A very intriguing ransomware virus been detected by malware researchers. The malware is carrying the name SurveyLocker and has been detected recently in the wild. This interesting idea of locking the screen of the victim PC and asking for the victim to complete a survey is an emerging pattern and is seen in several other viruses as well. Researchers feel convinced that SurveyLocker aims to display the opportunity for victims to fill out a survey which will most likely generate revenue for the cyber-criminals. Users who have become victim of this ransomware virus are advised to read this article thoroughly in order to understand more about SurveyLocker, remove it and hopefully restore your computer back to it’s last known good configuration.
|Short Description||The virus heavily modifies the registry entries of the victim computer allowing it to administratively lock the screen. Unlockable.|
|Symptoms||If you are infected with SurveyLocker you may see a prompt asking you to choose which survey you want to complete in order to get access back to your computer. Getting access back after completing the survey is not guaranteed.|
|Detection Tool|| See If Your System Has Been Affected by SurveyLocker |
Malware Removal Tool
|User Experience||Join our forum to Discuss SurveyLocker Ransomware.|
|Data Recovery Tool||Windows Data Recovery by Stellar Phoenix Notice! This product scans your drive sectors to recover lost files and it may not recover 100% of the encrypted files, but only few of them, depending on the situation and whether or not you have reformatted your drive.|
How SurveyLocker Infects Computers
SurveyLocker is a lockscreen type of virus, but when it comes to the infection of the unsuspecting users, similar methods to most distribution of Trojans and other malware are being used. This means that there are most likely two causes of infection related to the SurveyLocker threat:
- Attachments and files of malicious character.
- Web links posted on different websites that redirect to malicious hosts.
These type of attacks may result in the successful download of the payload of SurveyLocker which results in a successful infection:
A malware obfuscator may be used for the download of this payload. It usually assists for the obfuscation of the virus from any security software on the user’s computer.
SurveyLocker Ransomware’s Post-Infection Activity
After already having infecting the victim PC, SurveyLocker ransomware may modify some settings affecting the Windows Lock Screen and Windows Screen Saver. This may happen via tinkering with the following subkeys in the Windows Registry Editor:
→ HKEY_CURRENT_USER\Control Panel\Desktop\ScreenSaveTimeOut
After this has been done, the malware may forcibly restart the computer of the victim under some fake error message pretext or without any notification at all.
After SurveyLocker performs this, the user sees the following screen:
Users are left with nothing but to wonder how to fix their screens and to try and complete surveys, but fortunately researchers have found an unlock code quickly after the malware was released.
Unlock Your Computer and Remove Survey Locker Permanently
In order to fully erase this virus without further complicating the situation, we have presented what you should do methodologically.
The first step is to enter a password on the unlock screen. The password, which the cyber-criminal left in the source code of the virus is the following:
After having entered this password, your screen will unlock. The only action left to do is to take the safest measure and immediately backup your files while offline. After having done this, we urge you to follow the removal instructions below in order to fully remove Survey Locker ransomware from your computer. In case you are having difficulties or are unsure that you will remove all objects associated with Survey Locker, go ahead and install an anti-malware program which will delete every malicious object automatically, experts advise.
Also, on a side note, we strongly advise you to learn how to protect yourself from such malware in the future and how to store your files safely as well.