive.
- In the Command window, at the bliking cursor type notepad and press: Enter
- In Notepad, under the File menu select: Open
- Double-click Computer, find the flash drive letter, remember what letter it is, click on it, and press: Open
- Close out of Notepad.
- Click the Command Prompt window
- Type g:\frst64.exe, and press: Enter
Note: Replace the drive letter g with the drive letter of your flash drive!- The tool starts and prepares to run. Follow the prompts.
- Click Yes to the disclaimer.
- Press: Scan
Close Notepad, then, click the Command prompt window, and type exit, and press: Enter
Remove the USB drive.
Back at the System Recovery Options, press: Shutdown
Please provide the FRST.txt in your reply.
It is located in the USB drive.
Note: If you have any older copy of FRST on the external drive, please remove it, as this program is updated very frequently. You need the newest version.
Ok think ive followed the steps and attached is the txt file output
Look forward to next steps :)
Im using AVG fyi