Bridge Commander Central
Recreational Forums => Techies Discussion => Topic started by: captain_obvious on July 07, 2012, 11:23:21 AM
-
As you can tell my rig was somehow hit with a trojan last night. It's a variant of the "police" Ukash ransomware scams.
The one I'm afflicted with is the "West Yorkshire police" variant but for some reason it (thankfully) hasn't encrypted any of my files like almost every other victim has. The bad news is none of the fixes on the net are working as none of the files or registry entries exist and none of the AV or other security software packages are picking it up.
Nonetheless as soon as I boot normally into windows the screen goes black and is replaced with a full-screen warning telling me to pay a ?100 "fine" to receive an unlock code. If I were to enter the wrong code 3 times my computer gets it. Task manager is disabled as is pretty much everything other than ctrl alt delete.
I can boot into safemode ok and I have identified the malware as being a fake "tracert.exe" in my appdata folder.
EDIT
No trojan is a match for me :dance
-
Rule #1 of teh internetz:
Don't download pronz. :P
-
Rule #1 of teh internetz:
Don't download pronz. :P
I don't download porn hence the confusion as to how I got infected.
-
Few vectors come to mind:
1. You opened an e-mail attachment you shouldn't have\downloaded an infected program
2. Drive by downloads from infected sites which exploit security vulnerabilities in operating systems
3. Infection via Flash Drives, there is malware which infects you as soon as you plugin a device
-
I don't download porn hence the confusion as to how I got infected.
Joking aside, good job annihilating the little bugger.
-
Few vectors come to mind:
1. You opened an e-mail attachment you shouldn't have\downloaded an infected program
Possibly, but I am very careful about opening emails from unknown sources and I never ever open attachments from people I don't know.
2. Drive by downloads from infected sites which exploit security vulnerabilities in operating systems
This is what I've been thinking. I have an idea as to where I might have picked it up from. I'd downloaded a program to convert my music collection from .ogg to .mp3 so it would work on my cars stereo system. As such I uninstalled that program rather quickly :)
3. Infection via Flash Drives, there is malware which infects you as soon as you plugin a device
I'm pretty doubtful about that one. I only use 2 flash drives and both of these were until recently only ever used on my pc and my parents pc. Their pc was entirely unaffected by this infiltrator. The only other thing 1 of these drives has been used on is my car as it now holds my music.
Joking aside, good job annihilating the little bugger.
Thank you :D