What is the Spamhaus virus (ransomware)?
The Spamhaus virus or The Spamhaus Project virus, are terms for dangerous malware, categorized as ransomware (Spamhaus ransomware), that infects computer systems using trojan horses, in order to restrict access to the infected computer system and trick unsuspecting victims to pay a fine to unlock the computer again. The Spamhaus virus engages in social engineering by claiming they track internet spam and may state that the computer user lost control over their computer (you have lost control over your computer) and the computer began to spread malware, viruses, trojans, and worms, upon other fraudulent allegations, therefore must be locked. The Spamhaus virus further begins to fraudulently detail that the computer user is breaking numerous international and USA laws and attempts to get victims to purchase Green Dot Moneypark cards and other credit vouchers to pay the unnecessary $300 fine. The Spamhaus virus may also contain a picture of the logo for the grocery store Ralphs. Ralphs is an American Kroger store on the west coast of the United States. * This virus is not associated with Spamhaus at Spamhaus.org.
The Spamhaus virus is very dangerous for reasons concerning cyber criminal activity and the invasion of privacy, including credit theft, extortion, and identity theft. If the Spamhaus virus is not removed from your computer, you are at very high risk of falling victim to severe forms of crime as Spamhaus malware and associated parasites may remain undetected on a computer system, ultimately collecting sensitive information via keystrokes and manually submitted forms.
Please note, the Spamhaus virus is in no way associated with spamhaus.org or any of their partners. This is common malware, alike the FBI virus that poses as an authority to make the initial ransomware infection seem more realistic and frighten computer users into paying the $300 fine (fine limits may vary). DO NOT pay the fine, as paying the Spamhaus fine can further complications and heighten the severity of risks. If you are infected with the Spamhaus virus, remove Spamhaus and third-party malware using the free Spamhaus removal instructions below.
What is the Spamhaus project (Spamhaus.org)?
Spamhaus (spamhaus.org) is a website that tracks and collects spam information, including IP addresses. Spamhaus has no legal merit and is not associated with any authorities.
Spamhaus virus screenshot content detail:
The Spamhaus virus engages in social engineering in order to cause shock, anxiety, or frighten computer users into paying the unnecessary fine to Spamhaus malware developers by making fraudulent claims about the computer user. When a computer is infected with the Spamhaus virus a full screen or window from the criminals pretending to be Spamhaus will appear with content similar to the message found on the Spamhaus ransomware template below:
The Spamhaus Project
XBL Advisory
Ref: XBL198972
IP address: xx.xx.xx.xx
Tracking time: 1 w 10 h 03 m
Responsible agent: David C. Krehnke
Address: 18 Avenue Louis Casai CH-1209 Geneva Switzerland
You have 48 hours left to enter your payment.
You have lost control over your computer. Your system and all your files has been blocked and encrypted because you were spreading the Malware (viruses, trojans, worms).
You are breaking numerous International and USA laws.
Actions made by your computer backed up under United States law USA Patriot ACT
What exactly is The Patriot Act?
The Patriot Act is short for The Uniting and Strengthening America by Providing Appropriate Tools Required to Intercept and Obstruct Terrorism Act of 2001.
We have the right backed by law:
Sec. 201. Authority to intercept wire, oral, and electronic communications relating to terrorism.
Sec. 202. Authority to intercept wire, oral, and electronic communications relating to computer fraud and abuse offenses.
Sec. 209. Seizure of voice-mail messages pursuant to warrants.
Sec. 217. Interception of computer trespasser communications.
With the support of the federal Bureau investigation department on cybercrime and the Supreme court of the United States of America. We have the legal right to scan and intercept any information going in and out of your computers.
You IP address (xx.xx.xx.xx) was identified and isolated by our organization in connection with a complaint to the involvement of distributed denial of service (DDoS) attack such organizations: NASDAQ and BATSS stock exchange markets and WIKILEAKS.ORG website. Such attacks caused $15 billions in damage. In order to isolate this infected files we have blocked your access to the outside world and your IP address was listed in our XBL Block List. You can not use the internet or any of your programs.
You have a chance to settle this issue right now before we contact the proper authorities. Within 48 hours, you can pay a fine of $ 300. All your files will be decrypted, and access to the computer will be granted, a claim for compensation from affected from affected companies will be removed and your IP (xx.xx.xx.xx) address will be restored to good standings with XBL Block List.
If you don't pay a penalty within the next 48 hours, local authorities and secret service will be contacted, and most likely it will result in your arrest. You can and will be prosecuted to the fullest extent of the law in order to recover our losses. Do not take a chance to be convicted as a felon.
Our spamhaus agent has conducted a full check of your system and found following violations: botcrawl.com
• You are a distributor of pornography and porno materials, regularly watch porno sites with child pornography and zoophilia.
• You possess unlicensed software and pirate audio and video records.
How to remove the Spamhaus virus
- Spamhaus removal software (Automatic removal) – Scan for and remove Spamhaus ransomware
- System Restore – Restore PC to date and time before Spamhaus malware infection
1. Spamhaus removal software (Automatic)
1. Install the free or paid version of Malwarebytes Anti-Malware software.
Malwarebytes Anti-Malware Editor’s Choice
Latest versions: Malwarebytes Anti-Malware PRO, Malwarebytes Anti-Malware Free
Release date: April 09, 2013 / 1.75
2. Once Malwarebytes is installed, open the Anti-Malware program. If you are using the free version of Malwarebytes you will be prompted to update the database, please do so.
3. On the first tab labeled “Scanner” select the Perform full scan option and click the Scan button to perform a full system scan (pictured below).
4. Malwarebytes will automatically detect the Spamhaus virus. Once the scan is complete, Malwarebytes will prompt a message stating malicious objects were detected. Select (check) the malicious objects in the list and click the Remove Selected button to completely remove Spamhaus malware from your computer (the image below shows a file that is NOT selected for removal – ‘Make sure the box is checked in’).
2. System Restore
A System Restore is an easy solution to restore an infected computer to a date and time before it became infected with malware. To learn more please select a link below.
Spamhaus virus removal tips:
If removing Spamhaus ransomware is difficult please refer to Spamhaus removal tips below:
User accounts
Ransomware often infects 1 user account on Windows. Here are some tips to remove the Spamhaus virus using different user accounts.
- Log into an account not affected by malware (with administrative rights) and perform a scan with reputable software to detect and remove malware.
- You can also delete the infected account.
- Other options include creating a new user account to remove malware if only 1 Window’s user account is present on the computer system.
Deny flash
Some variants of ransomware use flash and symptoms of the infection can be suspended by denying flash via Macromedia’s real-time options. To learn more and deny flash please visit: http://www.macromedia.com/support/documentation/en/flashplayer/help/help09.html
Troubleshoot internet/network issues
Safe Mode With Networking can be used to access the Internet for updates, drivers, removal software, or other files if internet and network connectivity is compromised.
Manual removal information:
Spamhaus manual removal options will be updated as the samples arrive.
Spamhaus Files:
Remove associated files.
random.exe
Spamhaus Windows Registry Information:
Repair associated registry additions.
random.exe
Leave a Comment