Your computer has been locked Ransomware

What is Your computer has been locked Ransomware?

You are probably reading this article because your computer screen has been locked and you are asked to pay a ransom ranging between $100 and $300 in order to unlock the system. This is due to an infection known as Your Computer has Been Locked Virus, a part of the infamous Reveton family, also known as W32/Reveton. Furthermore, it is a type of malware that we call Ransomware, hence the name.test

This particular infection has been first sighted in the early 2012, at the time mostly in the European countries. At the peak of Your Computer has Been Locked Virus popularity it was estimated that $50 000 were made in a single day, thus making a grand total of more than $1 million a year. These figures highlight the idea that an average user is easily manipulated because of the deficiency of basic computer and virtual security knowledge. We are here to help and increase your awareness upon these subjects. Your Computer has Been Locked Virus will  lock your computer. Remove the infection and try to avoid anything of its kind in the future. 100% FREE spyware scan and
tested removal of Your computer has been locked Ransomware *

Where dose Your Computer has Been Locked come from?

Bogus email attachments are one of several ways that Reveton ransomware spreads around the internet. Beware of various spam email attachments in order to prevent from having your system infected. Download or open attachments from a sender that you can identify only and always avoid any email attachment from an unknown source. This initially will save you time as removal of Your Computer has Been Locked Virus can be an annoying and time consuming process.

Another common way that you could get Your Computer has Been Locked is a hoax update of some kind of software. Abode Flash and Java updates are common pieces of software that cybercriminals are fond of exploiting. This is due to the fact that a lot of users run Adobe Flash or Java, thus manipulating users is not that hard of a task. A dubious pop-up will appear with a massage telling the user that the Flash player or Java is out of date, hence the update is needed.

Hoax websites is the leading provider of fake updates. Lately a lot of these websites were spotted around the internet mimicking actual vendors of software that might exploit user’s inability to distinguish the fake website form an official one. Always make sure that you are on a legitimate website if you are about to download anything onto your system. It is best to check with the official vendor’s website if any recent updates were issued.

What does Your Computer has Been Locked Virus do?

Once this virus infects your system, the first major symptom will be the locked computer screen, and inability to use your system. Cybercriminals will be using this kind of scare technique in order to receive money from you. You will be presented with a warning that mimics a local law enforcement agency. The infection will base a scare alert considering the geo IP of the user. For instance, a user infected in the USA will be presented with a message that mimics FBI or the Department of Justice; a UK user will be presented with a message that mimics Metropolitan Police Department or New Scotland Yard and so forth. A message on your computer screen will hold a text similar to this:

Your PC is blocked due to at least one of the reasons specified below.
You have been violation Copyright and Related Rights Law (Video, Music, Software) and illegally using or distributing copyrighted content, thus infringing Article I, Section 8, Clause 8, also known as the Copyright of the Criminal Code of United States of America. <…> Fines may be paid within 72 hours after the infringement. As soon as 72 hours elapse, the possibility to pay the fine expires, and a criminal case is initiated against you automatically within the next 72 hours!
To unblock the computer, you must pay the fine through MoneyPak of 100$.

All of these Reveton based infections will be asking a payment via MoneyPak, Ukash, Bitcoin or any other similar payment system. This is due to the fact that these payment systems provide a total anonymity of the sender/receiver. No law enforcement organization would use this kind of payment method; furthermore, no law enforcement organization would actually lock your system in a stealthy way like this. Instead of paying the requested ransom, you should remove Your Computer has Been Locked Virus

As discussed earlier, Reveton ransomware could also be a security backdoor for any other infection that could be used to steal your personal data, e.g., social security number, bank account details, email address, etc. Thus, in order to keep your computer safe, it is strongly recommended to remove Your Computer has Been Locked Virus as soon as possible.

How to remove Your Computer has Been Locked Virus?

Unfortunately, there is no simple way to remove Your Computer has Been Locked virus, especially if you do not have any prior knowledge of how to deal with these kinds of infections. Thus, using a professional and powerful antimalware tool in order to remove this infection is recommended, as it will definitely remove all the traces of the infection. Furthermore, it will take less time than performing manual removal. Take caution as this manual guide involves Windows registry editing, so advanced knowledge of Windows registry is needed, as any error while editing registry keys or values could end up in total system failure. Perform this manual removal at your own risk.

100% FREE spyware scan and
tested removal of Your computer has been locked Ransomware *
  1. Reboot the system into Safe Mode Reboot your locked system, while the reboot is taking place hit the F8 key continually. You will be presented with the Advanced Boot Options window. Using arrow keys on the keyboard select Safe Mode with Networking or Safe Mode with Command Prompt.Screens:
    1_FbiSafeMode
  2. Delete Your Computer has Been Locked Virus from the Windows registry.
    While in safe mode click on Windows Start button and in the search line type regedit in order to open the Registry Editor. Using the editor and the guide provided at the bottom of the article you will be able to delete the Reveton infection.Screens:

Remove these Your computer has been locked Ransomware Files:

c:\Documents and Settings\User\AppData\Local\KB9848462\
c:\Documents and Settings\User\AppData\Local\Application Data\KB9848462\

Remove these Your computer has been locked Ransomware Registry Entries:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\KB9848462
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\KB9848462
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run\KB9848462
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run\KB9848462
Disclaimer
Disclaimer

Leave a Comment

Enter the numbers in the box to the right *