To do this the malware pops up a screen that looks pretty authentic encouraging you to activate your pirated copy of Windows right now. If you decide not to it will lock up your computer so that the only thing you can do is fill out all the information needed – including your credit card info – in order to unlock your computer.

While their claim that your credit card won’t be charged might be true the fact is that it is automatically sent off to a network of bots set up to collect the information.

The post over at Sunbelt has the complete screen shots of the ransomware in action, including the receiving end as it collects the information.

Ransoming your Windows activation is a post from: winextra
Follow us on Twitter: @WinExtra | Don't forget we're on Facebook as well: WinExtra Fans

Related posts:

1. Windows 7 Search – Start Menu a hidden gem
2. Moving up in the world – migrating from XP to Windows 7
3. Windows 7® is here!… just like everywhere else
4. Pulling the plug on the XP to Windows 7 upgrade argument

There is a new one according to a report from Symantec called Ramvicrype Trojan that well encrypt your files and then when you are search for a fix you find yourself directed to a website that will sell you some software to fix the problem. The search will yield the expected results because of the unique file extension the malware uses on the encrypted files.

Using the file extension – *.vicrypt it takes short order to find the solution but Symantec has published a specific utility program to help any victims hit by this trojan.

Symantec virus researcher Shunichi Imano said in a blog entry that Ramvicrype victims will see some files on the computer with a vicrypt extension.

Entering the term ‘vicrypt’ into a search engine leads us to a company offering a fix, which of course is a charged service. So, there was a reason for that file extension after all.

The security vendor has developed a Symantec Ramvicrype removal tool for victims to decrypt the files.

The one other solution is to make sure you have a current image file of your system and then restore if hit by crippling malware such as this one.

hat tip to the Security Bytes team.

A nasty ransomware trojan making the rounds is a post from: winextra
Follow us on Twitter: @WinExtra | Don't forget we're on Facebook as well: WinExtra Fans

Related posts:

1. Search for news on wildfires could land you a trojan
2. System Restore and malware – a piece of advise
3. Software Review: Unlocker
4. Easeus Partition Manager