General Question

kylebrown94's avatar

Help! My computer was locked suddenly and I was asked to pay a fine to unlock my computer.

Asked by kylebrown94 (10points) June 7th, 2013

One day ago, I was browsing some webpage and my computer was suddenly locked and I was required to pay a certain of fine to unlock my computer. Why this happened and What should I do?

Observing members: 0 Composing members: 0

14 Answers

elbanditoroso's avatar

your computer was hijacked by a nasty virus that holds you as a hostage.

There are tons of web stories like this – you need to see what the exact message is and Google it. A bunch of different solutions exist, depending exactly which one of these infected your computer.

jerv's avatar

Entirely correct. Ransomware is running rampant nowadays.

Follow @elbanditoroso‘s instructions, then get yourself a decent antivirus program to avoid similar issues down the road.

Katniss's avatar

Great answers from the above posters. I don’t have much to add other than good luck.
This happened to a friend of mine last summer. It took him and my fiancé a couple of days of pretty heavy Googling to fix it, but they worked it out.
Funny thing…..... I happened again a couple weeks ago.
Things that make you go “Hmmmmmm”.

Good luck!

Tropical_Willie's avatar

The virus gets into the computer because:
1) There is not an anti-virus program on the computer.
2) Repeated occurrences means there is a repeated visitation to a toxic websites
3) All of the software on your computer is not up to date. Make sure automatic updating is turned on to get all the latest Microsoft security updates. Scan your computer with the Microsoft Safety Scanner, if you have a Microsoft OS computer.
4) Your firewall is not turned on and it should be on.
5) Someone keeps opening spam email messages or click links on suspicious websites.

rexacoracofalipitorius's avatar

You will need to re-install your OS. The current installation cannot be trusted, since a rootkit has likely been installed. Scan your backups with a good security scanner (like Microsoft Seccurity Essentials or similar) before restoring them. You have backups, right?

Also: http://freegeekseattle.org/wiki/index.php/Security_Basics

glacial's avatar

@Tropical_Willie It is still possible to pick up a virus like this while having up-to-date, decent antivirus and antimalware software. And if you spend a significant amount of time doing research for various things on the internet, you will inevitably click on something you shouldn’t, even if you’re vigilant. This has happened to me in the past. It can happen to anyone.

@rexacoracofalipitorius Re-installing the OS is an overreaction, I think. These viruses can be removed with the help of skilled tech geeks.

@kylebrown94 Definitely do what @elbanditoroso suggests. Google your exact situation using a virus-free computer, and look through the results for suggestions from good tech forums, and particularly from the site bleepingcomputer if there are any. They are amazing – they walk people through all the steps to wipe out the virus, for free. You will probably need access to a second, clean computer and a USB stick to transfer antivirus software from one computer to the other. If you don’t have access to either of these things, you might as well take your computer into a repair shop and let them charge you to have it cleaned up.

Katniss's avatar

Staples has really good Tech’s.
You can take your computer there. They’ll do a free scan and tell you exactly what you need to do. They can also do the work for you. I think virus removal is about $100 though.

jerv's avatar

@glacial True, but protection reduces risk while recklessness increases it. You’re never completely safe, but that’s no excuse for nihilism, apathy, or foolishness. That’s why I wear my seatbelt and avoid walking through rough neighborhoods alone at 2 AM.

@rexacoracofalipitorius There are some good rootkit removal tools out there these days; things have come a long way in the last few years.

glacial's avatar

@jerv Agreed – I just don’t like to see people automatically assuming that the user must have been careless. You can be wearing a seatbelt and still get killed in a car crash. It happens.

rexacoracofalipitorius's avatar

@glacial As a “skilled tech geek” myself, I will concede that it’s possible that re-installing might be an overreaction. Then again, it might be a vast under-reaction.

Everyone seems to be assuming that this attack is a known virus, but there is no evidence in the OP to suggest that this is so. Even if there were, we can’t know that the current exploit isn’t something new cunningly disguised to look like an existing CVE.

Here’s what we know: the computer is compromised. Since the user is “locked out”, I assume that the attack has achieved a privilege escalation. We have no way of knowing what persistence measures the exploit uses. If @kylebrown94 is proficient in the use of debugger and stack traces and logfiles (assuming there are logs) then he might be able to glean some of this information. In the absence of that information we must assume that the exploit is active and in control of the OS. Therefore we cannot trust the OS and it needs to be reinstalled (since it could potentially corrupt any installed patches- but we’ll assume it can’t corrupt read-only install media from Microsoft, since if it can we’re hosed anyhow :^)

Since we also can’t know for sure when the attack began, any backup data must be carefully scanned before it’s restored, as we must assume that the exploit has corrupted it. No executables should be re-installed from the old system, and care should be taken that none of the restored data is executable (for example, attackers can attach runnable Java code to PDFs in a way that’s non-trivial to detect.)

glacial's avatar

@rexacoracofalipitorius If reinstalling the OS is a vast under-reaction, what is the reasonable response? Setting it on fire? Remind me never to bring you an ailing laptop.

@jerv is right. Ransomware is becoming increasingly common, and the OP’s description is classic. Without further detail, the obvious first step is for him to find out if that is the issue. No one has suggested that he continue to use the infected computer until the issue is resolved.

filmfann's avatar

Dare I ask what kind of site you were visiting when this happened?

Exitor98's avatar

Those issues can happen from any kind of site surfing; they don’t have to pr0n or hacker sites.
If you have the original driver discs and o/s discs? I know some vendors like Dell will send you restore discs at no charge. If not locate a friend to burn some discs for you with the needed drivers. Next burn a disc of D-bans boot and nuke and boot to that disc. This will blast the HD and wipe it clean. Reinstall everything and be sure to hold onto those discs because you’ll need then again someday.

Good luck.

rexacoracofalipitorius's avatar

@glacial Reasonable responses might include some combination of the following:

* Installing a different, presumably more trustworthy OS
* Using virtualization or a chroot jail or some other sandbox to run untrusted code
* Scanning the old partition for malware before mounting it or reading any data
* Just throwing away all the old data, along with the media or even the whole computer (now that’s overreacting.)

It depends on the situation. We don’t know enough about the situation to judge what’s reasonable and what isn’t.

Answer this question

Login

or

Join

to answer.

This question is in the General Section. Responses must be helpful and on-topic.

Your answer will be saved while you login or join.

Have a question? Ask Fluther!

What do you know more about?
or
Knowledge Networking @ Fluther