Computer Virus is Still in Operation
How to protect yourself and remove this virus from your computer.
Don’t be alarmed – “Your Computer is Locked!” is just the title of this blog post.
This computer virus was first reported by the FBI in August of 2012, but is still in operation today (it has been reported as being used this month – January 2014).
It can also install itself simply by you going to a website from a search engine listing.
A window will pop up on your computer with a heading at the top that looks similar to those below:
Next to the words “Your Computer is Locked” there may be a flag of the country you live in, an FBI logo, a United States Department of Justice logo, or even a Police Department logo.
Then there will be a message underneath that may say “your computer’s IP address was used for pornographic activities”.
It will then say your computer has been blocked to prevent further violation, and to unblock your computer you have to pay a “Ransom” of $100 or more, possibly as high as $300.
Sometimes the virus can turn on your web camera, snap a picture of you, and put it next to the warning message.
You are instructed to use MoneyPak or some other money card to pay the ransom, and links are even provided.
They ask you to use money cards because they aren’t traceable.
The virus completely blocks the use of your computer, and there is no way to remove it. Resetting your computer doesn’t help.
The FBI calls this the “Reveton virus“.
“Free” methods being published online that may have very limited use in removing this virus:
Safe Mode – Since this virus blocks any use of your computer, you can’t run a virus scan to remove it. Going into Safe Mode may allow you to run your anti-virus program, but I have tried this with viruses and it often doesn’t work.
To get into Safe Mode you have to Shutdown and Restart your computer. As your computer boots up, continually tap the F8 key and you should see a black screen with a Menu allowing you to choose Safe Mode. On this screen use the down arrow to get to Safe Mode and then hit Enter. You can try accessing your anti-virus program in Safe mode, but it doesn’t always work.
System Restore – This Windows utility allows you to restore your computer to a previous state (before the virus came on).
Click Start, point to All Programs, point to Accessories, point to System Tools, and then click System Restore.
You should see a Welcome page where you can select the option “Restore my computer to an earlier time“.
You should pick a date at least a day or two before you think the virus came on, for a “Restore Point”.
After you pick the date and click “Next”, System Restore brings your computer back to the configuration on that date, and then restarts your computer.
After using System Restore, you may find your computer is back to normal. If so, try running a virus scan.
Even if your computer appears to be back to normal, the virus may still be on your computer. A week or two later you may find the virus popping on again. This is because the virus file was never removed.
There are some programs you may find in online searches that claim to remove this virus. I can’t recommend any of them. Also, some YouTube videos try to show you how to use a Command Prompt, go into your computer files, and delete the virus file.
The problem with this is you need to be very sure of the date the virus came on, and also very sure of what the virus file looks like. You may have to guess – if you delete the wrong file you could really mess up your computer.
If you’re a victim of this virus, report it to the Internet Crime Complaint Center.
My recommended methods for dealing with the “Your Computer is Blocked” virus:
SECOND – Buy a FixMeStick now, before you need to remove this virus. If this virus is on your computer, even Kaspersky may not help, because access to your anti-virus program will be blocked.
FixMeStick is an external USB device that runs while your Windows operating system is not running, so malware can’t interfere with it
With no programs on your computer running, the virus can’t power up or hide.
It works great on Ransomware such as the “Your Computer is Blocked” virus, because this malware has to have your machine’s operating system running, which is not required with FixMeStick – so it finds and removes the malware.
It removes viruses, malware, ransomware, spyware, trojans, rootkits and more that cannot be removed by software security programs.
It uses software from 3 of the world’s leading antivirus companies (Kaspersky Lab, Sophos, and GFI).
Updates are automatically downloaded and stored on FixMeStick.
It works an unlimited number of times on up to 3 PCs.
It won’t harm your PC.
How well does FixMeStick work?
There is a Systems Analyst who works for the Department of Defense and knows how to write code that can bypass anti-virus programs.
He used FixmMeStick on some of this “virus code”, and FixMeStick was able to catch it.