Tuesday, March 19, 2013

How to Remove U.S. Department of Homeland Security Virus

Your computer has been locked by a security alert titled with “U.S. Department of Homeland Security (National Cyber Security Division) THIS COMPUTER HAS BEEN BLOCKED"? How to remove U.S. Department of Homeland Security virus scam and get your computer unlocked?

US Department of homeland Security Homeland Security National Cyber Security Division THIS COMPUTER HAS BEEN BLOCKED
The work of your computer has been suspended on the grounds of the violation of the law of the United States of America. Article 164. Pornography involving children. Article 171. Copyright. Article 113. The use of unlicensed software. To unlock the computer you are obliged to pay a fine of $300. You must pay the fine through MoneyPak. You have 48 hours to pay the fine. If the fine has not been paid, you will become the subject of criminal prosecution with ought the right to pay the fine. The Department for the Fight Against Cyber activity will confiscate your computer and that You to Court.



U.S. Department of Homeland Security virus is an extremely dangerous ransomware designed to lock up users’ computer and ask for $300 fine. In fact, you don’t violate any laws and you are not obliged to pay the $300. If you see your computer has been locked by U.S. Department of Homeland Security virus, don’t be fooled. All you need to do is to remove U.S. Department of Homeland Security virus completely to get back a clean system. U.S. Department of Homeland Security virus drops random infected files in the system and allows its execution whenever you start the infected machine. And it aggressively damages many system components, leading to failure to perform normal tasks. U.S. Department of Homeland Security virus would manage to block you from accessing safe mode with networking as well. Removing U.S. Department of Homeland Security virus by anti-virus programs is really not a good idea, for U.S. Department of Homeland Security virus has multiple characteristics and conceals its existence cunningly. Luckily we can still delete U.S. Department of Homeland Security virus by following the manual removal guide.

U.S. Department of Homeland Security Virus Removal Guide



1) Boot your computer into safe mode with command prompt. To perform this procedure, please restart your computer. -> As your computer restarts but before Windows launches, tap “F8″ key constantly. -> Use the arrow keys to highlight the “safe mode with command prompt” option and then press ENTER. -> If you don’t get the safe mode with command prompt option, please restart the computer again and keep tapping “F8″ key immediately.

2) Remove random processes.

 Random.exe

3) Show hidden files. Open Folder Options by clicking the Start button , clicking Control Panel, clicking Appearance and Personalization, and then clicking Folder Options. Click the View tab. Under Advanced settings, click Show hidden files and folders, and then click OK.

4) Check the following directories and remove associated files:

%AppData%\[random].exe

%ProgramFiles%\LP\[random].tmp

%ProgramFiles%\LP\[random].exe

%Windows%\system32\[random].exe

%System%\drivers\[RANDOM CHARACTERS].sys

5) Open Registry Editor by navigating to Start Menu, type in Regedit, and then click OK. When you have been in Registry Editor, please remove the following registry entries related:

HKEY_CLASSES_ROOT\.exe "(Default)" = ""

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\pcdfdata

HKEY_CURRENT_USER\Software\Classes\.exe\shell\open\command "(Default)" = ""%CommonAppData%\pcdfdata\.exe" /ex "%1" %*"

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "pcdfsvc" = "%CommonAppData%\pcdfdata\.exe /min" HKEY_CURRENT_USER\Software\Classes\.exe "(Default)" = ''

HKEY_CURRENT_USER\Software\Classes\.exe\shell\open\command "(Default)" = "%LocalAppData%\.exe" -a "%1" %*

6) End malicious startup options:

Open Start Menu and click Run.Type "msconfig" and click OK. Click the Startup tab on System Configuration Utility. Select Disable All and click OK. Exit the menu. Restart your computer in Normal Mode.

Attention: The above is only one virus sample posted. It is not surprising at all if you don’t locate the infected files and registries on your own infected PC. Those files could be randomly released and hidden. And certain expert skills will be required during the manual removal procedure to avoid wrong operation which may damage your computer permanently. To avoid unnecessary PC risk in the removal of U.S. Department of Homeland Security Virus, you’re welcome to contact Tee Support agents 24/7 online.

No comments:

Post a Comment