United States Cyber Security virus removal

andy | August 29, 2012

United States Cyber Security is a good organization, however, hackers use its good name for inventing new ways of scaring users and prompting them into wasting their funds for nothing good. So, they created a new ransomware application that bears such a name, this is why we nominated this article as “United States Cyber Security virus removal”.

United States Cyber Security virus

The ransomware described in this post is a fresh one, being distributed in the form or Reveton Trojan. It hijacks the infected PC and then locks the entire screen with a horrifying warning about you allegedly performing certain illegal activities over the Internet, thus violating various articles of the US legislation. No doubt, the information you see is quite a scary one, especially if you don’t know that this is a virus warning instead of a real one. So, the first thing you must understand clearly is that this is a products of the frauds and cyber hackers who want to earn funds by means of deceiving you. In order to unlock the infected PC you must refer to the help of decent security program, however, some other manual steps should also be applied. Remember not to donate any funds in favor of these crooks!!! If you simply reboot your PC this will not help. The scary message will appear eventually. Some other, more serious steps must be undertaken by you in order to prevent this serious threat and to unlock your computer. So, the quicker you eliminate this pest the better will it be for your system.

Below please find the good and working malware removal instructions that will facilitate the removal process of this ransomware. Don’t forget to install the powerful security software that will prevent further attacks, like this one by United States Cyber Security virus. Finally, be careful while you surf the world wide web, it is surely full of malwares, so caution is of utmost importance in the online world today.

Removal milestones:

1. Launch your PC in the safe mode with command prompt.
2. Do the next commands:

  • reg delete hkcuSoftwareMicrosoftWindowsCurrentVersionPoliciesSystem /v DisableRegistryTools /f
  • reg delete hklmSoftwareMicrosoftWindowsCurrentVersionPoliciesSystem /v DisableRegistryTools /f


3. Run the registry editor regedit.exe
4. In the registry editor:

  • remove the parameter NoDesktop from HKCUSoftwareMicrosoftWindowsCurrentVersionPoliciesExplorer

  • remove the parameter DisableTaskMgr from HKCUSoftwareMicrosoftWindowsCurrentVersionPoliciesSystem

  • Set the parameter 0 for HideIcons in HKCUSoftwareMicrosoftWindowsCurrentVersionExplorerAdvanced

  • Set explorer.exe for Shell in HKLMSOFTWAREMicrosoftWindows NTCurrentVersionWinlogon

  • remove the parameter Shell from HKCUSOFTWAREMicrosoftWindows NTCurrentVersionWinlogon

  • find the parameter with the random name in HKCUSoftwareMicrosoftWindowsCurrentVersionRun and copy its name to the clipboard - and search in HKLMSOFTWAREMicrosoftActive SetupInstalled Components


  • If the parameter is found remove the full entry

  • remove the file, indicated in the parameter with the random name. To do this, enter the following combination del /f /q “parameter value” in the command line.

  • remove the parameter with the random name in the registry entries
    HKCUSoftwareMicrosoftWindowsCurrentVersionRun
    HKLMSoftwareMicrosoftWindowsCurrentVersionRun



5. Now restart your PC. Enter the following combination shutdown -r -t 0 in the command line.

If all above-stipulated steps are done the ransomware should be neutralized. Now it is a high time to check your PC for other malicious objects presence, because they can be hidden deeply in the system. Install GridinSoft Trojan Killer and run full scan with it. Make sure to update the program before you run it. Then, when the scan has been completed, remove all infections it finds and reboot your system. If you have difficulties deleting the viruses please contact us via support channels available at this site.

Ransomware automatic remover:

1 Comment

  1. Billy Fung says:

    I had this virus “United States Cyber Security on 27 August. I scanned with Trojan-Killer (updated end of July) and had pick up a file and had been deleted. (may not be the file from Cyber Security). I reboot the laptop and as soon as I join the internet, the Cyber security pop back up and the camera is on.

    Please advise how can I remove the virus while my laptop cannot access to any internet. If I am not trying to connect to internet. The laptop and other program seems to be working fine.

    I bought the Trojan-Killer program back in February. The manually method shown on your website is too complicated and I am afraid I may do something which make it even worse. Please kindly what can I do. Many thanks.

    Billy

2 Trackbacks

Leave a comment

*