Why was my computer locked by cyber cops when I did not do anything illegal? To unlock, I'm asked for a fine of $100. How do I know that it's not a scam?
In this excerpt from Answercast #94 I look at a case where ransomware is calling itself a "Cyber Cop" and asking for money to unlock.
Computer locked by cyber cops
Well, it is a scam. There are no cyber cops and there are no people watching what you're doing and suddenly locking up your computer because they think you did something illegal.
It's a malware scam
Those people don't exist. Those are scammers; those are hackers. The entire thing has to do with getting money out of your pocket and into theirs.
What you have is a malware infection. It's nothing more, nothing less than a virus of some sort. That is then taking over your computer and presenting this misleading mail.
Removing ransomware
Unfortunately, removing it can be somewhat difficult.
My suggestion is that you run a program such as
Windows Defender Offline to scan your computer for malware before it actually boots. In other words, what you do is end up booting from the DVD or the CD that's created by the Windows Defender offline installation process.
When you boot from that, you're no longer running any software from your actual PC. You're running the software that's on that CD. That, then, may give you the opportunity to go in and clean any malware that's on that machine.
Removing Cyber cops
I have heard, in at least one report, that Windows Defender Offline was able to correct this particular case of what we've come to refer to as "ransomware."
So, that's my recommendation. Treat this as a very aggressive malware infection. Use offline recovery tools to see if you can't get it cleaned up.
(Transcript lightly edited for readability.)
Next from Answercast 94- My machine's suddenly started acting erratically, even after a reinstall. How do I fix it?
I nominate this for the funniest article on the site. Cyber cops demanding a fine? I am actually laughing out loud.
They’re actually cyberthieves. :-)
Few months ago I had the ransomware virus, all of a sudden a page comes up saying the FBI has locked your computer, and you have to pay a fine to unlock it (note: in my research on this, I learned they don’t fix it if you pay, just steal your credit/debit informaion) Good I had another computer I could look things up on. I used many different virus scans, but first of all, couldn’t get into the infected computer because the locked page would come up each time I started. In my looking this up, I noticed somewhere it said “disconnect from the internet” (I think this might be good to do anyway, if we suspect we have a virus). This was a key step, it couldn’t send the command to the websit that was putting up the page and locking it. It didn’t get rid of it, but I could then use the computer to run scans. Not sure just what worked, I ran a lot of them, but it was finally gone. Also, various places said the manual way of getting rid of it, what files to look for, etc. I’m not an expert, but not a beginner either, and it took me 2 days to get it out. I’m thinking if it’s not a hassle, reinstalling Windows might be a solution. But, wanted to pass on the info about disconnecting from the internet first.
I repaired 3 of my friends PC,s. restart in fail safe mode,(have a USB key with malwarebytes on it or another ) it will detect the scareware ,and remove it.then you restart normally and you,ll be running fine.it worked 3 times for me so good luck….
I CAN’T OPEN MY EMAIL A MESSAGE COME UP THAT STYATES THE NO PROGRAN ASSOCIATED WITH IT CREATE AM ASSOCIATION IN THE CONTROLL PANEL HOW DO I DO THIS I WOULD NOT EVEN KNOW WHERE TO START
My machine was afflicted with the same or a similar scam. But in my case, removing the installed malware was relatively easy. Just boot into safe mode (by pressing F8 when the Windows Logo appears during booting up). Then use System Restore which is found under Start/All Programs/Accessories/System Tools/System Restore. If you try this, be aware that this could take a very long time to run, but just let the process chug along and with a little luck your problem will be solved.
If the system does seem to be restored and in working order, a virus scan would also be appropriate. Still, system backups are very important, but this solution may save some folks a lot of time and trouble. Cheers!
Just yesterday I tried to remove “Cybercops” for a neighbor by using Wndows Defender Offline (bran new – fully updated) and it couldn’t find it or fix it.
I finally removed it by doing a system restore and scanning with Malwarebytes.
@John
The problem you are talking about sounds like it might be what’s discussed in this article.
This file does not have a program associated with it – what does this mean and what do I do?
I had this problem and could not use the menu to shut down my laptop, in the end i did control alt delete to shut down then rebooted in safe mode and did a system restore and then a virus scan with security essentials and avast. No more problems after that.