Windows 7 Forums
Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.

Windows 7: look out for Exploit.drop.GSLAD trojan

28 Jul 2013   #1

Windows10 Pro - 64Bit vs.10547
look out for Exploit.drop.GSLAD trojan

looks like a "drive-by" Trojan - and it's a real nasty..

it hi-jacks your Windows installation and denies you access, it
pops up with some message purporting to be from an official police site
warning you that you've been downloading illegal music/film files and child porn..

it even has a spoken message, warning you that your system has been "officially" shut down
along with the usual demands for a considerable payment necessary to re-open it..

- thoroughly evil..

My System SpecsSystem Spec
28 Jul 2013   #2

Windows 7 Home Premium

Thanks for the info, BugMeister. :)

Did you find a description for Exploit.drop.GSLAD that you can share with us?

Googled it, but did not come up with an official description. What Google finds goes back to o/a December 2012.
My System SpecsSystem Spec
30 Jul 2013   #3

Windows 7 Home Premium x64

There are videos on Youtube. It claims to be official police software that's "busted" you for child porn and other illegal activities, but you can unlock your PC by paying a fine. Obviously if the cops have evidence of such stuff on you, you're not really going to pay a fine and they'll drop it afterwards.

It can be cleaned but it one of the tricker ones.
My System SpecsSystem Spec

30 Jul 2013   #4

Windows 7 Home Premium

Thanks for the info, Diosoth.

Ransomware is very prevalent these days. Lots of variety.

DirtyCecrypt is also a nasty one, and on the rise. The files it encryptes are goners. Currently there is no tool available to decrypt the files.

Your backups will save you, if you have any backups....
My System SpecsSystem Spec
31 Jul 2013   #5

Windows 7 64 bit

Ugh, I think I got hit with one of these things as I was watching a Youtube vid. I can't see what popped up on the screen, but there was a voice that came on with a British accent that said, "Our PC has been blocked. You will not be able to use your computer unless you pay the fine through a money packet of $300." I'm not sure if I got the message exactly right, but that's what I thought I heard, awkward wording and all. The message just kept playing, and when I rebooted it booted normally, but I couldn't do anything except load Narator, which is only useful when Jaws conks. I've heard that you can't even fix it with a Windows reinstall. Is this true? Thankfully that was the desktop that needed a reinstall anyway, so there was nothing I was attached to on there.
My System SpecsSystem Spec
02 Aug 2013   #6

Windows10 Pro - 64Bit vs.10547

it hi-jacks your internet connection - use Windows Defender Offline..
What is Windows Defender Offline?

NB. read the instructions carefully..
My System SpecsSystem Spec

 look out for Exploit.drop.GSLAD trojan

Thread Tools

Similar help and support threads
Thread Forum
Java Exploit / Trojan magically re-appears even with a system re-image
I re-imaged my system hard drive the other day after getting infected with a google redirect virus, and a lot of other nasty malware that was apparently smart enough to be able to tell what you're doing and shuts your system down after making it unbootable. Seems to have been a Java exploit. I...
System Security
repeated start up prbs after Exploit and Java Trojan's 'removed'
hi there I'm not sure if this is the right place to post this plea... About a week ago i removed Explot:Java/CVE-20100840.JA and TrojanDownloader@Java/Openconnection using MSE. 3 days ago I was attaching a word document to a hotmail email and the system froze and never woke up. I used the...
System Security
Exploit:Java/CVE-2008-5353.B;Trojan:Java/Selace.A and B
Help! I ran the Windows Safety Scanner. It detected four issues, but apparently, the scanner cannot clean three: Exploit:Java/CVE-2008-5353.B Trojan:Java/Selace.A Trojan:Java/Selace.B There is no concrete information on how to get rid of these unwanted visitors and prevent them from...
System Security

Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd

All times are GMT -5. The time now is 19:16.
Twitter Facebook Google+