New malware freezes computer until ransom is paid

By Shawn Knight · 30 replies
May 7, 2012
Post New Reply
  1. The latest trend in malware doesn't just flood your computer with annoying advertising or attempt to steal your banking information. Instead, it quite literally locks a system down and prevents...

    Read the whole story
  2. Lurker101

    Lurker101 TS Evangelist Posts: 819   +343

    And the quickest and cleanest way to get rid of it is to simply start Windows in safe mode and do a quick system restore to any point before the malware hit.
  3. This isnt really new. Normally they do this under the guise of anti-virus software.

    I think if malware creators thought about the consumer more and less about the money they might end up making more money. Instead of just locking down the system they should start by complimenting the user for choosing their malware instead of the competitors malware. Maybe they can make some user-targeted downloadable content. If the user likes music they can download some viruses that play music. Or if the user likes to shop online maybe the malware can show items the user can attempt to buy. I think I could make malware way better than how these other people are doing it. You just need a real business plan.
  4. Xero07

    Xero07 TS Booster Posts: 100

    Yup, had something like this happen before.
  5. H3llion

    H3llion TechSpot Paladin Posts: 1,376   +286

    Aren't malware or other nasties often not affected by system restore and are still persistent when you rollback?

    Might as well boot in safe mode and do a virus scan + mbam.
  6. hello Hiren's boot cd :D problem fixed ;)
  7. Yet another reason for backups.
  8. bexwhitt

    bexwhitt TS Guru Posts: 354   +70

    I think this causes safe mode to blue screen so an live cd or windows vista/7 install dvd is needed to sort this
  9. cliffordcooley

    cliffordcooley TS Guardian Fighter Posts: 9,713   +3,688

    Case like this is why I have my system booting to ISO images. One ISO image is Seagate DiscWizard, where I can do a complete system recovery.
  10. Camikazi

    Camikazi TS Evangelist Posts: 925   +284

    If I ever got this I would just format and reinstall, my My Documents and Program Files folder are on a different drive anyway. I have nothing I made on my C drive so a simple reinstall will fix it or I can use one of my drive image backups I make every week and go back to before the virus, simple to fix really.
  11. Lionvibez

    Lionvibez TS Evangelist Posts: 1,264   +436

    And why wouldn't the malware just to your other drives in the same system?

    This would only really hurt a noob.

    I have image backs of my rig don't use system restore.

    i would be back up and running in about 15mins.
  12. How does it freeze your computer? Does it boot up like this web page? Or when you load your internet, does it say you half to pay before you can do anything?

    Even if this happens to my computer, I will get it out. I mean, this is easy! I can just boot up in safe mode and remove the virus from there!
  13. TomSEA

    TomSEA TechSpot Chancellor Posts: 2,713   +855

    Well, everyone posting here is pretty tech-savvy. Unfortunately, this could nail quite a few people who aren't quite as up on handling something like this. Especially elderly folks who don't do much more than check e-mails and look up pictures of their grand kids on some hosted site.

    It would be nice if Interpol or some other multinational agency could track down and nail the scumbags who are doing this. Unfortunately, Russia has provided zero cooperation in stopping this type of hacking although there is proof all over the place that's where it's coming from. Same thing with China.
  14. SNGX1275

    SNGX1275 TS Forces Special Posts: 10,742   +421

    I too keep Documents, Music, Pictures, Movies, and Program Files on a different drive from my Windows install. But having Program Files on another drive isn't going to help you any. If you have to wipe your "C" drive, all those Program Files are now worthless. They have important parts tied into the registry, which is now gone. Now, if you are going to restore your C from a regular backup, that is fine then and it will work. Just pointing out that if you really were going to just reinstall Windows from scratch, your Program Files aren't safe that way.

    I just keep Program Files on a different drive because of habit, back in the 9x and early XP days I'd frequently reinstall the OS, and having my Program Files folder still there just was a convenient list to show me what I had installed. If I didn't want a program anymore (after reinstalling Windows) I'd just delete that directory.
  15. captaincranky

    captaincranky TechSpot Addict Posts: 12,961   +2,516

    Stories like this always make me misty and nostalgic for the "good old days", of IE-6, and "Spyware Sheriff"......;)

    Besides, if you're stupid enough to leave illegally downloaded music on the computer you downloaded it with, you pretty much have this coming, don't you?
  16. PinothyJ

    PinothyJ TS Guru Posts: 460   +22

    I refuse to have sympathy for people who do not know how to use a computer properly. Call me arrogant but you need a licence to drive a car or own a weapon (in any decent country) and I am of the opinion that if you want to use a computer than you should have the same level of basic understanding. Since there is no test you have to do to qualify for a machine than I see things like this as those tests - adapt or die!

  17. ikesmasher

    ikesmasher TS Evangelist Posts: 2,995   +1,316

    the title made this sound a lot cooler than it really is.
  18. captaincranky

    captaincranky TechSpot Addict Posts: 12,961   +2,516

    And isn't that exactly what "good journalism", is supposed to do?
  19. Tekkaraiden

    Tekkaraiden TS Evangelist Posts: 997   +93

    Plenty of people have a drivers license and can't drive properly so I'm not sure the point you are trying to make.
  20. captaincranky

    captaincranky TechSpot Addict Posts: 12,961   +2,516

    And still more, don't care how they drive.....:eek:
  21. Darth Shiv

    Darth Shiv TS Evangelist Posts: 1,811   +472

    Yes I'd think smart malware would be designed to handle safe mode and system restore. Full admin access allows a whole world of holes to exploit!
  22. I live in Wales , UK I had this lock on my laptop about 2 months ago . I 've tried to remove by antivirus at safe mode but nothing happens. Until I'm not going online everything was fine, after when I'm connected to my router and trying to put a web address on my browser the lock has appeared again. I have it to paid £100 to unlock my system.It was so believable , but fortunately I formatted my C and everything was sorted out.
  23. These type of Malware disables explorer.exe shell process from starting which is what gives you your desktop in windows, usually fairly easy to remove. However more advanced ones will install a rootkit to enable re-installation and other nefarious schemes.

    The easiest way to remove it other than formatting the drive is to slave to another computer and run the various malware scanners, most AVs don't detect these. Also run a rootkit scanner as they're invariably installed.

    As to how you get them? Mostly by visiting compromised websites and using drive by attacks from what I've seen. Problem is you often don't realise you're on a compromised site these days as it could be any website that uses a CMS system.
  24. Camikazi

    Camikazi TS Evangelist Posts: 925   +284

    Actually it makes reinstalling much faster, the installs tend to leave files that match what they were going to install alone, I have done this already and the reinstall took MUCH less time with Program Files on another drive.
  25. Camikazi

    Camikazi TS Evangelist Posts: 925   +284

    Hit enter too fast :p My primary reason for having Program Files on a second drive is cause my boot drive is a 60GB SSD and I tend to have big programs and games installed, the faster reinstall and no loss of preferences and custom files are just a bonus. I only have certain important programs actually on my SSD the rest go to my secondary HDD.

Similar Topics

Add your comment to this article

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...