SurveyLocker Virus – Remove and Unlock Your PC - How to, Technology and PC Security Forum | SensorsTechForum.com
THREAT REMOVAL

SurveyLocker Virus – Remove and Unlock Your PC

OFFER

SCAN YOUR PC
with SpyHunter

Scan Your System for Malicious Files
Note! Your computer might be affected by SurveyLocker and other threats.
Threats such as SurveyLocker may be persistent on your system. They tend to re-appear if not fully deleted. A malware removal tool like SpyHunter will help you to remove malicious programs, saving you the time and the struggle of tracking down numerous malicious files.
SpyHunter’s scanner is free but the paid version is needed to remove the malware threats. Read SpyHunter’s EULA and Privacy Policy

computer-virus-stforumA very intriguing ransomware virus been detected by malware researchers. The malware is carrying the name SurveyLocker and has been detected recently in the wild. This interesting idea of locking the screen of the victim PC and asking for the victim to complete a survey is an emerging pattern and is seen in several other viruses as well. Researchers feel convinced that SurveyLocker aims to display the opportunity for victims to fill out a survey which will most likely generate revenue for the cyber-criminals. Users who have become victim of this ransomware virus are advised to read this article thoroughly in order to understand more about SurveyLocker, remove it and hopefully restore your computer back to it’s last known good configuration.

Threat Summary

Name

SurveyLocker

TypeLockscreen Ransomware
Short DescriptionThe virus heavily modifies the registry entries of the victim computer allowing it to administratively lock the screen. Unlockable.
SymptomsIf you are infected with SurveyLocker you may see a prompt asking you to choose which survey you want to complete in order to get access back to your computer. Getting access back after completing the survey is not guaranteed.
Distribution MethodVia an Exploit kit, Dll file attack, malicious JavaScript or a drive-by download of the malware itself in an obfuscated manner.
Detection Tool See If Your System Has Been Affected by SurveyLocker

Download

Malware Removal Tool

User ExperienceJoin our forum to Discuss SurveyLocker Ransomware.
Data Recovery ToolWindows Data Recovery by Stellar Phoenix Notice! This product scans your drive sectors to recover lost files and it may not recover 100% of the encrypted files, but only few of them, depending on the situation and whether or not you have reformatted your drive.

How SurveyLocker Infects Computers

SurveyLocker is a lockscreen type of virus, but when it comes to the infection of the unsuspecting users, similar methods to most distribution of Trojans and other malware are being used. This means that there are most likely two causes of infection related to the SurveyLocker threat:

  • Attachments and files of malicious character.
  • Web links posted on different websites that redirect to malicious hosts.

These two types of distribution methods may exist in different forms. One of those forms is to spread attachments via e-mail spam. This form is the most common when it comes to lockscreen ransom viruses. It is not clear whether this is the case but it is most likely done via distribution malware, such as Trojans, exploit kits and malicious scripts in macros or JavaScript attacks. The other potential scenario is to cause an infection by posting what seems to be a clean* URL but causes a redirect after some time to the malicious host after which the infection is performed.

These type of attacks may result in the successful download of the payload of SurveyLocker which results in a successful infection:

survey-locker-ransowmare-payload-malware-sensorstechforum

A malware obfuscator may be used for the download of this payload. It usually assists for the obfuscation of the virus from any security software on the user’s computer.

SurveyLocker Ransomware’s Post-Infection Activity

After already having infecting the victim PC, SurveyLocker ransomware may modify some settings affecting the Windows Lock Screen and Windows Screen Saver. This may happen via tinkering with the following subkeys in the Windows Registry Editor:

→ HKEY_CURRENT_USER\Control Panel\Desktop\ScreenSaveTimeOut
HKEY_CURRENT_USER\Control Panel\Desktop\
HKEY_LOCAL_ MACHINE\SOFTWARE\Policies\Microsoft\Windows\System

After this has been done, the malware may forcibly restart the computer of the victim under some fake error message pretext or without any notification at all.

After SurveyLocker performs this, the user sees the following screen:

survey-locker-ransomware-display-lockscreen-sensorstechforumImage Source: Karsten Hahn / @struppigel (Twitter)

Users are left with nothing but to wonder how to fix their screens and to try and complete surveys, but fortunately researchers have found an unlock code quickly after the malware was released.

Unlock Your Computer and Remove Survey Locker Permanently

In order to fully erase this virus without further complicating the situation, we have presented what you should do methodologically.

The first step is to enter a password on the unlock screen. The password, which the cyber-criminal left in the source code of the virus is the following:

hurr durr

After having entered this password, your screen will unlock. The only action left to do is to take the safest measure and immediately backup your files while offline. After having done this, we urge you to follow the removal instructions below in order to fully remove Survey Locker ransomware from your computer. In case you are having difficulties or are unsure that you will remove all objects associated with Survey Locker, go ahead and install an anti-malware program which will delete every malicious object automatically, experts advise.

Also, on a side note, we strongly advise you to learn how to protect yourself from such malware in the future and how to store your files safely as well.

Note! Your computer system may be affected by SurveyLocker and other threats.
Scan Your PC with SpyHunter
SpyHunter is a powerful malware removal tool designed to help users with in-depth system security analysis, detection and removal of threats such as SurveyLocker.
Keep in mind, that SpyHunter’s scanner is only for malware detection. If SpyHunter detects malware on your PC, you will need to purchase SpyHunter’s malware removal tool to remove the malware threats. Read our SpyHunter 5 review. Click on the corresponding links to check SpyHunter’s EULA, Privacy Policy and Threat Assessment Criteria.

To remove SurveyLocker follow these steps:

1. Boot Your PC In Safe Mode to isolate and remove SurveyLocker files and objects
2. Find files created by SurveyLocker on your PC

Use SpyHunter to scan for malware and unwanted programs

3. Scan for malware and unwanted programs with SpyHunter Anti-Malware Tool
4. Try to Restore files encrypted by SurveyLocker

Ventsislav Krastev

Ventsislav has been covering the latest malware, software and newest tech developments at SensorsTechForum for 3 years now. He started out as a network administrator. Having graduated Marketing as well, Ventsislav also has passion for discovery of new shifts and innovations in cybersecurity that become game changers. After studying Value Chain Management and then Network Administration, he found his passion within cybersecrurity and is a strong believer in basic education of every user towards online safety.

More Posts - Website

Leave a Comment

Your email address will not be published. Required fields are marked *

Time limit is exhausted. Please reload CAPTCHA.

Share on Facebook Share
Loading...
Share on Twitter Tweet
Loading...
Share on Google Plus Share
Loading...
Share on Linkedin Share
Loading...
Share on Digg Share
Share on Reddit Share
Loading...
Share on Stumbleupon Share
Loading...