Hard Disk Drive Lock Scam

M

mouks

Expert Member
Joined
Dec 9, 2010
Messages
1,503
Reaction score
3
A client of mine fell victim to a scammer. He was contacted by "Microsoft" and was informed his serial key expired or was invalid. After he gave remote access he was advised to pay +R2000. When he refused, they locked his Hard Drive:mad:

Any know how to remove this password?

I'm busy downloading Hiren’s BootCD and want to try this fix below. The video is a bit unclear.

http://www.youtube.com/watch?v=R1hfKeEvsn4

Worst case scenario. HDD will need to be replaced.
 
Locked his drive?
Locked how?

Password locked?
Can he not go into safe mode and remove the unwanted malicious software.
 
"Locked" his hard drive?

I'm thinking he wasn't the only one to get scammed. How do you "lock" a hard drive? In the 80's and early 90's you could park a hard drive, but never lock them.
 
No such thing as locked hard drive, provide us with a proper explanation so we can help.
Try take that hardrive and put it into an external case and find and remove the software thats causing it.
 
Do you mean the BIOS is password protected?

After looking at the video, YES, it's a BIOS password. Turn off PC and unplug, pull CMOS battery for a minute or so and replace.

Unless it's a laptop in which case it can get a little more complicated.
 
TJ99 said:
Do you mean the BIOS is password protected?

After looking at the video, YES, it's a BIOS password. Turn off PC and unplug, pull CMOS battery for a minute or so and replace.

Unless it's a laptop in which case it can get a little more complicated.
Click to expand...


+1, this will reset that BIOS password.
 
mouks said:
A client of mine fell victim to a scammer. He was contacted by "Microsoft" and was informed his serial key expired or was invalid. After he gave remote access he was advised to pay +R2000. When he refused, they locked his Hard Drive:mad:

Any know how to remove this password?

I'm busy downloading Hiren’s BootCD and want to try this fix below. The video is a bit unclear.

http://www.youtube.com/watch?v=R1hfKeEvsn4

Worst case scenario. HDD will need to be replaced.
Click to expand...

Yeh they encrypt the entire drive and you need to pay them to unencrypt the data. Google it a bit and there is a guy thats got a website dedicated on how to unencrypt your files again.
 
This just sounds like Malware.

Some random guy called my father in law also claiming his Windows was expired.
He almost gave the guy info but decided to call me first.
Turns out his laptop was in sleep mode and he didn't know how to wake it up by holding the power button in.
He called went to some random fake Microsoft website to report his issue.

I just explained how to wake the laptop.
 
You can password protect certain laptop drives and there is no easy way to remove it.

Had a Toshiba laptop come in from a client a couple years back that a previous employee had password protected. I reckoned it'll be a quick BIOS password reset, turned out the HDD had a password on it.

Even removing the drive and connecting it to a different computer just resulted in an unreadable drive, couldn't format it and Toshiba couldn't remove the password. Ended up just replacing the drive with a new one and chucking the old one.

I'm sure with enough time and the right hardware/software it could've been cracked but it wasn't worth it.
 
There are quite a few password crackers that should be able to deal with this.
Remove the drive and put it in an external casing.
Install a password cracker on a separate pc and let it run as long as is needed.
 
supersunbird said:
They probably encrypted the hard drive, stop being pedantic idiots about "locked"...
Click to expand...

Not reading or watching the video FTW! The OP clearly said the PC won't boot up and the video shows a BIOS lock.

grim said:
You can password protect certain laptop drives and there is no easy way to remove it.

Had a Toshiba laptop come in from a client a couple years back that a previous employee had password protected. I reckoned it'll be a quick BIOS password reset, turned out the HDD had a password on it.

Even removing the drive and connecting it to a different computer just resulted in an unreadable drive, couldn't format it and Toshiba couldn't remove the password. Ended up just replacing the drive with a new one and chucking the old one.

I'm sure with enough time and the right hardware/software it could've been cracked but it wasn't worth it.
Click to expand...

Now that sounds more like an encrypted drive.
 
Under BIOS security there are usually 2 password option. (BIOS can't be accessed)
-User password
-HDD password

Its a HDD password. Removing cmos battery did not help.

DSC_0974.jpg
 
Last edited:
TJ99 said:
Now that sounds more like an encrypted drive.
Click to expand...

Not sure if it was encrypted, you could set the password for the drive in the BIOS separate from the normal BIOS boot password. Nothing would read any file system or partition detail from the drive when connected via either USB or SATA.
 
Remote access relies on an actual network connection.
Bios is outside of any network environment.

Or am I wrong?
 
You must log in or register to reply here.
Back
Top
Sign up to the MyBroadband newsletter
X