Can a laptop really be locked by Interpol Virus? I got a pop up from “Interpol” and it says: The work of your computer has been suspended on the ground of the violation of the Intellectual property law.” I got a pop up saying i have done something illegal by Interpol. My computer has been blocked by Interpol. is this a virus? How to remove Interpol Department of Cybercrime Virus even when its locked? One of our computers has been hijacked with an Interpol virus notice asking for $200 to decrypt computer. How can we remove this? Fortunately, you can fix the issue here.

What is the Interpol Department of Cybercrime Virus?

The Interpol Department of Cybercrime virus, otherwise known as the Interpol Virus for short, is a form of ransomware that effectively freezes computer systems and holds them hostage. This is under the guise of an alarming message claiming to be from the international law enforcement institution Interpol on the users’ screen that claims their system was used for illegal activities. A message prompt will appear generally stating, “Your PC is blocked due to at least one of the reasons specified below.” The potential violations include everything from violating copyright and related rights laws by downloading music, video or software to viewing and distributing child pornography. It may even go so far as to claim that although it may not have been you personally who is guilty of these crimes, the very fact that they occurred on your personal computer makes you guilty of neglectful use of your computer. The Interpol Virus falls into the category of “police” viruses that claim to be from a law enforcement authority and unfortunately the nature of these viruses is to scare the user into doing whatever it takes to not only save their computer but also avoid harsh legal penalties. In this case to unblock your computer and to avoid possible time in jail, the virus informs you that you must pay a large fine using pre-paid methods such as Ukash, PaysafeCard, PayPal or Moneypak. If the user falls for the scam this is money that they will of course never be able to retrieve. Please take an action to get rid of Interpol Department of Cybercrime virus completely.

To save your computer, Live Chat with YooSecurity Expert Now, or you can follow the manual removal guide below to get your problem fixed. (For advanced computer users)

The scam being attempted by the Interpol Virus is bold but it is important to note that it is also incredibly unrealistic. No official legal institution, Interpol included, tracks computer usage with the intent to lock down an individual personal computer and force the user into paying a fine through one of these payment services. Hopefully most users will keep this in mind before panicking and giving in to the scam. If not, another dead giveaway that this is in fact just a virus is that most of the messages are riddled with unprofessional grammatical errors that no professional institution would let slip by.

Interpol Department of Cybercrime Scam Screenshot

Interpol Virus – The work of your computer has been suspended on the ground of the violation of the intellectual property law. You must pay the fine through Ukash of £100 or €100 within 24 hours. – Europe Based

Interpol-Virus

Interpol Virus – The work of your computer has been suspended on the ground of the violation of the intellectual property law. You must pay the fine through Moneypak of $200 within 24 hours. – US Based

Interpol-Virus-US-Based

How does my computer become infected with the Interpol Virus?

The Interpol Department of Cybercrime Virus is not unlike many similar ransomware viruses in that it is often spread through spam e-mails with infected attachments. Of course it can also gain access though fake updates, phony downloads or essentially any malicious site. These types of viruses can even be hidden in what seem to be fairly harmless files or sites throughout the social network, helping it spread quickly between users. Often times they can be quickly detected by antivirus software programs that promptly remove Interpol virus and similar threats but in some cases this does fail. Once the malicious program is on your computer it changes the default settings on your PC and can even disable some of the abilities of an antivirus program so it remains undetected. Even if this is the case there is still hope to unblock your PC and remove Interpol Department of Cybercrime Virus.

How can I manually remove Interpol virus?

By definition, ransomware will not give up its grip on your personal computer so easily. Ransomware like the Interpol virus creates registry entries and files that allow the virus to run as soon as the computer is turned on. No matter how many times you try to reboot your system the same daunting message will remain. To manually remove Interpol Department of Cybercrime virus you will have to kill malicious processes as well as remove the directory files and registry entries that were created by the Interpol virus.

  1. Launch Task Manager (“CTRL + Shift + ESC”)
  2. Select Processes Tab and end the Interpol virus processes
  3. Click on Start menu and open Search Programs and Files
  4. Search for and delete files created by Interpol virus:  %AppData%\random
  5. Go to Windows Start menu and type “Regedit” in the search box to open the Registry Editor
  6. Search for and remove the following registry entries:

HKCU\Software\Microsoft\Windows\CurrentVersion\Run\%AppData%\random

HKCU\Software\Microsoft\Windows\CurrentVersion\InternetSettings\WarnOnHTTPSToHTTPRedirect 0

HKCU\Software\Microsoft\Windows\CurrentVersion\Settings\ID 4

HKCU\Software\Microsoft\Windows\CurrentVersion\Settings\UID [rnd]

HKCU\Software\Microsoft\Windows\CurrentVersion\Settings\net [date of installation]

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\ConsentPromptBehaviorAdmin 0

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\ConsentPromptBehaviorUser 0

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\EnableLUA 0

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AAWTray.exe

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AAWTray.exe\Debugger svchost.exe

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AVCare.exe

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AVCare.exe\Debugger svchost.exe

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AVENGINE.EXE

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AVENGINE.EXE\Debugger svchost.exe

Video Guide On How to Remove the entries Associated with the Interpol Virus

What can I do to protect myself after I remove Interpol Department of Cybercrime virus?

After successfully removing the Interpol virus from your computer it is highly advised to take precautionary steps to avoid future infection by this and all other types of viruses. It is important to be cautious with suspicious-looking e-mails, websites and even update prompts. Do not open attachments or websites sent by unknown sources and always use scrutiny if your computer has prompted you with an update that seems unfamiliar. Of course viruses can be hidden in seemingly harmless files and sent unknowingly from trusted sources so it is recommended that you always have an active and updated antivirus program running on your computer. There are several very effective antivirus programs available on this website that act as the first line of defense against these infections as well as to effectively eliminate any lingering viruses on your PC.

Tips: It is very important to note that the steps to remove Interpol Department of Cybercrime virus are risky. If there are any mistakes made in this process it can result in permanent damage to your personal computer. It is highly recommended that most users utilize walware and spyware removal support such as YooSecurity on this website to avoid any possible harm to their computers.

Published by Michael Myn on October 30, 2012

Leave a Reply