We have just been done over by something which I now know is called (on this side of the pond) the Ukash Virus or Ukash scam.
It manifested itself as an alleged Adobe update,which we declined, but the virus came in anyway. Apparently, it doesn't matter if you click Yes or No - it still infects the computer. It says that we have been downloading something illegal, and are liable for a huge fine, or prison. It generously offers, if we pay £100, to get us out of this predicament.
The message purports to come from Cardiff Police, but the money has to be sent to London.Our laptop is now being cleaned up in the local shop, but what can be done to stop it happening again?
Norton is an absolute waste of space - the virus just came straight through it.

petert

My computer tech was telling me about this very same virus only yesterday. Do you run the realtime Pro version of Malwarebytes, or SuperAntiSpyware? Both of these catch a LOT of nasties before they can get through. They run in conjunction with anti-virus software.

You were "gotten" by this very nasty "ransomware." It morphs from country to country to make it look like something from the officials in a specific location. I have removed it from two computers belonging to friends. The virus goes by several names, but at the center it's called the Revetron virus. This is a very good article from PC Magazine that just came out recently. Although they indicate a strong relationship with on-line porn, that's just not the case. Both the infections I removed had nothing to do with porn or anything like it.

Ransomeware Article at PC Magazine

Rushes: no, I don't use either of the programs you mention.
When we bought the laptop which subsequently had the Ukash problem, my wife was right royally conned by the salesman at Currys/PCWorld. He gave her some drivel about banks refusing to pay up if villains accessed our online bank account,if we did not run a 'paidfor' anti-virus, and told her that Avast was useless under those terms. So we paid about £60 for this pile of useless cr*p called Norton.I did actually go back on the next day and had a go at the salesman, who was all slimy contrition, saying that they were taught this during their training.
Anyway, perhaps I should try malware bytes.
I did try Microsoft Security Essentials, on my PC, but that slowed it down to an abysmal crawl - it would take about 20 minutes to connect to the internet - so I got rid of it.

petert

Here's a link to Malwarebytes:

http://www.malwarebytes.org/

The realtime version isn't free, but apparently you do get a short trial of it to see how you like it before paying up. The free version isn't realtime and only runs scans if you think you have an issue, or just to use as a weekly/daily health check.

I find Microsoft Security Essentials super-light on my PC's resources, which is strange when you say you had problems with it. I had McAfee before that, and THAT monster slowed my poor PC down to a stagger.

The salesman LIED to you! Microsoft Security Essentials should never cause PC slowdowns. I have it on two computer here at home and at least a dozen computers that I work on with no slow-downs at all. Not sure what was wrong there.

Malwarebytes is something to run WITH an anti-virus program, not by itself. You can get the free version which is very useful in running scans and getting rid of stuff that is already on your computer. Malwarebytes Pro (roughly $25 US) runs in real time as Rushes said and will stop most nasties. Whenever I see it on sale for $10 or $12, I always buy 2 or 3 copies. You can just download it from their website and then pay with a credit card. They send you an ID and a key code.

Malwarebytes

and to add what Draclvr mentioned about buying Malwarebytes, You buy it once and it is good for a Lifetime, here is an excerpt from their site:

A one-time purchase of Malwarebytes Anti-Malware is a life-time license for free future updates!

This virus,which uses an official looking FBI screen in the US,locks the computer so you cant get to malwarebytes to use it. The latest versions block getting into safe mode also so you cant get to it that way either.So the free version of malwarebytes wont help much.
----------------------------------------------
Edit: What I mean about not being abls to get into safemode is that you can get to the screen that gives you choices,1)safe mode,2)safe mode with networking,etc. but when you click on any of the choices it just boots into regular startup.

In both cases when I've removed the FBI ransomware, luckily I was able to boot into safe mode. I used the Emisoft recommended at Bleepingcomputer and it did the trick for one computer and a Malwarebytes scan got it on the other computer. Both of these were infections in the last 2 weeks. There is another download from Kaspersky that you put on a flash drive and it runs at boot before you get into the OS. It is geared to infected boot loaders where the infection respawns every time you boot. This particular virus didn't infect the boot loader though.

Remove FBI Ransomeware

Just as I opened my computer today I got an update for Adobe flash which I declined, don't see any obvious problems yet but do you think I could be infected and how will I know??

I've never had to try it, so I can't say if it works, but Malwarebytes has a tool you can download called Chameleon which is supposed to get it running if it's blocked by malicious programs.

They also have Anti-Rootkit. They are both free to download.

Gil.

Adobe Flash is probably set to ask if you want to download updates, monbron. Mine is. In that case, you will get that popup.

Gil.

And you should ALWAYS install Adobe Flash updates as they are often security updates. The are awful about including what is called "foistware" with the downloads, so make sure you uncheck the McAfee safe search or whatever they want to put on your computer.

Thanks, Gil. I will have to check those out - I've read about them, but never downloaded them. The way things are going lately, I'm going to need them one of these days!

These days they want to install Chrome, as I recall. Google has its tentacles in everything, as you'll notice if you have Ghostery.

Gil.

I use "do not track" from Abine in my Firefox and I see the same thing there - nine-tenths of the trackers are Google related.

Wrong place for this, remove if you like, but since you said that, Google is reported to be favoring the new Internet security bill, CISPA, which would allow the government to get all your private information from businesses which would give it up willingly - and you would have no legal comeback. Scary.

Gil.

No kidding... scary.