PC locked by Ukash malware

Mal X

Mal X

Mal X

Soldato
Joined
25 Jun 2009
Posts
7,711
please help my pc is locked by a Ukash screen malware, it sais i have to pay a fine of 100 quid for looking at a Computer cheat trainer code website

i cant enter my rig, it's on the screen at start up, it has a police logo on it, i went to the police and they said it's Malware

someone told me that you have to get into safe mode and find the file...please please help and if so i'll need a step by step guilde because i'm not that good with the software

thanks
 
I feel for you... they got me too, and nothing I did could get the PC unlocked again (although I did manage to get rid of the message).

In the end I just went with a clean install. - None of the files are affected (other than associated with winlogon), so it was easy enough to reinstall what I needed to.
 
Boot to safemode with networking, download Malwarebytes, update the definitions and perform a full system scan.
 
ok how dreadful, i've fixed it and i'm useless with PCs :- you go into safemode
, start up, type msconfig, look at the start menu and it'll show you the start up programes, turn the one off that looks dodgy/dont recognise, it wont be the same as on youtube videos, this virus is worldwide, but it might say ``origin unknown``

no....i got this looking for the unlimited gold key cheat for Borderlands 2, this was on a big cheat website so watch out

i'm a nervous wreck right now
 
You most probably have out of date software on your PC. Update Flash, Java, Adobe Reader, etc, ASAP.
 
I had a similar experience... it came via Java 0 day exploit via an advert on trusted site.

There was no way to prevent it except disable Java - this was before a patch existed.

Malwarebytes / Kapersky all failed to detect it. The solution was to run TrojanKiller from another partition / bootable disk.
 
Beerbaron said:
Its profile specific so if possible log in as another user and clear with Malwarebytes
Click to expand...

Log in as another user or 2nd o/s and rename or deleted the old profile. Log back in to the affected o/s and you should be ok as Windows will create a fresh one for you. Then find a safer porn site :D

MW
 
sithlord said:
I had a similar experience... it came via Java 0 day exploit via an advert on trusted site.

There was no way to prevent it except disable Java - this was before a patch existed.

Malwarebytes / Kapersky all failed to detect it. The solution was to run TrojanKiller from another partition / bootable disk.
Click to expand...

I was surfing dodgy sites for custom roms and ignored my browser warning and then authorised java to run. I've since just uninstalled Java.

MW
 
Mr-White said:
I was surfing dodgy sites for custom roms and ignored my browser warning and then authorised java to run. I've since just uninstalled Java.

MW
Click to expand...

If you did all that and you didn't think anything dodgy was going on, then even uninstalling java wont help you.
 
this was on Google page 1 of Borderlands 2 cheats, nothing that dodgy, it was a few links below IGN !!!!

i didn't know what the wesite was but it looked ok to me, when i opened it up i instantly got the lock page

the malware is still there on my gaming rig it's just turned off, i'll get rid of it tomorrow, i tried yesterday but i cant find the source file location!

it's in WIN 7 start up MSCONFIG, but i need the root file location... my AVG/ HOME DEFENDER couldn't detect it; probably because it's turned off now... i have it's name so if i can find the root file i'll be able to get rid of it

i can not reupload win 7 etc or go back to an earlier date, or i'll loose all my gaming stuff/ drivers... no way man !
 
Last edited:
I had this a couple of weeks ago, booting into safe mode, with and without networking etc did nothing what so ever, it still popped up. I had to run a restore point for that morning and it worked, should work for you as well. Good luck :)
 
P3N9U1N said:
I had this a couple of weeks ago, booting into safe mode, with and without networking etc did nothing what so ever, it still popped up. I had to run a restore point for that morning and it worked, should work for you as well. Good luck :)
Click to expand...

yea that's an idea a restore point for that day but in the morning, i got the malware at 2pm......uuum
 
I bet none of the people in here had UAC enabled, or had their plug ins up to date, or disabled.

The Java exploit was well known, why someone wouldn't disable Java until a patch came out I don't know.
 
sithlord said:
I had a similar experience... it came via Java 0 day exploit via an advert on trusted site.

There was no way to prevent it except disable Java - this was before a patch existed.
Click to expand...

If it was an advert, then adblock plus would've prevented it from happening as long as you had the correct block lists running since it would have stopped the advert from even showing.
 
dfarrall said:
If you did all that and you didn't think anything dodgy was going on, then even uninstalling java wont help you.
Click to expand...

I was aware of the potential threat but I naively thought my anti-virus/anti malware solutions would physically stop any dodgyness from actually happening to my machine. Lesson learnt.

MW
 
AVG wont catch it or get rid of it later, only malwarebites, but your best bet is to delete it manually.... because you have to pay for Malwarebites.

i had widows firewall, plus firewall defender/ AVG and Spybot, it got straight through instantly and according to the PC shop nothing can stop it, it can only be removed in Safe mode later on
 
You must log in or register to reply here.
Back
Top Bottom