i was victim of scammers they have locked my laptop

April 12, 2017 at 12:55:51
Specs: Windows 10
hi my acer travel/mate laptop has been locked wanting password to start after themicrosoft scam iv tried to reload from different date evan tried to go bk to earlyier windows at mo I'm on windows 10 but its saying theres no earlier windows on system any help please would be wonderfull

See More: i was victim of scammers they have locked my laptop

Report •

#1
April 12, 2017 at 16:05:53
Please be more specific about the problem. Did you fall for the telephone scam? What exactly is on the screen? Is it THIS?

If that's the problem, go to the site below & scroll down to "How to disable Syskey startup password" & follow the instructions:

http://www.computernetworkingnotes....

message edited by riider


Report •

#2
April 12, 2017 at 23:12:37
Try running this, I've given you 2 methods.

Dr.Web CureIt, you can download a file with a random name to bypass malicious software that blocks security software from starting.
http://free.drweb.com/cureit/
Note: The file will be randomly named (example > 5mkuvc4z.exe).

Reboot your computer in "Safe Mode" using the F8 method. To do this, restart your computer and after hearing your computer beep once during startup (but before the Windows icon appears) press the F8 key repeatedly. A menu will appear with several options. Use the arrow keys to navigate and select the option to run Windows in "Safe Mode".
Scan with Dr.Web CureIt as follows:
Double-click on the randomly named file to open the program and click Start. (There is no need to update if you just downloaded the most current version
Read the anti-virus check by DrWeb scanner prompt and click Ok where asked to Start scan now? Allow the setup.exe to load if asked by any of your security programs.
The Express scan will automatically begin.
(This is a short scan of files currently running in memory, boot sectors, and targeted folders).
If prompted to dowload the Full version Free Trial, ignore and click the X to close the window.
If an infected object is found, you will be prompted to move anything that cannot be cured. Click Yes to All. (This will move any detected files to the C:\Documents and Settings\userprofile\DoctorWeb\Quarantine folder if they can't be cured)
After the Express Scan is finished, put a check next to Complete scan to scan all local disks and removable media.
In the top menu, click Settings > Change settings, and uncheck "Heuristic analysis" under the "Scanning" tab, then click Apply, Ok.
Back at the main window, click the green arrow "Start Scanning" button on the right under the Dr.Web logo.
Please be patient as this scan could take a long time to complete.
When the scan has finished, a message will be displayed at the bottom indicating if any viruses were found.
Click Select All, then choose Cure > Move incurable.
In the top menu, click file and choose save report list.
Save the DrWeb.csv report to your desktop.
Exit Dr.Web Cureit when done.
Important! Reboot your computer because it could be possible that files in use will be moved/deleted during reboot.
After reboot, post the contents of the log from Dr.Web in your next reply. (You can use Notepad to open the DrWeb.cvs report)

Another way.

When first launched, Dr.Web CureIt loads in Enhanced Protection Mode (EPM).
For this mode, at the warning: To continue working in the EPM...(recommended), press > OK.

EPM allows the program to operate even if malicious programs block access to Windows.
All four corners of the Desktop show > Dr.Web CureIt - Enhanced Protection Mode.
Functions of the Operating System are not accessible until the scan completes.

At the License and Updates window, check the box to Agree.

Only when an update is needed, the License and Updates window displays a notification.
To update Dr.Web CureIt!!, click > Update the program
At he Dr.Web CureIt! official website you can download the latest virus definitions and/or version of the program.
If needed, click > Select objects for scanning. Here you can specify which drives or files and directories to scan.

Next, click > Continue

At the Scan Mode window, press > Start Scanning

An Express Scan window appears where Dr.Web CureIt! displays general information on its progress and lists detected threats.
This scan may take a while depending on the number of drives or directories, so please be patient.

When the scan is done, a Scanning Completed window appears.
If viruses or other threats are identified, press > Neutralize.
(Note: If you need to apply a different action to a threat, click the Action for it, and select whether to Cure, Move or Delete.)
When Neutralize is selected, a window appears with the neutralizing progress.

A Curing Completed window shows when the threats are neutralized successfully.
Close the window to return to the Desktop.
Also, restart the computer so files in use can be moved or deleted.
When back in Windows, search for the CureIt log:

Press Start, and in the Search programs and files area, type in (or copy/paste) the following: %USERPROFILE%\Doctor Web
When the Doctor Web folder appears in the search area, open the folder, and then open the CureIt log.

Please post the CureIt.log in your reply.

message edited by Johnw


Report •

#3
April 13, 2017 at 14:05:56
It it is the screen riider asked about then you were sys keyed. I am not really sure how to get around a sys key. I get these call's all the time. I never fall for them. I actually play along with them I pretend like I am scared then when I get to the part where they asked for my credit card info I tell them I know there are a scammer. Oh and they get so mad. I used a old laptop once and let them in. The idiot used a sys key. He was so mad when I told him. I had a backup of my OS on an external drive with Acronis True Image a backup program. I feel like the more of there time I waste the less people they scam. There are people on youtube called scam baiters. My favorite one https://www.youtube.com/user/Lewiss...
I think there is a way to get around the syskey. Usually they do not syskey unless you make them mad. And I think there are more destructive ways than syskey like rd c:/s /q

message edited by ChristopherTGarrett


Report •
Related Solutions


Ask Question