URGENT - CHECK YOUR VIRUS PROTECTION NOW!!!

[TerryG]

To get control back of your pc
boot in safe mode
run regedit
look in hklm\software\Microsoft\windows\current version\run
if you see a dodgy program, browse to the path and delete it
remove anything that you don’t need
look in hkcu\software\Microsoft\windows\current version\run
if you see a dodgy program, browse to the path and delete it
remove anything that you don’t need

restart, you should have your PC back.
You may have to disable addons to ie if you have a varient that plugs itself in there.

You can use Microsoft "windows malicious software removal tool" or Lavasoft adaware to clear what remains. Most anti-virus systems will do it too.

It is not a clever or very sophisticated piece of malware.

[sierra3dr]

Ay up!

There's a particularly nasty piece of Ransomware purporting to be from the Met Police e-Crime Unit going around. I got it from You Tube - watching a railway vid - how ironic is that?

It is a version of the U-Kash scam and looks very convincing. I'm no dumb bunny and am, at least, streetwise with the Net but was very nearly taken in. The only reson I didn't cough up is the only place locally that has PayPoint was shut.

Check the anti-malware software on your machines and please, be careful.

railway vids? is that what they call it now??

Looking back on it, I reckon I've caught it from the Wi-Fi system at a local cafe.

You caught a virus from the local cafe it gets worse. You've done well to get rid of it,with it "hiding". If I can't get rid,it'll be a clean install of windows

[JPB]

.....You've done well to get rid of it,with it "hiding". If I can't get rid,it'll be a clean install of windows

The following is NOT a comment on the superiority of one o/s over the others, but if that happened to be the case, which it most likely is, then you could run a live Linux disc, any distro but I'd go with Ubuntu, Open Suse or similar without changing your native o/s and safely remove the problem this way, using the live o/s to access the 'doze registry and edit entries.
That said, when I - and work - used to run Windoze it was necessary to carry out a fresh install on average every six months or so in any case as the time taken to write Qs to any suspect registry entry, then reboot, check to see whether the entries edited were in fact all of those required to halt the virus activity, do it again, etc. all of that would take longer than the couple of hours required to overwrite the hard drives, reinstall the o/s and get the machine up to speed again by the random process that is finding registry entries that you can safely remove, startup processes that can be eliminated and updates, oh the hours and hours of time that could be put to good use that we used to waste on waiting for those wretched updates.

Seriously, try it live. That was not a comment on which is the better o/s, just a far better way than reinstalling if it's not long been done.

[suffolkpete]

It's probably complete gibberish to anybody outside the IT community.

[TerryG]

Must not get drawn in to OS wars again.
There are lots of good tools for fixing damage to any OS and I am yet to find a Windows install that can't be repaired. The question is if it is quicker to diagnose and fix or re-load.
I use Debinan, raspbian, Ubuntu, Suse, SCO, Lion, Windows XP/Vista/7 most days and they all have their good / bad points.
The best OS is the one you know how to use so if you know how to use Windows stick with it.

[JPB]

Quite so, but the point there was that, by using Windows to find the source of the problem, you risk further infection.

[TerryG]

Highly doubtful as it is malware not a virus and that is exactly what safe mode is for.
Everybody will fix their machines a different way. Giving a windows user instructions on repairing their machine with Linux you may as well write the instructions in Manderin. Give people tools that look and work in a familiar way and they will get the job done quicker or if it is not a simple fix then format / reinstall or call a pro who has the correct tools.

[rich.]

we havent got a virus or ransomeware? but as we have been having problems with the computer (new hard drive etc) we lost a lot of programmes & wifey downloaded vlc media player which in turn has now porn sites popping up. honest chaps, thats not my bag. not enough micras for me.. any ideas how we can stop them? my 3 year old uses the computer & its not the sort of thing i want her looking at

[TerryG]

There is a type of malware that can spread via WMV files. Because of how WMVs are licenced it is possible for one to link you to an infected site.
If your normal anti-virus isn't up to the job you could try a rootkit scanner.
Microsoft provide a free AV that is pretty good at picking up things like that.

[sierra3dr]

It's probably complete gibberish to anybody outside the IT community.

Like me What JPB had written went over my head I think JPB knows binary language