Tuesday, December 25, 2012

Cybercrime Investigation Department virus – How to Make Computer Functional after Lock up?

Recently there are too many ransomware which is what we called lockout virus that makes people take it for granted. Thus resulting in severe condition that the fake message pops up even in safe mode! Here are the screenshots of Canadian Cybercrime Investigation Department virus:
English version:

French version:

For those who with strong protection that do not get the above shown picture in safe mode get disappointed as well. 

Your request to remove the Ukash virus with the assistance from Antivirus program falls on deaf ears Your webcam is taken control of even if you aren’t connected to the internet. Situation turns out to be creepy when you are warned that you are being monitored using visual and auditory means, and if you don't pay Cad 100 within 72 hours they will start criminal proceedings (a two – to – eight – year imprisonment).

If it were your day, you were going to turn back as an administrator within 1 – 72 hours. Yet, seldom people get that luck. Please do not fall into the trap even if you have viewed or distributed prohibited Pornographic content (Child Porn/Zoofilia and etc.) since none of authorities would collect ransom by locking up people’s computer.

Still, there were cases that any scanning software, msconfig, regedit, iexplore or any other utility program cannot be executed; Software hive got blocked by the file is in use message. What are you waiting for? Go and rescue your machine by following the steps below trawled through by Tee Support technicians 24/7 online. Should there be any unexpected scene coming up, you are welcome to get professional help by starting a live chat here.

Steps Show You How to Stop Webcam Stream and Unlock Your Computer

Disable Webcam

Stop your webcam stream against Cybercrime Investigation Department virus by denying flash.
Step:  right click on the video broadcast interface to select ‘settings’. You’ll get the little window popped up as shown below:

Then tick ‘Deny’

Unlock Computer

Step1:Reboot your computer and log into Safe Mode with Networking.

As the computer is booting but before Windows launches, tap the "F8 key" continuously which should bring up the "Windows Advanced Options Menu" as shown below. Use your arrow keys to highlight "Safe Mode with Networking" option and press Enter key.


Step2: Launch msconfig. and disable startup items rundll32 

 Click "start" —> put msconfig. in "search box" —> press Enter —> disable rundll32



Step3: Reboot your system one more time and enter into Safe Mode with Networking.

Step4: Run regedit. Search for Winlogon.

Click "start" —> put regedit in "search box" —> press Enter —> press and hold Ctrl+F to search for Winlogon

Step5:There will be a key labeled Shell in the right pane. It should reference Explorer.exe or be blank. If not, right click it and replace it with explorer.exe.

Note: if you cannot load explorer.exe, and cannot see Windows Task Manager or desktop, follow the steps below:

1. start explorer.exe

a) Press "Alt+Ctrl+Del".
b) Click "Task manager"
c) Click "New Task".


 d) Type "explorer.exe" and press "Ok"

Now explorer.exe will load and you can see your Desktop and all your files .

Step6: Save changes, reboot to safe mode with networking.
Step7: Run msconfig and disable all unnecessary startup entries.

a) Related files and folders

[random].exe in hard drive
%Documents and Settings%\All Users\Desktop\Cybercrime Investigation Department.lnk

b) Associated registry entries

HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\open\command “(Default)” = ‘”%UserProfile%\Local Settings\Application Data\[random].exe” /START “%Program Files%\Mozilla Firefox\firefox.exe”‘
HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\safemode\command “(Default)” = ‘”%UserProfile%\Local Settings\Application Data\[random].exe” /START “%Program Files%\Mozilla Firefox\firefox.exe” -safe-mode’
HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command “(Default)” = ‘”%UserProfile%\Local Settings\Application Data\[random].exe” /START “%Program Files%\Internet Explorer\iexplore.exe”


Detailed Video Shows How to Unlock Your PC

Note: if you have blank page in safe mode with networking, unable to access to the Internet or get the fake page pop up in safe mode, the situation is much more tough than you can imagine, but you can always find professional help from Tee Support experts 24/7 ready to help.

No comments:

Post a Comment