Help with nasty "Ukash" virus please!

Darkst4r

Darkst4r

Darkst4r

Associate
Joined
14 Apr 2009
Posts
1,058
Location
Bedford , United Kingdom
Hi, I'm having some real trouble with a particularly nasty virus.

It's the ransonware "Ukash" virus that says I need to pay 100 pounds of get done for child porn haha

Obviously it's a scam but here is the problem...

The virus will not let me operate windows even though it's running in the background.

None of the safe mode options work either, the virus shuts down my system before I can enter it.

Is there anything I do via command prompt to remove the virus!?

Any help would be great as my pc runs my whole entertainment system and my son wants to watch Peppa Pig!

Thanks in advance
 
Unfortunately as I mentioned I cannot even access my desktop to run anything as the splash screen the virus produces blocks everything, even msconfig from the run screen.

Ive ended up installing Windows to my backup drive to scan the affected drive from there but nothing seems to pick up the virus.

I've tried c cleaner, spybot, malwarebytes, avg and avast but nothing picks it up or gets rid of it...
 
UnworthyBean said:
Can you run Windows in safe mode with command prompt?
Click to expand...

Negative, the virus shuts down windows before it gets there. You see the driver load screen, then "windows is shutting down"

I'm kind of at the end of my rag with it, think a clean install is now the only option...
 
KIA said:
Did you read posts #2 and #3?
Click to expand...
Yeah, hitman does nothing, I can't even get the usb drive to boot despite changing the bios settings.

Haven't tried Kaspersky yet but maybe I'll give it one last go as I'm really not looking forward to having to transfer all my data and reinstall all my games, programs and drivers...
 
Kaspersky disk found nothing, no options left but to reinstall windows.

That's the most persistent and crappy virus I've ever come across.

I hope whoever created it burns in the fires of hell and is forced to suckle on Satan's decomposing,maggot infested tit for all eternity..
 
Last edited:
Probably the best thing to format anyway. Who knows if you've really got rid of it.

If you can someone get into regedit, i've found you can stop it from loading and atleast get into Windows to play about.
 
If there is another user account on the PC, try and log in with that. I think it only highjacks the account you were log in with at the time. Malwarebytes should then remove it.
 
Use a linux distro to backup any important files and then nuke it from orbit (since you can't even get in, and it can't be removed the best option is to wipe the hard drive and start from scratch).
 
Tap F8 as windows is booting and select recovery environment.

When in there try one of the two options below.

First try the system restore option - If this works, run the usual malware removal tools.

If that doesn't work instead of using system restore, go into your command prompt and navigate to appdata and temp files, you should see the nasty in one of those places. Just delete it, boot to windows and run the usual malware removal tools.

I'm basing these instructions on you having a bit of know how with computers.
 
You must log in or register to reply here.
Back
Top Bottom