Porthos
Well-Known Member
- Reaction score
- 12,448
- Location
- San Antonio Tx
Tech Support scammers are using a free utility called Lock My PC to lock users out of their PCs unless they pay the requested "support" fees.
For years telephone scammers pretending to be from Microsoft, Google, and other companies have been convincing people to let them access their computer to fix a "detected" issue. Once the scammers gain access to the computer, though, they would use the Windows Syskey program to lock the user out of Windows with a password unless they paid for the "support" call.
Computer Locked with Syskey
With the release of Windows 10 1709, otherwise known as the Fall Creators Update, Microsoft removed all support for Syskey from the operating system.
With Syskey no longer being available, tech support scammers have switched to another product called Lock My PC to lock victims out of Windows.
When installed Lock My PC will require a user to enter a password before they can gain access to Windows. When used to lock a PC, users will see an animated 'Locked' screen when they start their computer.
Lock My PC screen
If they press any button on the keyboard, a password prompt dialog would be shown stating "The computer has been locked".
Unlike Syskey, which encrypts the Windows SAM database and uses the inputted password to decrypt it, Lock My PC does not encrypt anything and only blocks access to the computer with the password.
Unfortunately, in our tests, the software also runs in Safe Mode, which makes it difficult to disable without the password or bootable recovery tools.
These tools, though, can be difficult to use for those who are affected by this scam.
Lock My PC dev offers free recovery keys
When FSPro Labs, the developers of Lock My PC, discovered that their free software was being abused, they no longer made the software publicly available for download.
"After receiving too many reports of Lock My PC misuse, we decided to make our user access control software unavailable for the public. However, the programs are still available for our existing customers on requests. New customers may request Lock My PC business edition only using their corporate email address," FSPro Labs stated on the product's download page.
For users who fell victim to one of these scams and have had Lock My PC installed on their computer, FSPro is offering free recovery passwords that will allow users to unlock their PC.
To get access to a recovery password, at the Lock My PC password prompt enter '999901111' and a numeric recover code will appear under the password field.
Getting a recovery code
Victims can input this code on the Lock My PC recovery page to receive a recovery password that can be entered into the password field to unlock the PC.
Users can then uninstall the Lock My PC program from their computer.
For years telephone scammers pretending to be from Microsoft, Google, and other companies have been convincing people to let them access their computer to fix a "detected" issue. Once the scammers gain access to the computer, though, they would use the Windows Syskey program to lock the user out of Windows with a password unless they paid for the "support" call.
Computer Locked with Syskey
With the release of Windows 10 1709, otherwise known as the Fall Creators Update, Microsoft removed all support for Syskey from the operating system.
With Syskey no longer being available, tech support scammers have switched to another product called Lock My PC to lock victims out of Windows.
When installed Lock My PC will require a user to enter a password before they can gain access to Windows. When used to lock a PC, users will see an animated 'Locked' screen when they start their computer.
Lock My PC screen
If they press any button on the keyboard, a password prompt dialog would be shown stating "The computer has been locked".
Unlike Syskey, which encrypts the Windows SAM database and uses the inputted password to decrypt it, Lock My PC does not encrypt anything and only blocks access to the computer with the password.
Unfortunately, in our tests, the software also runs in Safe Mode, which makes it difficult to disable without the password or bootable recovery tools.
These tools, though, can be difficult to use for those who are affected by this scam.
Lock My PC dev offers free recovery keys
When FSPro Labs, the developers of Lock My PC, discovered that their free software was being abused, they no longer made the software publicly available for download.
"After receiving too many reports of Lock My PC misuse, we decided to make our user access control software unavailable for the public. However, the programs are still available for our existing customers on requests. New customers may request Lock My PC business edition only using their corporate email address," FSPro Labs stated on the product's download page.
For users who fell victim to one of these scams and have had Lock My PC installed on their computer, FSPro is offering free recovery passwords that will allow users to unlock their PC.
To get access to a recovery password, at the Lock My PC password prompt enter '999901111' and a numeric recover code will appear under the password field.
Getting a recovery code
Victims can input this code on the Lock My PC recovery page to receive a recovery password that can be entered into the password field to unlock the PC.
Users can then uninstall the Lock My PC program from their computer.
