Serious Help needed

roddyp · Mar 16, 2011

One of my users this morning decided to download and install a crack. none then less, Chaos has ensued...

As he rebooted, his Machine lockup and a big red banner appeared saying something like "19 of your files have been held for evidence and your PC has been locked" Call this number to have it unlocked. 02something(he cant remeber). He then had to punch in a number 5*102# to get an unlock code. He did this, received a code and the machine unlocked once he typed this in.

Unfortunately he starts work at about 4am, so all of this happened before i could check it out.

Does anyone have any idea what the hell just happened. I know its a scam of some sort, but i need to make sure my network is clean and this won't effect other operations......

Any ideas?

Mars · Mar 16, 2011

roddyp said:
One of my users this morning decided to download and install a crack. none then less, Chaos has ensued...

As he rebooted, his Machine lockup and a big red banner appeared saying something like "19 of your files have been held for evidence and your PC has been locked" Call this number to have it unlocked. 02something(he cant remeber). He then had to punch in a number 5*102# to get an unlock code. He did this, received a code and the machine unlocked once he typed this in.

Unfortunately he starts work at about 4am, so all of this happened before i could check it out.

Does anyone have any idea what the hell just happened. I know its a scam of some sort, but i need to make sure my network is clean and this won't effect other operations......

Any ideas?

Well, I would drag him outside and flog him.
Or perhaps knock him out and have "I am a moron" tatoo'd on his forehead..

Duno if any of that's legal tho.

roddyp · Mar 16, 2011

found some help from here. Just in case someone else ends up with kak i have

http://forums.majorgeeks.com/showthread.php?t=139681

p.s. Have already flogged and tatoo'd user

LazyLion · Mar 16, 2011

I would remove that drive completely out of that computer and scan it in another clean computer!

Don't take any chances.

Oculate · Mar 16, 2011

roddyp said:
found some help from here. Just in case someone else ends up with kak i have

http://forums.majorgeeks.com/showthread.php?t=139681

p.s. Have already flogged and tatoo'd user

So it was malware/spyware?

biena · Mar 16, 2011

Probably got a nice fat charge added onto the phone bill by punching in those numbers.

LazyLion · Mar 16, 2011

and unless you do a full scan on that drive, the infection will re-occur, other computers will be infected, maybe even your entire network. That PC should be quarantined.

gregmcc · Mar 16, 2011

Format and reinstall. The only way to be sure. Then slap the stupid user!

Odly · Mar 17, 2011

It depends what the crack is, check his history or find what the .exe was called, if you can get hold of it you can scan it and see what it was. There is no reason for that type of behaviour, even from a legit company trying to bust pirates etc. So it was probably a scam, something that charged hectic fee for the call. Or something capturing data for another reason.

Venomous · Mar 17, 2011

Garyvdh said:
and unless you do a full scan on that drive, the infection will re-occur, other computers will be infected, maybe even your entire network. That PC should be quarantined.

Yip that's very possible OP.

Join the MyBroadband community

Get started

Serious Help needed

roddyp

Well-Known Member

Mars

Honorary Master

roddyp

Well-Known Member

LazyLion

King of de Jungle

Oculate

Honorary Master

biena

Executive Member

LazyLion

King of de Jungle

gregmcc

Honorary Master

Odly

Senior Member

Venomous

Honorary Master