Interpol Department of Cybercrime scam

Interpol Departament of Cibercrime scam - how to unblock your PC?

"Interpol Departamanet of Cibercrime" is a ransomware computer infection which locks user's desktop and asks to pay a fine for watching or distributing pornography, etc. This security threat originates from a family of ransomware called "Urausy". When this scam infiltrates user's computer it blocks the screen stating that you have been distributing copyrighted content or your computer might have been infected with malware which sends spam, thus infringing the law. This deceptive message states that you have to pay a fine of 100 euro or 100 pounds for such law infringements.

In reality such fine doesn't exist, this screen locker is created by Cyber criminals who are making money from unsuspecting PC users who falls for such trickery and pays the non existent fine. You should understand that neither Interpol nor any other authorities (FBI, GEMA, Strathclyde Police, Department of Justice etc.) collects fines in such way (screen lockers). This message is totally fake and you shouldn't pay this imaginary fine - you will send your money to Cyber criminals and your PC will still be locked.

"Interpol Departament of Cibercrime" is being distributed like any other ransomware infection, Cyber criminals who are responsible for creating this scam are using drive-by downloads and Trojans to infect Internet users all over the world. Furthermore such ransomware infections are able to determine computer user's IP address and present the localized version of it's deceptive message. Most commonly such infections are targeted at USA and Great Britain PC user's though Cyber criminals are also targeting other countries such as France, Germany etc. To prevent such infections from entering your PC you should always use a legitimate antivirus and antispyware programs. If your PC is already infected with "Interpol Departament of Cibercrime" ransomware you should use this removal guide and eliminate it from your computer.

Fake message shown in "Interpol Departament of Cibercrime" ransomware:

Interpol Departament of Cibercrime
Attention!
Your PC is blocked due to at least one of the reasons specified below. You have been violating "Copyright and Related Rights Law" (Video, Music, Software) nd illegally using or distributing copyrighted content, thus infringing Article 128 of the Criminal Code of World Departament of Cybercrime. Article 128 of the Criminal Code provides for a fine of 2 to 5 hundred minimal wages or a deprivation of liberty for 2 to 8 years.
You have been viewing or distributing prohibited Pornographic content (child Porn/Zoophilia and etc). Thus violating article 202 of the
Criminal Code of World Department of Cybercrime.Article 202 of the Criminal Code provides for a deprivation of liberty for four to twelve years.
Illegal access to computer data has been initiated from your PC, or you have been...
Article 202 of the Criminal Code provides for a fine of p to 100,000 euro 100.000 pounds and/or a deprivation of liberty for 4 to 9 years. Illegal access has been initiated from your PC without your knowledge or consent, your PC may be infected by malware, thus you are violating
the law On Neglectful Use of Personal Computer. Article 210 of the Criminal Code provides for a fine of 2,000 euro 2,000 pounds to 8,000 euro 8,000 pounds. Spam distribution or other unlawful advertising has been effected from your PC as a profit-seeking activity or without your knowledge, your PC may be infected by malware. Article 212 of the Criminal Code provides for a fine of up to 250,000 euro 250,000 pounds and a deprivation of liberty of up to 6 years. In case this activity has been effected without your knowledge, you fall under the above mentioned article 210 of the Criminal Code of World Department of Cybercrime... The amount of fine is 100 euro or 100 pounds. You can pay a fine Ukash or PaysafeCard. When you pay the fine, you PC will get unlocked in 1 to 72 hours after the money is put into the State's account.

"Interpol Departament of Cibercrime" ransomware removal:

Step 1

Start your computer in safe mode. Click Start, then click Shut down. Select Restart and click OK. During your computer starting process press F8 key on your keyboard multiple times until Windows Advanced Options menu shows up, then select Safe mode with networking from the list and press ENTER.

Step 2

Log in to the account that is infected with "Interpol Departament of Cibercrime" ransomware. Start your Internet browser and download a legitimate anti-spyware program. Update the anti-spyware software and start a full system scan. Remove all the entries that it detects.

remover "Interpol Departament of Cibercrime" ransomware

Can't boot in Safe Mode with Networking? ("Interpol Departament of Cibercrime" virus blocks Safe Mode with Networking)

If you have more than one user account in your operating system - please log-in to the clean account and download the recommended anti-spyware software, install it and run a full system scan, remove all the security infections it will detect, however if you have only one user account please follow this guide (this guide will show you how to create a new user account using safe mode with command prompt - using this newly created user account you will be able to remove "Interpol Departament of Cibercrime" ransomware).

If "Interpol Departament of Cibercrime" virus also blocks your operating system's Safe Mode with Networking follow these removal instructions:

1. Start your computer in Safe Mode with Command Prompt - During your computer starting process press F8 key on your keyboard multiple times until Windows Advanced Options menu shows up, then select Safe mode with command prompt from the list and press ENTER.

2. When command prompt mode loads enter the following line: net user removevirus /add and press ENTER.

3. Next enter this line: net localgroup administrators removevirus /add and press ENTER.

4. Finnaly enter this line: shutdown -r and press ENTER.

5. Wait for your computer to restart,  then boot your PC in Normal Mode and login to the newly created user account ("removevirus"). This account won't be affected by the ransomware infection and you will be able to download and install recommended anti-spyware software to eliminate this virus from your computer.

6. Download and install recommended anti-spyware software to eliminate this ransomware infection from your computer:

remover for "Interpol Departament of Cibercrime" virus

If the newly created user account is also affected by the ransomware infection try doing a System Restore:

1. Start your computer in Safe Mode with Command Prompt - During your computer starting process press F8 key on your keyboard multiple times until Windows Advanced Options menu shows up, then select Safe mode with command prompt from the list and press ENTER.

2. When command prompt mode loads enter the following line: cd restore and press ENTER.

3. Next type this line: rstrui.exe and press ENTER.

4. In the opened window click "Next".

5. Select one of the available restore point and click "Next" (this will restore your computer's system to an earlier time and date, before the ransomware infiltrated your PC).

6. In the opened window click "Yes".

7. After restoring your computer to a previous date download and scan your PC with a recommended anti-spyware software to eliminate any left remnants of Interpol Department of Cybercrime ransomware.

Notice that some ransomware infections are capable of encrypting all the files that were stored on an infected PC. If you are dealing with such infection you can use some of the tools listed below to decrypt your files.

To regain control of your files (decrypt) try using these tools:

RannohDecryptor (Kaspersky)

XoristDecryptor (Kaspersky)

RectorDecryptor (Kaspersky)

Trojan.Winlock decoding utility (Dr.Web)

Alternative "Interpol Departament of Cibercrime" ransomware removal guide:

If this ransomware blocks your screen when you start your computer in safe mode with networking, try starting your PC in safe mode with command prompt.

1. During your computer starting process press F8 key on your keyboard multiple times until Windows Advanced Options menu shows up, then select Safe mode with command prompt from the list and press ENTER.

2. In the opened command prompt type explorer and press Enter. This command will open explorer window, don't close it and continue to the next step.

3. In the command prompt type regedit and press Enter. This will open the registry editor window.

4. In the registry editor window you should navigate to HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\

5. In the right side of the window locate "Shell" and right click on it. Click on Modify. The default value data is Explorer.exe if you see something else written in this window remove it and type in Explorer.exe (you can write down whatever else was written in the value data section - this is a path of the rogue execution file) - use this information to navigate to the rogue executable and remove it.

6. Restart your computer, download and install a legitmate anti-spyware software and perform a full system scan to eliminate any left remnants of "Interpol Departament of Cibercrime" ransomware.

remover for "Interpol Departament of Cibercrime" ransomware

If you can't start your computer in safe mode with networking (or with command prompt) you should boot your computer using a rescue disk. Some variants of ransomware disables safe mode making it's removal more complicated. For this step you will need access to another computer. After removing "Interpol Departament of Cibercrime" ransomware from your PC restart your computer and scan it with a legitimate antispyware software to remove any possibly left remnants of this security infection.

Anti-spyware programs known to detect and remove "Interpol Departament of Cibercrime" ransomware scam:

• iS3 STOPzilla
• Malwarebytes Anti-Malware

Some malicious software modifies browser settings and disables downloads of spyware and virus removing software. If you have problems downloading anti-spyware software with Internet Explorer, try downloading with Chrome, FireFox, Opera, etc.

If you can't access Internet:

Load your computer in safe mode. Click Start, click Shut down, click Restart, click OK. During your computer starting process press F8 key on your keyboard multiple times until you see Windows Advanced Option menu, then select Safe mode with networking from the list.

Start Task manager. Press ctrl+alt+del (or ctrl+shift+esc) and end task the processes of rogue program. ( if after this procedure you can't access any programs press ctrl+alt+del, click File, select New Task, and type explorer.exe then press OK.

Open Internet explorer, click Tools and select Internet Options. Select Connections, then click LAN settings, if a Use a proxy server for your LAN is checked, un-check it and press OK.

After this procedure you should be able to access Internet. Now you can download anti-spyware software from our "Top spyware removers" section and run a full scan. Download, install and don't forget to update your selected anti-spyware program.

Manual "Interpol Departament of Cibercrime" ransomware removal:

If you were unable to remove "Interpol Departament of Cibercrime" ransomware using the steps above, you can use this manual removal instruction. Use it at your own risk. If you don't have strong computer knowledge you could harm your operating system. Be careful and use it only if you are an experienced computer user. (Instructions on how to end processes, remove registry entries...)

End these "Interpol Departament of Cibercrime" ransomware processes:

random.exe

Delete these "Interpol Departament of Cibercrime" ransomware files:

%Temp%\<random>.exe
%StartupFolder%\ctfmon.lnk