This time, Reveton does not ask for money to unlock the infected computer's desktop - in fact, it doesn't lock it at all. What it does is downloads and runs a fake AV variant - Live Security Professional - and tries to trick users into believing their computer is chock full of malware and urges them to sign up for protection (click on the screenshot to enlarge it):
The malware assures its persistence by creating a registry entry to allow itself to automatically execute whenever the system restarts, and so the user is constantly bombarded with pop-ups warning about the infections.
Users who fall for this scheme don't just lose a considerable amount of money, but are also lulled into a false sense of security.
According to ThreatTrack's Chris Boyd, this particular Reveton variant is being distributed via compromised websites hosting the Sweet Orange exploit kit.