PDA

View Full Version : Name this scam...?



bazmeister
15-06-2013, 12:58 PM
Out of town friends have had their computer badly infected after finding this scam....

On starting up they found a message from the NZ Police advising them that as they had been watching porn, their PC had been immobilised pending
them forwarding $100 via a payment method they outlined. Their local techie wanted $150 as he stated it would take a complete re-load, but they decided that due to the age and condition of their gear that they would buy a new one. NZ Police seem to know all about it when contacted, as did the salesman who sold them their new kit. The general consensus seem to be that the "jam up" is extensive and managing
to get thru most AV programs...they had Nortons.

I would like to research this a bit more. Does this issue have a virus type name I could Google...?

Speedy Gonzales
15-06-2013, 01:09 PM
Moneypak / Ukash. There is also an Aussie one and an FBI one. And a Metro Police one. They're called ransomware. This may remove it (https://support.norton.com/sp/en/us/home/current/solutions/v71075396_EndUserProfile_en_us)

One of the bootable AV isos may also remove it (Kaspersky / AVG). Once you get the ISO / burn it, then boot from it

bazmeister
15-06-2013, 02:03 PM
Thanks Speedy, I've forwarded this to them and hopefully they might get a result from it.
Much obliged.

Speedy Gonzales
15-06-2013, 04:01 PM
No probs :)

Speedy Gonzales
15-06-2013, 07:48 PM
Have a read of this as well (http://www.bleepingcomputer.com/virus-removal/remove-your-computer-has-been-locked-ransomware)

Chilling_Silence
15-06-2013, 10:09 PM
Has a friend caught out by that, it was fantastic :D

Total hoax but rather convincing...

bazmeister
16-06-2013, 11:34 AM
Thanks for the info...

The people who received this were initially concerned, but fortunately not fooled, by this one.

The senders have obviously upgraded from the FBI version, to a NZ Police one, complete with correct looking logos and headings.

They have now installed (and are trying to get up to speed) on a new PC with Win8. Somehow I doubt that
they will get around to trying to fix this which is a pity....I'd love to have a crack at fixing it myself but the PC is in the other
Island.

It appears that this scam is currently being run so if nothing else, this may help someone else....

Speedy Gonzales
16-06-2013, 03:41 PM
They can either reinstall windows. Or use something like this (http://www.avg.com/au-en/avg-rescue-cd)or this (http://support.kaspersky.com/4162)

You need a blank cd obviously and a cd/dvd burner. Then boot from it. If it can boot into safe mode / networking OK, then you could log into it remotely with teamviewer. Then scan the system

piva
16-06-2013, 06:21 PM
If the pc has more than one logon user you should be able to get it running through that. Most but not all of the bad stuff is i n the user/appdata/temp directory. YHou wil lfind the police logos along with lots of other ones like avg and other anti-virus progs. You will need several anti lalware progs which can be dowloaded free to get all the bits and pieces. Search for the ucash on google mal-ware forums there are some good talkthru's - just dont delete any windows essential prog unless you are certain!
Piva

dugimodo
17-06-2013, 10:37 AM
Is $150 for a reinstall reasonable? I have no Idea but it takes me less than an hour of my time to install windows, not counting the time I leave it unattended doing it's thing well I do other stuff. If they've replaced it anyway it's not that difficult to boot off the windows CD and do a fresh install themselves, and it is the most effective method. I like to go all the way and reformat the C: drive while I'm at it.

I've fought with these type of infections before, more specificlly the fake antivirus software that takes over the PC and locks out everything except internet explorer. I managed to clean it out but honestly it took longer than starting over would have. If I set a PC up for someone now and have the option I set up the backup schedule to create a weekly image of the C: drive, saves so much time when the non PC savvy screw up their machines.

wainuitech
17-06-2013, 10:48 AM
Is $150 for a reinstall reasonable? Generally yes its Ok, I Know of several places that charge a lot more than that.

A lot has to do with whats done, a simple reinstall doesn't take long, but add in downloading drivers, saving the persons data ( most still dont have backups) then putting all the programs and data back, all can easily take a day or longer. Add in internet usage - take the HP PC I have here now, the drivers alone are over 1GB, then theres all the updates - Its all adds up.

gary67
17-06-2013, 11:04 AM
Generally yes its Ok, I Know of several places that charge a lot more than that.

A lot has to do with whats done, a simple reinstall doesn't take long, but add in downloading drivers, saving the persons data ( most still dont have backups) then putting all the programs and data back, all can easily take a day or longer. Add in internet usage - take the HP PC I have here now, the drivers alone are over 1GB, then theres all the updates - Its all adds up.

I have been pushing my IT manager about this as I know my design computer is not backed up anywhere at work, freaks me out that I could loose everything and I can't take in a USB drive its not allowed

Chilling_Silence
17-06-2013, 12:01 PM
Screw it, do it anyways! I would :p

1101
17-06-2013, 12:08 PM
Is $150 for a reinstall reasonable? I have no Idea but it takes me less than an hour of my time to install windows,

$150 is more than reasonable.
1) backup all the data . ALL THE DATA MUST BE AV SCANNED . Some have 100G+ of data(music,photos & movies) to backup & restore. THAT TAKES SOME TIME
2) reload Win
3) FIND download & install all the drivers
4) Install Office , acrobat reader, AV etc etc etc
5) setup email, import old emails & test. Import old docs etc . Sort out issues because cust cant remember email password.
6) Install Win Updates, Office & WIn SP's
7) Install Win Updates.Reboot. Keep repeating till no new updates found
8) Redeliver onsite & setup printer, camera, itunes etc etc

Yep, all that in less than an hour? . I call BS :banana

dugimodo
17-06-2013, 12:29 PM
$150 is more than reasonable.
1) backup all the data . ALL THE DATA MUST BE AV SCANNED . Some have 100G+ of data(music,photos & movies) to backup & restore. THAT TAKES SOME TIME
2) reload Win
3) FIND download & install all the drivers
4) Install Office , acrobat reader, AV etc etc etc
5) setup email, import old emails & test. Import old docs etc
6) Install Win Updates, Office & WIn SP's
7) Install Win Updates.Reboot. Keep repeating till no new updates found
8) Redeliver onsite & setup printer, camera, itunes etc etc

Yep, all that in less than an hour? . I call BS :banana

Well I was talking about my time for a reinstall of my own personal machines and actual active time not how long the overall process takes.
If you charge people for the time spent waiting for things to finish it's a lot more than an hour obviously. I don't do this professionally and I genuinely was asking if it was a far price, not trying to say it wasn't.

1. not an issue I don't store data on my C: drives
2. 10 mins of actual time, up to about an hour if you include waiting for things to happen but I don't sit there and watch it so 10 mins
3. Motherboard disk is on the shelf, graphics card drivers are easily found 5-15 mins
4. I don't use most of those and I don't bother, programs are installed later as I find I need them with the exception of AV which is one of my first items - prob 10 mins
5. About 5-10 mins tops, I have 3 E-mail accounts and I just recently installed live mail and set it up in less than 10 mins
6. They install themsleves, no need for intervention from me - very little time required just waiting
7. same as 6, I will manually start the process if I want the machine finished the same day - but again I don't sit there and watch it.
8. fair enough, wasn't talking about that.

In any case it seems like that's considered a good price so fair enough. I'd still reccomend they just try it themselves, might save them money and won't cost any more if they fail anyway - as long as there is no important data to be recovered off the drives of course that's another story.