United States Cyber Security Virus removal guide
United States Cyber Security screen locker is another ransomware computer infection that originates from a family of ransomware called Reveton. This screen locker is created by Cyber criminals who are hoping the unsuspecting computer users will fall for this scam and will pay a non existent fine of $100. You shouldn't even consider paying this fine - you will send your money to Cyber criminals and your PC will still be locked. The deceptive message in this ransomware states that you have been watching or distributing child porn etc. and thus infringing copyright laws. You shouldn't believe a word that is presented in this message, it's a total scam - none of the authorities are blocking computer to collect fines for any law infringements. To make their screen lockers appear more legitimate Cyber criminals are using names of authorities - this time it's United States Cyber Security.
Previously seen ransomware infections were exploiting the name of FBI, Interpol and other authorities. Furthermore this ransomware infection is able to capture your computer's IP address and using this information the deceptive message in this screen locker is localized. While United States Cyber Security ransomware is targeted at computer users from USA other ransomware from this family are known to target computer users from Sweden etc. displaying a deceptive message in their language and exploiting the names of authorities from their country. For example PC users from Sweden will see this message as if it would be from Den svenska polisen it sakerhet.
Ransomware infections such as this have become a very profitable business for Cyber criminals, they are continuing to created new screen lockers and distribute them all over the Internet. Most commonly such scams are spread using Trojan infections and drive-by downloads. Furthermore Cyber criminals are bundling their ransomware with other security threats such as Citadel and Zeus Trojans. To prevent such infections from entering your PC you should update your operating system and all of your installed software. You should also use a legitimate antivirus and anti-spyware programs to security your computer. If your PC is already infected with United States Cyber Security ransomware you should use the provided removal guide to help you eliminate it from your computer.
Fake message shown in United States Cyber Security ransomware:
United States Cyber Security
Your PC is blocked due to at least one of the reasons specified below.
You have been violating Copyright and Related Rights Law (Video, Music, Software) and illegally using or distributing copyrighted content, thus
infringing Article 1, Section 8, Clause 8, also known as the Copyright of the Criminal Code of United States of America.
Article 1, Section 8, Clause 8 of the Criminal Code provides for a fine of two to five hundred minimal wages or a deprivation of liberty for two to
eight years. You have been viewing or distributing prohibited Pornographic content ( Child Porno, Zoofilla and etc). Thus violating article 202 of the Criminal Code of United States of America. Article 202 of the Criminal Code provides for a deprivation of liberty for four to twelve years.
Illegal access has been initiated from your PC without your knowledge or consent, your PC may be infected by malware, thus you are violating the law On Neglectful Use of Personal Computer. Article 210 of the Criminal Code provides for a fine of up to $100,000 and/or a deprivation of liberty for four to nine years. Pursuant to the amendment of the Criminal Code of United States of America of May 28, 2011, this law infringement (if it is not repeated - first time) may be considered as conditional in case you pay the fine of the State. Fines may only be paid within 24 hours after the infringement. As soon as 24 hours elapse, the possibility to pay the fine expires, and a criminal case is initiated against you automatically within the next 24 hours! To unlock the computer, you must pay the fine through MoneyPak of $100.
How to unlock computer using the MoneyPak?
1. find a retail location near you.
2. Look for a MoneyPak in the prepaid section. Take it to the cashier and load it with cash. A service fee of up to $4.95 will apply.
3. To pay fine, you should enter the digits MoneyPak resulting code in the payment form and press Pay MoneyPak.
When you pay the fine, your PC will get unlocked in 1 to 48 hours after the money is put into the State's account.
United States Cyber Security scam removal:
Start your computer in safe mode. Click Start, then click Shut down. Select Restart and click OK. During your computer starting process press F8 key on your keyboard multiple times until Windows Advanced Options menu shows up, then select Safe mode with networking from the list and press ENTER.
Video showing how to start Windows 7 in "Safe Mode with Networking":
Log in to the account that is infected with United States Cyber Security ransomware. Start your Internet browser and download a legitimate anti-spyware program. Update the anti-spyware software and start a full system scan. Remove all the entries that it detects.
After completing these steps your computer should be clean, reboot your computer in normal mode.
Alternative United States Cyber Security ransomware removal guide:
If this ransomware blocks your screen when you start your computer in safe mode with networking, try starting your PC in safe mode with command prompt.
1. During your computer starting process press F8 key on your keyboard multiple times until Windows Advanced Options menu shows up, then select Safe mode with command prompt from the list and press ENTER.
2. In the opened command prompt type explorer and press Enter. This command will open explorer window, don't close it and continue to the next step.
3. In the command prompt type regedit and press Enter. This will open the registry editor window.
4. In the registry editor window you should navigate to HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\
5. In the right side of the window locate "Shell" and right click on it. Click on Modify. The default value data is Explorer.exe if you see something else written in this window remove it and type in Explorer.exe (you can write down whatever else was written in the value data section - this is a path of the rogue execution file) - use this information to navigate to the rogue executable and remove it.
6. Restart your computer, download and install a legitimate anti-spyware software and perform a full system scan to eliminate any left remnants of United States Cyber Security ransomware.
If you can't start your computer in safe mode with networking (or with command prompt) you should boot your computer using a rescue disk. Some variants of ransomware disables safe mode making it's removal more complicated. For this step you will need access to another computer. After removing United States Cyber Security ransomware from your PC restart your computer and scan it with a legitimate antispyware software to remove any possibly left remnants of this security infection.
Anti-spyware programs known to detect and remove United States Cyber Security ransomware scam: