bopperthijs opened this issue on Feb 12, 2015 ยท 62 posts
mrsparky posted Wed, 18 February 2015 at 2:18 PM
Bopper - don't feel bad - these people spend their days scamming people and are darn good at it.
I know of a professor and nurse who've been caught by these crooks.
It's also possible that not everything is lost, as Jura rightly points out a lot of ransomware can be unlocked.
Plus as I discovered a few months back "locking you out" isn't always what it appears to be. These scammers hit a not very IT literate friend, one with a foul temper if you rush her. 1/2 way through the call the scammer told her to hurry up, so she hung up.
This meant the machine wasn't quite locked and gave me chance to explore what they'd done. Which is basically turning off/tinkering with an assortment of windows services, such as disabling system restore and running AV software, restricting admin rights etc.
Since then I've encountered other machines and it's often the same pattern. While it's pretty serious damage, it's academic as the users data is intact, not infected with anything and really that's all you need. So if you can get into the machine, back up the data, and reinstall windows.