7/18/2013

How to Unlocked Australian Communications and Media Authority (ACMA) Virus

This is a letter from an Australian, who had stated that: “I need help! When I open my computer this morning, the situation has shocked me, for my screen is totally covered with the alert message which claims that “You computer has been locked”. And I find that I cannot access into my normal desktop, and all of my processes have stopped. In the message, it tells me that I have to pay a fine to unblock my computer. I really confused, and I have no idea. Any advice will appreciate.

Australian Communications and Media Authority (ACMA) Virus Description


Australian Communications and Media Authority (ACMA) Virus is a dangerous ransomware. I thought many users had the same experience that we were familiar with the AFP virus, but had no knowledge on the Australian Communications and Media Authority (ACMA) Virus. In this case, we all need to know that Australian Communications and Media Authority (ACMA) Virus is the update version of the AFP virus, and this virus contains the AFP virus’ traits, which can lock down the target computer, and show fake warning message, and etc. in addition, this virus will cause more issues on the attacked computers.

The first thing is that this virus can block the compromised computer completely, and terminal all of processes in the task manager. Therefore, you cannot access into your desktop, and you cannot access to your internet, too. And your antivirus has also stopped working, so you cannot remove this virus by the antivirus program.

The second thing is that this virus will display scam warning message. When you open your computer, the alert message keeps pop-ups, and you cannot minimize the window of this warning. The alert message claims that “your computer has been locked” by Australian Communications and Media Authority (ACMA), for you have violated of copyright law, and you have performed some illegal activities on your computer therefore your PC have been locked. To unblock your computer, and to avoid arresting by Australian Communications and Media Authority (ACMA), you just need to pay a fine which is $ 100 dollar. If you do not pay the fine within 72 hours, you will be arrested by the local Australian Police, for the “Australian Communications and Media Authority (ACMA)” has recorded your IP address and location. Many victims have to pay this fine, for they are afraid to be in jail. Please ignore this message, for this a fake message. You can realize that the real Australian Communications and Media Authority (ACMA) will never send this message by the network. Besides, it asks you to pay the fine via Ukash which is a prepaid card which is hacked by the hackers, in that case, victims cannot trace the money and have no way to get their money back if you pay for it.

The most dangerous thing is that this virus can enter into the target computer without your knowledge. It can sneak into the system through clicking malicious links or unsafe advertising pop-ups, visiting illicit website or installing freeware, or downloading attachment from spam emails

You can see the following text if your computer is infected by the by Australian Communications and Media Authority (ACMA) virus.


Attention!
Your computer has been blocked for safety reasons listed below.

You have violated World Declaration on non-proliferation of child pornography. You are accused of committing the crime envisaged by Article 161 of Commonwealth of Australia criminal law.

Article 161 of Commonwealth of Australia criminal law provides for the punishment of deprivation of liberty for terms from 5 to 11 years.

Also, you are suspected of violation of "Copyright and Related rights Law" (downloading of pirated music, video, warez) and of use use and/or dissemination of copyrighted content. Thus, you are suspected of violation of Article 148 of Commonwealth of Australia Criminal Law.

Article 148 of Commonwealth of Australia criminal law provides for the punishment of deprivation of liberty for terms from 3 to 7 years or 150 to 550 basic amounts fine.

Australian Communications and Media Authority (ACMA)
AFP. Crime Commission (ACC)
Royal Australian Corps of Military Police
Interpol


The screenshot of Australian Communications and Media Authority (ACMA) Virus



The disadvantages and risks of Australian Communications and Media Authority (ACMA) Virus


A.     Communications and Media Authority (ACMA) Virus can block your system completely.
B.      Communications and Media Authority (ACMA) Virus will unable your desktop, and stop most of processes.
C.      Communications and Media Authority (ACMA) Virus displays fake warning message, and pop-ups.
D.     Communications and Media Authority (ACMA) Virus will steal your important data.
E.      Communications and Media Authority (ACMA) Virus will cheat your money and you cannot get your money back.

Why doesn't antivirus software help?


It seems that the producers of Communications and Media Authority (ACMA) Virus have much experience to deal with all kinds of legit security software. Communications and Media Authority (ACMA) Virus is made to escape the detection so it is not surprising that you are hit by this nasty virus even though you have installed antivirus software in your computer. Then how to remove this virus since your security software won't help? You can carry out some manual instructions to make sure it’s permanently gone off your computer.


The steps to get rid of Communications and Media Authority (ACMA) Virus from computer


Situation one: your PC can log in the safe mode with networking

Steps 1. Get into the safe mode with networking



Steps 2. Press Ctrl+Alt+Del keys together and stop Communications and Media Authority (ACMA) Virus processes in the Windows Task Manager.


Steps 3. Open the Registry Editor, search for and delete these Registry Entries created by Communications and Media Authority (ACMA) Virus.


HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\CLSID\{B406C3AE-7A9B-57C0-C524-0017FDB3E193}\
HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\CLSID\{B406C3AE-7A9B-57C0-C524-0017FDB3E193}\INPROCSERVER32\
HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\CLSID\{B406C3AE-7A9B-57C0-C524-0017FDB3E193}\PROGID\
HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\INTERFACE\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}\
HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\INTERFACE\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}\PROXYSTUBCLSID\
HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\INTERFACE\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}\PROXYSTUBCLSID32\
HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\INTERFACE\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}\TYPELIB\
HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\INTERFACE\{C66F0B7A-BD67-4982-AF71-C6CA6E7F016F}\

Step 4. Detect and remove Communications and Media Authority (ACMA) Virus associated files listed below:

    %ALLUSERSPROFILE%\Application Data\safee save\51e793e2dc734.dll
    %TEMP%\7zS8.tmp\l64vjhq@[Domain Removed]\bootstrap.js
    %TEMP%\7zS8.tmp\l64vjhq@[Domain Removed]\chrome.manifest
    %USERPROFILE%\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences
    %TEMP%\7zS8.tmp\l64vjhq@[Domain Removed]\install.rdf
    %ALLUSERSPROFILE%\Start Menu\Programs\safee save\safee save.lnk
    %TEMP%\7zS8.tmp\l64vjhq@[Domain Removed]\content\bg.js
    %ALLUSERSPROFILE%\Application Data\safee save\51e793e2dc734.tlb
%TEMP%\7zS8.tmp\settings.ini

Situation two: your PC cannot log in the safe mode with networking, please choose safe mode with command prompt.

Steps 1. Get into the safe mode with command prompt.

<Restart your computer. As your computer restarts but before Windows launches, tap "F8" key constantly. Use the arrow keys to highlight the "Safe Mode with command prompt" option, and then press ENTER>.
Steps 2. Create a new account.
Click Start and click Control Panel> Click User Accounts and Family Safety>Under User Accounts, click Add or remove user accounts>Click Create a new account>Type in the account name. Select the account type: Administrator>Click Create Account.
Steps 3. Restart your PC and log in the new account

Steps 4 to delete associated files listed and Registry
(It is the same as the situation one)

Situation three: Cannot log into any mode.

To choose the option of Repair your PC

<Restart your computer. As your computer restarts but before Windows launches, tap "F8" key constantly. Use the arrow keys to highlight the “Repair your PC" option, and then press ENTER>

Approach two:  Communications and Media Authority (ACMA) Virus Automatically with Removal Software (Highly Recommended)


Free Download Quick Malware Removal Tool Here!


http://www.pcresolvers.com/spyhunter.php

Steps to install removal tool on PC:

1. When you have finished downloading, please double-click on the .exe icon on your desktop.





2. Please allow it to run when Windows prompts you as to whether or not you wish to run removal tool.

3. Follow the Command Prompts shown the screen to finish the installing.



4. Start scanning your system after installing.

5. Clear up all detected items by clicking remove button.



Note: Even though it is possible to manually remove Communications and Media Authority (ACMA) Virus by yourself, such activity can permanently damage your system if any mistake is made in the process as advanced spyware viruses are able to automatically repair them if not completely deleted. Thus, manual spyware removal is recommended for skilled users only, such as IT experts or highly qualified system administrators. Please download famous removal tool here for help.


No comments:

Post a Comment