W00t! The first batch of Ukash Viruses for 2013 is here! Now aren’t they lovely?^^ Actually, absolutely not. And here I thought that perhaps ransomware infections would dwindle out of existence with the news that Spanish police arrested ransomware gang, but of course not. Now we have things like ICSPA Virus ruining our mood, and the problem is that it’s the same old threat, with a new face, meaning – ABSOLUTELY ANNOYING.
So what do we know about ICSPA Virus? Well, we are sure of the fact that this ransomware infection is distributed by Urausy Trojan. Also, it’s not exactly the infection name, as much as an alias, because there are several new Ukash infections that have the International Cyber Security Protection Alliance logo plastered on their interfaces, and so it makes poor users think that (ack!) they are busted because their computers are locked by some huge international cyber security organization. Here’s a news flash for you – the original ICSPA has NOTHING to do with the infection. You have been FOOLED.
The infections known to be using the name of ICSPA are United Kingdom Police Virus, Royal Canadian Mounted Police Virus, Australian Federal Police Virus and so on. The main idea behind these infections is that the ransomware locks down your computer and scares you shitless by displaying a fake law enforcement authority notification, for example:
You have been viewing or distributing prohibited Pornographic content (Child Porn/Zoophilia and etc). Thus violating article 202 of the Criminal Code of Great Britain.
The amount of fine is £100. You can pay a fine Ukash or PaySafeCard.
The message above is an extract of the notification displayed by United Kingdom Police Virus (a.k.a. ICSPA Virus). So, basically, this infection makes users think that they have done something terribly wrong. When the user is scared he is more bound to do what he is told, so it’s no surprise that tons of people end up transferring money via Ukash or PaySafeCard, thinking that, oh my gosh, I have to avoid prosecution!
Umm, reality check! What prosecution? ICSPA Virus is computer MALWARE and it cannot initiate a legal case against any person. We have to initiate cases against people who have CREATED ICSPA Virus. However, before we get to that, we need to get our desktops back, now don’t we?
How to unlock your PC:
Windows Vista & Windows 7
- Restart the computer and tap F8 key continuously once BIOS screen loads.
- In case Windows logo shows up, restart the PC and try again.
- Now use arrow keys to navigate and choose Safe Mode with Networking. Press Enter.
- Access the Internet and download a reliable malware scanner.
- Follow the scanner installation wizard to install it, and then run a full system scan.
- Repeat the steps above from 1 to 3.
- When a confirmation dialog box appears, click Yes.
- Access the Internet and download the malware scanner.
- Open Start Menu and launch Run.
- Type “msconfig” into Open box. Click OK.
- Click the Startup tab on System Configuration Utility when it shows up.
- Un-tick all programs that you see on the list.
- Click OK to save changes and exit the utility.
- Restart your computer again in Normal Mode.
There’s a bunch of computer security websites out there, that always offer pieces of advice on malware removal, so I’d recommend browsing those sites and contacting them. Or you can leave me a comment if you have any questions about ICSPA Virus. I will try to answer it as best as I can.