One of the most familiar to ordinary users of the virus is winlocker. Its feature is its focus on the Windows operating system. When infected, a large window or banner will hang on the computer screen, the contents of which may vary, but the essence boils down to one thing - to receive money from the user. What is a winlocker and what to do in a collision with it will be discussed in this article.
Story
The first cases of infection with this virus began to be recorded in 2007. However, by 2012, it was replaced by more advanced encryption trojans. It is quite difficult for an ordinary user to get rid of it, because this will require specialized knowledge.
On the part of the winlocker, it has the form of a window in which it is proposed to receive a service (download a file, program, read an article) by simply sending SMS to the specified number (funds are also charged for this). After sending, the user will allegedly receive an activation code that will unlock the computer.
Developmental stages
Initially, the definition of what a winlocker was was a trojan that replaces the host file and closes access for further editing. This led to the fact that when trying to visit a certain site, an automatic transition to the fake page created by the author of the virus occurred. As a result, the user blocked the desktop, on which a banner with joking content was displayed. Any novice hacker can know how to make this kind of winlocker - due to the simplicity of the procedure.
After that, banners with indecent content appeared, which were fixed in the browser and had no effect on anything else.
Soon, this method developed, and the banner was able to close the desktop and task manager. As a rule, experienced users could easily solve the problem.
The latest versions of Winlockers are launched before the system boots up, thereby leaving ordinary users a chance to cope with the problem.
Download winlocker builder is quite simple. Usually it’s enough to visit several pages on the Internet that contain various files and programs for free download. In some cases, just clicking on a random banner is enough to provoke the download of this virus and its installation.
How does it work
The principle of operation is quite simple, and familiarization with it will help to know what a winlocker is. After loading, it will automatically start and register at startup. After rebooting, the banner will appear on the desktop. Switching it off by standard means is impossible, since the usual key combinations are blocked. Recent versions of the threat can infect the system even when working in safe mode. When you try to send SMS to the specified number, the chance of receiving a code is very low. There are few options for winlockers that self-destruct after entering the received code. For inexperienced users, the best solution would be to seek outside help. At the same time, reinstalling the system can always help (if the skills allow this).
Prevention
To minimize the chances of becoming infected with such a virus, you should follow some simple rules:
- Work in the system with an account with limited rights.
- For the administrator account, set a complex password.
- Have a medium from which, if necessary, you can reinstall the system.
- Create recovery points at least once a month.
- Open suspicious files in a virtual machine (VirtualBox).
- Make a backup to an external device.
The described threat is quite dangerous, and getting rid of it yourself, even if you know what Winlocker is, is almost impossible. You should take into account all the rules of behavior described above in order not to face this threat, as well as install an antivirus, since most of them help to deal with the danger by simply preventing it from changing system files.