| Author |
 Topic Search  Topic Options
|
DougHoff 
123 Simples
Forum Administrator
Joined: 18 Nov 2008
Location: United Kingdom
Status: Offline
Points: 219
|
 Post Options
 Thanks(0)
 Quote  Reply
 Topic: UKash - Metropolitan Police Virus Scam
Posted: 22 Dec 2011 at 7:36pm |
|
UKash - Metropolitan Police Virus Scam is doing a re-run in the UK, and recently hit one of our customers PC's who was very distressed and upset by the experience. I'm only posting this is an advisory in case anyone else gets caught out with this.
Our customer (probably like many computer users) had failed to really keep his internet security up to date, but whilst surfing YouTube he clicked on an external link, and inadvertently in doing so, downloaded the Ukash virus. It is a trojan -
Basically the virus installs on your system, and then it locks the computer up with a screen saying Metropolitan Police - Your computer has been locked.
The screen information displays your computer IP and other information that might make you think (if you do have your wits about you) that this is quite a genuine thing. Obviously the giveaway is if you pay them a £100 using any of the methods show, then an unlock code will be sent to you.
This is a scam that happened a few years ago in Germany and has been modified and released again. If you type this into Google Search:
"ukash virus metropolitan police"
You will note that there have been a spate of recent attacks using this virus. Removal needs to be done with care, and using Safe Mode - even then it takes a bit of weeding out.
Just to advise anyone who may be interested
If you receive such a message on your computer, then please DO NOT MAKE ANY PAYMENT. This is a scam using a trojan horse virus. No-one has discovered any so called illegal material on your computer, but removal procedures need to be done to remove the virus using Safe Mode, otherwise the virus remains on your system. If you think your computer has been compromised by this or any other scam, please contact us for informed advice and support.
|
|
Simple, clear, focused
|
 |
jwilson
Registered
Joined: 10 Feb 2012
Status: Offline
Points: 1
|
Post Options
Thanks(0)
Quote Reply
Posted: 10 Feb 2012 at 3:48pm |
Hello,
I'm new to this forum so I am unsure if I am posting in the correct place. I have recently come across this virus/ scam and I am looking for some advice on how to remove the trojan from a Laptop. I can provide most information about the laptop I need the software removed from so please let me know if you need any info.
How it happened: I was clicking around on ebay (shopping) when a pop up came up in the bottom right hand side of the browser page. I went to click the pop up off via the red cross (which was a mistake) and the rest is history. I'm a dab handy with computers and would rather try and sort this problem myself, as my laptop is a few years old and I don't want to spend any more unnecessary expenditures on it.
Any reply to my post would be greatly appreciated.
Best Regards, Josh
|
|
DougHoff
123 Simples
Forum Administrator
Joined: 18 Nov 2008
Location: United Kingdom
Status: Offline
Points: 219
|
Post Options
Thanks(0)
Quote Reply
Posted: 12 Feb 2012 at 2:42pm |
Hi Josh Sorry we missed your post. To remove (or attempt removal) of this UKash Scam follow the suggested steps: - Shut down your computer
- Restart the computer and as it is booting up press F8 repeatedly - you should bring on a black screen similar to this:
Select Safe Mode with Networking and then hit Enter - Once the computer has started in safe mode download Malwarebytes Anti-Malware Free - download link: http://www.malwarebytes.org/products/malwarebytes_free
- Install the software on your system and then run a FULL system scan. It should find the corrupted files and quarantine or remove them.
- Restart the computer normally and you should be good to go
Let us know if this solved the problem 
|
|
Simple, clear, focused
|
|
guevara68
Registered
Joined: 23 Apr 2012
Location: Ireland
Status: Offline
Points: 2
|
Post Options
Thanks(0)
Quote Reply
Posted: 23 Apr 2012 at 4:30pm |
|
Hi,
My laptop has just been infected with the UKAS Met. Police virus.
Before I read your post, I tried a suggestion on another site which involved restarting in "safe mode" only, not "safe mode with networking". Once in safe mode I was taken to my log in screen, however, it did not recognise my log in details so I could go no further. I should say my laptop is a work laptop and is encrypted. Would this be the reason it did not recognise my log in details in safe mode? Would starting in safe mode with networking solve this?
Any help would be appreciated.
Thanks.
|
|
DougHoff
123 Simples
Forum Administrator
Joined: 18 Nov 2008
Location: United Kingdom
Status: Offline
Points: 219
|
Post Options
Thanks(0)
Quote Reply
Posted: 23 Apr 2012 at 4:57pm |
|
Hi guevara68
We would suspect that the encryption is setup to prevent safe mode logins. You should try safe mode with networking first. If this does not work then as it is a works laptop, and it is encrypted, you may have to refer it to your IT department to have it checked.
The information below is given as a guide only - if the laptop contains important data then you are advised to contact the IT department who are responsible for your works laptop!!!
If you can login using the normal method then is there an option for you to disable the encryption on the laptop?
To help answer your question better, which version of Windows are you running, and what type of encryption does the laptop use?
|
|
Simple, clear, focused
|
|
guevara68
Registered
Joined: 23 Apr 2012
Location: Ireland
Status: Offline
Points: 2
|
Post Options
Thanks(0)
Quote Reply
Posted: 23 Apr 2012 at 8:51pm |
|
Thanks for the prompt reply and assistance.
|
|
DougHoff
123 Simples
Forum Administrator
Joined: 18 Nov 2008
Location: United Kingdom
Status: Offline
Points: 219
|
Post Options
Thanks(0)
Quote Reply
Posted: 25 Apr 2012 at 7:49pm |
|
Have you managed to sort the problem?
|
|
Simple, clear, focused
|
|
