Interesting computer virus!

delc · May 27, 2014

I started up my computer on line this morning, only to get a message apparently from Interpol, the Met Police and various other bodies, informing me that I had been viewing kiddy porn, spamming and various other computer offences. My computer had been locked and would only be unlocked if I paid a Â£100 fine. I rang up my local police station to ask about this and they confirmed it was a known scam. It was impossible to remove the message as it completely filled the screen and stopped you accessing anything else. Fortunately my virus checker eventually detected the problem and removed the virus. If you get anything like this do not pay anything!

chrisd · May 27, 2014

delc said:
I started up my computer on line this morning, only to get a message apparently from Interpol, the Met Police and various other bodies, informing me that I had been viewing kiddy porn, spamming and various other computer offences. My computer had been locked and would only be unlocked if I paid a Â£100 fine. I rang up my local police station to ask about this and they confirmed it was a known scam. It was impossible to remove the message as it completely filled the screen and stopped you accessing anything else. Fortunately my virus checker eventually detected the problem and removed the virus. If you get anything like this do not pay anything!

It's quite a common one I believe. The one that you really need to be careful of, I understand, is the one that says your files have been encrypted as, from what I read, it's impossible to un encrypt them yourself. Good anti virus software and backup routines is the answer

delc · May 27, 2014

chrisd said:
It's quite a common one I believe. The one that you really need to be careful of, I understand, is the one that says your files have been encrypted as, from what I read, it's impossible to un encrypt them yourself. Good anti virus software and backup routines is the answer

So is the encryption one intended to be a form of blackmail? :mmm:

Foxholer · May 27, 2014

delc said:
So is the encryption one intended to be a form of blackmail? :mmm:

It would seem so!

Btw. Does the fact that it was not an obvious scam, and that you had to contact the local fuzz, not suggest that you were in fact feeling guilty about 'viewing kiddy porn, spamming and various other computer crime'?

:rofl:

What's you AV software too, because that should have detected that and quarantined it before it was able to screw up you machine!

delc · May 27, 2014

Foxholer said:
It would seem so!

Btw. Does the fact that it was not an obvious scam, and that you had to contact the local fuzz, not suggest that you were in fact feeling guilty about 'viewing kiddy porn, spamming and various other computer crime'? :rofl:

What's you AV software too, because that should have detected that and quarantined it before it was able to screw up you machine!

I was actually worried that it was a laptop that I hadn't used for some time and it had picked up a virus when I turned it on, but before the anti-virus software had been updated. Also I was using it from an unsecured wi-fi site, so it could have been spammed in some way. If I had of been guilty of any of these offences I would have hardly been inclined to tell the Police about it! It did look fairly convincing btw.

Foxholer · May 27, 2014

delc said:
I was actually worried that it was a laptop that I hadn't used for some time and it had picked up a virus when I turned it on, but before the anti-virus software had been updated. Also I was using it from an unsecured wi-fi site, so it could have been spammed in some way. If I had of been guilty of any of these offences I would have hardly been inclined to tell the Police about it! It did look fairly convincing btw.

Yep. Only joshing (this time!) :rofl: Though there have been plenty of Pedos detected from examination of Hard Drives during servicing!

The AV software should still have prevented it though - even in the unusual circumstances that you describe.

chrisd · May 27, 2014

delc said:
So is the encryption one intended to be a form of blackmail? :mmm:

Very much so

You have to pay to get it unencrypted, but what I've read about it in computer magazines, says that they usually play ball because if they took the money and didn't restore the files then word would get round very quickly that payment doesn't ensure you get it fixed and less people would pay. Remember though, you pay by card so they have your card details!!

delc · May 27, 2014

Apparently there was a gent in Victorian times who made a living by sending letters to wealthy ladies saying "I know your guilty secret and will reveal all if you don't send money to this post box number". Most of them paid up! Don't know if the kiddy porn or spamming scam is supposed to work in this way!

Foxholer · May 27, 2014

delc said:
Apparently there was a gent in Victorian times who made a living by sending letters to wealthy ladies saying "I know your guilty secret and will reveal all if you don't send money to this post box number". Most of them paid up! Don't know if the kiddy porn or spamming one is supposed to work in this way!

Partly perhaps. But you've missed the greater threat - that Chrisd mentioned. You pay by card, so they capture your card details - including the security code!

CMAC · May 28, 2014

unbelievable that any sane person would pay when their data is allegedly held to ransom or a 'pay up' image appears on your screen.

You would have to be young Mr Gullible from the gullible family down easytopersuade lane to fall for any of that guff.

@ChrisD can you share a link to this credible info as that sounds like total nonsense as well

Duckster · May 28, 2014

delc said:
I started up my computer on line this morning, only to get a message apparently from Interpol, the Met Police and various other bodies, informing me that I had been viewing kiddy porn, spamming and various other computer offences. My computer had been locked and would only be unlocked if I paid a Â£100 fine. I rang up my local police station to ask about this and they confirmed it was a known scam. It was impossible to remove the message as it completely filled the screen and stopped you accessing anything else. Fortunately my virus checker eventually detected the problem and removed the virus. If you get anything like this do not pay anything!

You can normally get rid of them by simply starting in safe mode and removing the exe that's in the start up section. Takes a bit of fiddling, but not hard if you have access to another PC to google it.

PhilTheFragger · May 28, 2014

I've seen this dozens of times, it's pretty easy to sort out, start in safe mode (F8) and do a system restore to before it went wrong.
Run malwarebytes and check your anti virus - avast is pretty good and free.

Seems to be linked with video codec downloads, gambling or other assorted dodgy websites although I have seen it on pcs where the customer is very low risk user,

It probably comes in on the back of something you authorise to download, therefore bypassing your security.

With the encrypted version I remove the hard drive and put it into an isolated spare machine, I can then use my windows to access the drive and delete the files, put the drive back in it's own machine and clean up as above.

All in a days work

chrisd · May 28, 2014

CMAC said:
@ChrisD can you share a link to this credible info as that sounds like total nonsense as well

Tomorrow from work I can refer you to the computer magazine and edition where they clearly say that when a computer is affected by the encryption virus there are very few ways of un encrypting and urge readers to keep back ups of valuable data. The Police scam is a doddle to remove and have done it for people in the past

Beezerk · May 28, 2014

Duckster said:
You can normally get rid of them by simply starting in safe mode and removing the exe that's in the start up section. Takes a bit of fiddling, but not hard if you have access to another PC to google it.

This although I'd suggest starting in Safe Mode with network disabled (no internet access for the virus to regenerate itself) then do multiple "full/deep" scans with your antivirus software. Do this 2 or 3 times, new reboot into Safe Mode every time.
Takes a while but with limited knowledge it's a sure fire way of getting rid of gremlins.

brendy · May 28, 2014

Ransomeware really is on the increase, I have had to sort 3 or 4 machines this year even though they were well protected. Easy to sort though. I know an ex policeman who actually paid the cash requested...needless to say it fixed nothing.

chrisd · May 29, 2014

CMAC said:
@ChrisD can you share a link to this credible info as that sounds like total nonsense as well

For the record it was in an article on "stop hackers locking your pc" in the Computer Active magazine issue 418, 15-18th March 2014

Birchy · May 29, 2014

This happened to the laptop at home and I had the missus phone me at work a bit worried. She got the terrorist one with the webcam showing her etc :rofl:

I just laughed and explained that if she was a terrorist I doubt Interpol would be asking for money. They would be more inclined to smash the front door down and stop your terrorist plot from happening.

She wasn't best impressed!

Interesting computer virus!

delc

Blackballed

chrisd

Major Champion

delc

Blackballed

Foxholer

Blackballed

delc

Blackballed

Foxholer

Blackballed

chrisd

Major Champion

delc

Blackballed

Foxholer

Blackballed

CMAC

Blackballed

Duckster

Tour Rookie

PhilTheFragger

Provider of Entertainment for the Golfing Gods 🙄

chrisd

Major Champion

Beezerk

Money List Winner

brendy

Global Moderator

chrisd

Major Champion

Birchy

Money List Winner