Today the online world is attacked by a serious ransomware virus infection. It locks the desktop of the infected machine with its scary warning “Your computer has been locked”. In the majority of the cases the warning is presented in a manner as if it is originated by the police. This infection is of an international character. This means that the scary alert “Your computer has been locked” looks differently depending on the target country. We have noticed many variants of this scareware to be actively spreading today in Europe, the US, Canada, Australia and many other countries all over the world. So, how can one unlock the computer that has been infected with ransomware virus?
The first key to successful removal of ransomware titled as “Your computer has been locked” is to understand the fake nature of the warning that is produced as some real one allegedly coming from the police or other local law enforcement organizations. You should realize once and for all that what you see is a virus program that was developed by hackers specifically for the purpose of stealing funds from users. Hackers want people to pay money as a ransom to unlock the computer. They push users into indicating the special voucher or PIN codes of Ukash, Paysafecard or GreenDot MoneyPak payment systems in the respective field of the ransomware’s message. Sometimes then also instruct users to indicate such information in a special email address (which is real but used by hackers for the goal of becoming richer by means of scaring and deceiving users).
There are many variants of these ransomware virus infections, as we’ve said already. Today they have the international behavior and change their interface and the language depending on the country that is under attack. Here are the same scary fake police warnings users may see in various countries.
- Your computer has been locked! – targeting the United Kingdom of Great Britain and Northern Ireland, the United States of America, Canada, Australia and Ireland
- Ihr Computer wurde gesperrt! – targering Germany, Austria, the Netherlands and Switzerland
- Váš počitač byl uzamčen! – targeting Czech Republic
- Su ordenador se ha bloqueado! – targeting Spain and some other Spanish-speaking countries
- Tietokoneen on lukittu! – targeting Finland
- Votre ordinateur a été bloqué – targeting France, Luxembourg and some other French-speaking countries
- Υπολογιστής σας έχει κλειδωθεί! – targeting Greece
- Il tuo computer è stato bloccato! – targeting Italy
- Datamaskinner har blitt låst! – targeting Norway
- Komputer został zablokowany! – targeting Poland
- Datorn har låst! – targeting Sweden
The issue of ransomware virus removal is complicated due to the fact that the entire system is locked by the malware. Restarting the system doesn’t help, no matter how many times you do this. The same locked status persists and remains. In some cases rebooting the computer into safe mode with networking is the good solution. In other cases it is recommended that you restart into safe mode with command prompt to avoid and bypass the locked status. We recommend you to follow our generalized ransomware removal guide that should assist you in restoring your system. Please find it below.
Ransomware unlocking procedure
Note! This tutorial is effective for all Ukash and Paysafecard viruses.
1. Restart your computer and press F8 while it is restarting.
2. Choose safe mode with networking.
3. Launch MSConfig.
Press Start –> Run
or press [Win]+R on keyboard
4. Disable startup items rundll32 turning on any application from Application Data.
5. Restart your system once again.
6. Scan with http://trojan-killer.net/download.php?trojankiller to identify file and delete it.
Some versions of these viruses disable all safe modes, but give a short gap that you can use to run anti-malware programs. Then do following:
1. Reboot normally.
2. Start –> Run.
3. Enter: http://trojan-killer.net/download.php?trojankiller If malware is loaded, just press alt+tab once and keep entering the string blindly then press Enter.
4. Press Alt+tab and then R (letter) couple of times. The process of ransomware virus should be killed.