Jump to content


 

Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

"Pay to unlock your computer" scam

Started by MickinPlymouthUK , Jun 21 2012 08:48 PM

  • Please log in to reply
2 replies to this topic

#1 MickinPlymouthUK

MickinPlymouthUK

    Senior Member

  • Members
  • PipPipPipPip
  • 470 posts
  • Gender:Male

Posted 21 June 2012 - 08:48 PM

Has anybody else suffered this scam?
Your screen freezes and a big message appears telling you your computer has been locked because you're guilty of cybercrime, and that you must pay a fine of £100 to get it unlocked. Needless to say we're innocent.
Ctrl-Alt-Del won't get us out of the locked screen, so we have to switch off the computer, but on rebooting, the lock and message is still there!
I rebooted again, this time in Safe Mode and ran a Sys Restore which got rid of the message and unlocked my computer, and I followed up with AVG and Adaware scans, and my PC seems to be working fine again.
I only mention it to let people know they'll be able to do what I did and use Sys Restore to get out of the scammy lock.
I'm not too PC-savvy so there may be other ways to break the lock that i don't know about besides Sys Restore, I don't know.

 

  • BC Ads
  • BleepingComputer.com

#2 quietman7

quietman7

    Bleepin' Janitor

  • Global Moderator
  • PipPipPipPipPipPip
  • 26,112 posts
  • Gender:Male
  • Location:Virginia, USA

Posted 22 June 2012 - 09:58 PM

Sounds like some variant of Ransomware, a form of extortion in which the attacker encrypts a victim's personal information (data files) and then demands money (ransom) in exchange for a decryption key that can be used to retrieve the encrypted files. For more information, please read:
Sometimes using System Restore as a method of recovery works but other times it may not since System Restore was not designed to be a virus or malware removal tool. Whether it will be successful depends on what type of infection you are dealing with, what damage the malware has already caused, whether it disabled System Restore and if not, what is restored during the process.

This is what mvps.org has to say:
Can I use System Restore to remove virus or malware infection?

NO. System Restore was not designed to be a virus or spyware removal tool and should not be depended on.


Kaspersky Virus-fighting utilities have several fixes for some types of ransomeware such as:
  • XoristDecryptor (Trojan-Ransom.Win32.Xorist)
  • RectorDecryptor (Trojan-Ransom.Win32.Rector)
  • RannohDecryptor (Trojan-Ransom.Win32.Rannoh)

Microsoft MVP - Consumer Security 2007-2013 Posted Image
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

#3 MickinPlymouthUK

MickinPlymouthUK

    Senior Member

  • Members
  • PipPipPipPip
  • 470 posts
  • Gender:Male

Posted 23 June 2012 - 07:16 AM

Okay thanks, the Ransomware subject is more complicated than i thought, so I was lucky that Sys Restore plus AVG and Adaware scans seemed to get me out of trouble.
Back to Am I infected? What do I do?


0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users


  1. BleepingComputer.com
  2. Security
  3. Am I infected? What do I do?
  4. Privacy Policy
  5. Rules ·