Posted by Dusty Wright on Mar 12, 2013
The U.S. Department of Homeland Security virus is another variation of the MoneyPak Scams that have recently been prevalent. The virus is distributed via a “drive-by download” method that automatically downloads the virus to a victim’s computer without their consent through such channels as malicious websites or even legitimate websites that have been compromised recently. In addition, it can also be distributed via spam email containing infected attachments and/or links to other malicious websites, as well as tricking victims into downloading malicious software that appears to be useful in nature.
Those that are infected with the virus (known as Trojan Urausy) will notice that not only is their computer locked, but victims will also notice a large notification that reads, “This computer has been blocked,” complete with the seal of the U.S. Department of Homeland Security sitting to the left of the notification. The displayed screen will state that the victim must pay a fine of $300 via a Green Dot MoneyPak code. To scare infected victims even further, the virus will also access your the installed webcam and display what is happening in your room, thus providing the illusion that someone in the Department of Homeland Security is watching the victim’s every move.
Operating systems affected by U.S. Department of Homeland Security virus: Windows XP, Windows Vista, Windows 7, and Windows 8.
Article 184. Pornography involving children. Imprisonment for the term of up to 10-15 years (the use or distribution of pornography material.
Article 171. Copyright. Imprisonment for the term of up to 2-5 years (the use or sharing of copyrighted files.
Article 113. The use of unlicensed software. Imprisonment for the term of up to 2 years (The use of unlicensed software).
To unlock the computer you are obliged to pay a fine of $300. You must pay the fine through MoneyPAK. You have 48 hours to pay the fine. If the fine has not been paid, you will become the subject of criminal prosecution without the right to pay the fine. The Department for the Fight Against Cyber activity will confiscate your computer and take You to Court.
The first thing we need to do is to shut the computer down. Make sure the computer is completely off! Once the computer is turned off, we need to turn it back on and boot into Safe Mode with Networking
To do this, press the power button then immediately start tapping the F8 Key on your keyboard.
Within a few seconds, you will notice the Windows Advanced Options Menu. Using your arrow keys to choose the Safe Mode with Networking option, press Enter. (Screenshot provided below)
Safe Mode with Networking will then load a variety of files and drivers, so do not worry as this is perfectly normal. You will then see your account’s user icon. Once you see it, log into your account to view your Windows’ Desktop as normally.
You will now need to open your web browser, and nearly any web browser will suffice: Internet Explorer, Firefox, or Google Chrome for starters.
The easiest way to remove Win 7 Security Cleaner Pro is with Malwarebytes Anti-Malware. This is hands down the easiest and most effective tools available for malware removal (and it doesn’t cost anything to use!)
Install MalwareBytes Anti-Malware as you would any other program. Once the installation process begins, the software may download new definitions and update the program, so give it a few minutes and allow it to update appropriately. Once the updates are completely and you are viewing the following screen below, you are ready to use it:
Select the Full Scan box, then select Scan to begin the scanning for malware. Ensure drive C: is selected, then select Scan once more.
Once the scan is finished, select OK to look at the files then select Show Results.
You will now notice a variety of infected files and registry keys. Ensure the detected objects are selected, then select Remove Selected.
MalwareBytes Anti-Malware will inform you that you must reboot. This is perfectly normal, and will provide the software with the opportunity to remove the infected files.
Your PC will now boot up as normally without the virus infected your machine. Open a few of your regularly-used software and ensure everything is working as normally.
We sincerely hope this guide has helped you. If you fixed your computer using our free guide, we ask that you support us by selecting one of our social share buttons or by commenting on our guide with your feedback below!