9/06/2013

How to Unblock/Stop Interpol Department of Cybercrime Ransomware Virus (Fake Interpol Virus, Interpol Trojan)

PreciseExpression of Interpol Department of Cybercrime Ransomware Virus


Reiterate that Interpol Department of Cybercrime Ransomware Virus also calls Interpol virus, fake Interpol virus, it is not a term to state the decent organizations. Actually, it is an aggressive ransomware wears a mask of Interpol Department of Cybercrime and then exploits this real agency as an agent to execute its behaviors. In some degree, you can say that, this infection is a group of MoneyPak virus, FBI virus, Department of Justice virus, U.S. Department of Homeland Security virus and NSA Internet Surveillance Program Virus.

Masquerading as the Logo of Interpol Department of Cybercrime, Perform Fake and Dangerous Actions


In name of Interpol Department of Cybercrime, Interpol virus target computer users from European and American countries, for those people are familiar with this institute well, by Masquerading of the logo of  Interpol Department of Cybercrime, this scam will achieve the effect to threaten users and take them into the trap made by this virus.

First of all, this fake program can lock down the compromised system, and disable users to access the normal desktop, and stop all the task managers at the same time. As a matter offact, once infected this ransomware, users just get a locked screen shown after launching their machines and they cannot able to move their mouse and tap any key, for this virus screen has been flood with the entire desktop, there is no cancel or close button to shut it down. In this sense, attackers will respectively get the listed modes disabled: safe mode, safe mode with networking, safe mode with command prompt, last known good configuration, system repair and so on after pressing F8 key. Infected computers will restart itself if users select the ‘Windows Advanced Options’ and the locked down screen appear automatically.

Second, users will see a several words sent by “Interpol Department of Cybercrime”, which claims that your computer has been locked for you have violated the law such as downloading or distributing video, music, and software against copyright and related rights laws. To unlock their computers users are asked to find a penalty fine via payment system like UKash, or Playsafecard. And to make users suspect their computer was locked by the local police, and threaten users for prosecution and imprisonment if they don’t pay the fee in the limited day (1- 72 hours). Below are the some of the language used in this virus:

“Interpol

Department of cybercrime

Attention! Your PC is blocked due to at least one of the reasons specified below

You have been violating Copyright and Related Rights Law (Video, Music, Software) and illegally using or distributing copyrighted content, thus infringing Article 128 of the Criminal Code of Great Britain. Article 128 of the Criminal Code provides for a fine of two to five hundred minimal wages or a deprivation of liberty for two to eight years.

You have been viewing or distributing prohibited Pornographic content (Child Porno/Zoofilia and etc.). Thus violating article 202 of the Criminal Code of Great Britain. Article 202 of the Criminal Code provides for a deprivation of liberty for four to twelve years.

Illegal access to computer data has been initiated from your PC, or you have been…

Article 208 of the Criminal Code provides for a fine of up to 100000 Euro and/or a deprivation of liberty for four to nine years.”

Please notice that the warning message from locked screen is FAKE! No matter where it claims to come from. Interpol Department of Cybercrime program is a scam and is one of ukash virus according to the broad mass.


Screenshot of Interpol Department of Cybercrime Virus

 



Residual Damages from Interpol Department of Cybercrime Ransomware Virus


A, this program can install on the target computers without asking prompting.

B, It will block the installed computer system and prevent computer user from accessing the internet, and disable them navigate through their operating system.

C, Interpol Department of Cybercrime Ransomware virus display fake warning message in the name of local institute, and scare victims computer crime prosecution section department will prosecute the user for violating the law.

D, this infection has capable of hijacking default homepage, redirecting to other malicious sites after altering internet browser settings.

E, it will bring other forms of malware such as adware and spyware on the infected computers.

F, this threat is Trojan supportive.

G, if users pay a fine via the UKash, or Playsafecard, the privacy data inputted in the form during payment may hijack by the cyber crooks who want to swindle money from victims by promoting this scam.

H, Computer is choppy, sluggish, sometimes crash.

Manual Interpol Department of Cybercrime Ransomware Virus Removal Guide


Situation one, infected computers can log on safe mode with networking.


Method one, please restart your computers and then press F8 key continuously and choose safe mode with networking.

Method two, Close all running processes. Before you end its relevant malicious processes shown as below, please make certain you have saved and close all the running files or any other applications first.

Method three, Get rid of the related files infected:
%Windir%\temp\random.exe
%Windir%\Temp\random
HKLM|HKCU]\SOFTWARE\Microsoft\Windows

Method four, To remove the created registry as follows: 


HKCU\Software\Microsoft\Windows\CurrentVersion\Run\Inspector %AppData%\random.exe

HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnHTTPSToHTTPRedirect 0

HKCU\Software\Microsoft\Windows\CurrentVersion\Settings\UID [rnd]


Situation two, machines may log on safe mode with command prompt.

1, please restart your computers and then press F8 key continuously and choose safe mode with command prompt.
2, the next steps will be same as the situation one.

Situation three, the attacked computers unable to log on the any mode, please choose the option "repair your computer"

Important Step: Removal Interpol Department of Cybercrime Ransomware by using SpyHunter Anti-Spyware 
1: Click the below download icon to download SpyHunter.

http://www.pcresolvers.com/spyhunter.php

2: Follow the directions and to finish the installation of SpyHunter.






3: Click on the Scan Now button to scan your PC.

4: select all detected items and then remove them.


Given by above post, Interpol Department of Cybercrime Ransomware is a Trojan supportive grogram. It is made by cyber criminals who want to steal money from attackers who are unaware of this is a scam. Once installed this virus, the infected system will be locked down and disable to access to the desktop and get a virus screen. You are asked to pay a fine to unblock your system, or you will be put into jail by local police. Please notice that is a scam, and ignore all the alert statement. You need to hurry up to unblock your computer as soon as possible before this program introduces more viruses into the computers.

No comments:

Post a Comment