oandacht!!! In operaasje fan de yllegale aktiviteiten is ûntdutsen. Swiss Confederation. Virus removal gids

1 Star2 Stars3 Stars4 Stars5 Stars (Gjin Wurdearrings Yet)
Loading ...

lately, the new threat has been spreading through the Internet, saying “;oandacht!!! In operaasje fan de yllegale aktiviteiten is ûntdutsen. Swiss Confederation;. This virus threat belongs to the group that gave origin for Metropolitan Police and La Policia Espanola viruses. This message can pop in front of you at any time. It wants you to pay 150 Swiss francs (oer $160). What does it mean? It actually says that users have spread some illegal content inside the web and now they should pay for that. It’;s not only the illegal content but spam as well. Sa, if the person does not pay this money his/her computer’;s every single piece of information will be eliminated within 24 oeren. But the most important part about all this is that this warning message “;oandacht!!! In operaasje fan de yllegale aktiviteiten is ûntdutsen. Schweizerische Eidgenossenschaft”; tries to fool you by asking you to pay. It is completely fake. Do not do anything about it except removing, fansels. If you pay you will just lose your money and nothing else. You still can have your computer in a good state if you follow our instructions. After you’;ve performed our recommendation nothing will be blocked or damaged, so you need to remove this virus at once. You can easily do it with our help. Follow all the steps and soon the problem will be solved.

Ransomware
Ransomware

Important removal milestones:

  1. Restart your system into “;Safe Mode with Command Prompt”;. While the PC is booting press the “;F8 key”; oanienwei, which should present the “;Windows Advanced Options Menu”; lykas presintearre yn de ôfbylding hjirûnder. Apply the arrow keys in order to move to “;Safe Mode with Command Prompt”; en sloech Enter toets fan jo toetseboerd. Login as deselde brûker dy waarden earder oanmeld ûnder de normale Windows modus.
  2. Safe Mode with command prompt
    Safe Mode mei kommando pront
  3. Once Windows Boots súkses, de Windows kommando pront soe ferskine sa't beskreaun oan de skermprint hjirûnder. By de kommando pront, type-in the word “;explorer”;, en druk op Enter. Windows Explorer moat iepen. Asjebleaft net noch slút it. Jo kinne minimalisearje it foar in skoft.
  4. Dêrnei iepenje de Griffy bewurker troch it oanbringen fan deselde Windows kommando pront. Type-in the word “;regedit”; en op Enter drukke knop fan jo toetseboerd. De griffy Editor moat iepen.
  5. Jo witte hoe't it normaal liket, don’;t jo? Goed, hjir is de skermprint derfan:

  6. Fine de neikommende boargerlike stân yngong:

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\

    Yn de rjochterkant-kant panel selektearje de boargerlike stân ynfier neamd Shell. Right click on this registry key and select “;Modify”; opsje. Its default value should be “;Explorer.exe”;. lykwols, the virus did its job, and so after you click “;Modify”; jo soene sjogge folslein oars wearde fan dit register yngong.

  7. Kopiearje de lokaasje fan 'e oanpast wearde fan' e boppeneamde boargerlike stân yngong oan it stikje papier of memorize har lokaasje. It shows where exactly the main executable of this virus is located.
  8. Modify the value of the registry entry back to “;explorer.exe”; en bewarje de ynstellings fan de Boargerlike Stân Editor.
  9. Gean nei it plak oanjûn yn 'e wearde fan oanpast register yngong. Helje de malicous triem. Brûk de triem lokaasje jimme kopiearden yn it stikje papier of oars stelde yn stap yn eardere stap. Yn ús gefal, the virus file was located and running from the Desktop. There was a file called “;contacts.exe”;, mar it kin wol oars (willekeurich) namme.
  10. Get back to “;Normal Mode”;. Om 'e nij opstarte jo PC, doe't by de kommando pront, type-in the following phrase “;shutdown /r /t 0”; (sûnder de quotation marks) en reitsje Enter knop.
  11. It firus moat be gone. lykwols, om te skjin jo PC fan oare mooglike firus bedrigings en malware oerbliuwt, soargje der foar dat yn te laden en rinne GridinSoft Trojan Killer te laden fia de knop hjirûnder.

Assosjearre firus triemmen wurde fuorthelle:

[random].exe

Associated firus registry yngongen wurde fuorthelle:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\"Shell" = "[random].exe"

(besocht 283 kear, 1 wurkbesites hjoed)

Related berjochten:

5 tinzen op & ldquo;oandacht!!! In operaasje fan de yllegale aktiviteiten is ûntdutsen. Swiss Confederation. Virus removal gids& rdquo;

  1. I have had this virus on my computer for over a week…;. annoying! I tried to remove it with the above steps, but when i click on modify, it remains at “;explorer.exe”; so i have no files to delete. Does anyone have an Idea what else i can try??

    thanks so much for your help,
    Nadja

Lit in reaksje efter

*