GVU Gesellschaft Zur Verfügung Von Urheberrechtsverletzungen e.V scam - how to unlock your PC?
GVU Gesellschaft zur Verfolgung von Urheberrechtsverletzungen (Bundesamt für Sicherheit in der Informationstechnik) scam is a ransomware infection which tries to trick PC users into paying a non existent fine of 100 euro for supposed copyright law violations. This deceptive message completely locks user's computer and asks to pay the fake fine using Ukash. This scam originates from a family of ransomware named Reventon. It's a widely distributed security threat which was translated to many languages. This particular ransomware is targeted at PC users from Germany and it exploits the name of "GVU" to make the fake message appear more realistic. Computer users should ignore this message and shouldn't pay the fine of 100 euro.
If you pay this fine you will send your money to Cyber criminals and your computer will remain locked. Most commonly such ransomware infections are spread using Trojans. Computer users should be careful while opening email letter's attachments and using P2P networks. Best practices to avoid such infections is to use a legitimate antivirus and antispyware software. You should also frequently update your operating system and all of your installed programs.
Notice that Cyber criminals who are responsible for releasing this scam are using Ukash and Paysafecard services for money transfers. These services are prepaid cards and sending money using such cards is very unsafe. While authorities can easily trace money transactions made by wire transfers and other standard services using Ukash and paysafecard lets Cyber criminals stay safe. If your PC is locked with such ransomware you should use the provided removal guide to help you eliminate this scam from your computer.
Fake message shown in GVU Gesellschaft zur Verfolgung von Urheberrechtsverletzungen scam:
Die Funktion ihres Computers wurde aufgrund unerlaubter Internethandlungen außer Kraft gesetzt. im Folgenden werden mögliche Verstöße aufgelistet, die von ihnen begangen werden konnten:
Artikel 274- Urheberrechte Eine Ge dstrafe oder Freiheitsstrafe von bis zu 4 Jahren. (Die Benutzung oder Verbreitung von Daten, die urheberrechtich geschützt sind - Ei me, Software( Artikel 263- Pornografie Eine Ge dstrafe oder Freiheitsstrafe von bis zu 2 Jahren. (Die Benutzung oder Verbreitung von pornografischen Daten) Artikel 184 - Kinderpornografie (bis 28 Jahre) Eine Fre-heitsstrafe von b-s zu 15 Jahren (Die Benutzung oder Verbreitung von pornografischen Daten' Artikel 104- Terrorismusförderung Eine Fre-heitsstrafe von b-s zu 25 Jahren (Sie haben Seiten von Terrororganisationen besucht: Artikel 297- Fahrlässige Computernutzung mit schwerwiegenden Konsequenzen Eine Geldstrafe oder Freiheitsstrafe von bis zu 2 Jahren (ihr Computer ist von e-nem Virus infiziert welcher bereits andere Computer infiziert hat) Artikel 108 - Glücksspiel Eine Geldstrafe oder Freiheitsstrafe von bis zu 2 Jahren. (Sie nahmen am Glücksspiel teil, jedoch ist dies entsprechend der Gesetzgebung ihres Landes verboten) in Bezug auf den Regierungsentscheid vom 22 August können alle verstöße bei einer Geldbuße als bedingt angesehen werden. Die Summe der Geldbuße beträgt ic0 Euro. Die Bezahlung muss innerhalb von 48 Stunden nach Kundgabe des verstoßes entrichtet werden. wenn die strafe nicht entrichtet wird, wird automatisch ein Strafverfahren gegen Sie eingeleitet.
...
GVU virus removal:
Step 1
During your computer starting process press F8 key on your keyboard multiple times until Windows Advanced Options menu shows up, then select Safe mode with networking from the list and press ENTER.
Step 2
Log in to the account that is infected with GVU virus. Start your Internet browser and download a legitimate anti-spyware program. Update the anti-spyware software and start a full system scan. Remove all the entries that it detects.
If you can't start your computer in safe mode with networking, try doing a system restore.
1. Start your computer in Safe Mode with Command Prompt - During your computer starting process press F8 key on your keyboard multiple times until Windows Advanced Options menu shows up, then select Safe mode with command prompt from the list and press ENTER.
2. When command prompt mode loads enter the following line: cd restore and press ENTER.
3. Next type this line: rstrui.exe and press ENTER.
4. In the opened window click "Next".
5. Select one of the available restore point and click "Next" (this will restore your computer's system to an earlier time and date, before the ransomware infiltrated your PC).
6. In the opened window click "Yes".
7. After restoring your computer to a previous date download and scan your PC with a recommended anti-spyware software to eliminate any left remnants of GVU virus.
If you can't start your computer in safe mode with networking (or with command prompt) you should boot your computer using a rescue disk. Some variants of ransomware disables safe mode making it's removal more complicated. For this step you will need access to another computer. After removing GVU Gesellschaft zur Verfolgung von Urheberrechtsverletzungen scam from your PC restart your computer and scan it with a legitimate antispyware software to remove any possibly left remnants of this security infection.
Other tools known to remove GVU Gesellschaft zur Verfolgung von Urheberrechtsverletzungen scam:
Some malicious software modifies browser settings and disables downloads of spyware and virus removing software. If you have problems downloading anti-spyware software with Internet Explorer, try downloading with Chrome, FireFox, Opera, etc.
If you can't access Internet:
Load your computer in safe mode. Click Start, click Shut down, click Restart, click OK. During your computer starting process press F8 key on your keyboard multiple times until you see Windows Advanced Option menu, then select Safe mode with networking from the list.
Start Task manager. Press ctrl+alt+del (or ctrl+shift+esc) and end task the processes of rogue program. ( if after this procedure you can't access any programs press ctrl+alt+del, click File, select New Task, and type explorer.exe then press OK.
Open Internet explorer, click Tools and select Internet Options. Select Connections, then click LAN settings, if a Use a proxy server for your LAN is checked, un-check it and press OK.
After this procedure you should be able to access Internet. Now you can download anti-spyware software from our "Top spyware removers" section and run a full scan. Download, install and don't forget to update your selected anti-spyware program.
Manual GVU Gesellschaft zur Verfolgung von Urheberrechtsverletzungen scam removal:
If you were unable to remove GVU Gesellschaft zur Verfolgung von Urheberrechtsverletzungen scam using the steps above, you can use this manual removal instruction. Use it at your own risk. If you don't have strong computer knowledge you could harm your operating system. Be careful and use it only if you are an experienced computer user. (Instructions on how to end processes, remove registry entries...)
End these GVU virus processes:
random.exe
Delete these GVU virus files:
%Temp%\<random>.exe
%StartupFolder%\ctfmon.lnk
Comments
oh and thanks very much, it worked… you’ve saved me a whole lot of trouble. Very easily explained and it’s totally gone from my computer as well as tons of other stuff my former anti-virus program couldn’t