Have you ever heard about Svensk National Bureau of Investigation Virus? When you are downloading or installing something into the computer, a page suddenly pops up showing the fearsome words in red: VIKTIGT! Din dator blev blockerad av säkerhetsskäl. Detaljer ansivas? Is the page really from the Svensk National Bureau of Investigation (IT-relaterade brott) or a scam? Is it possible to get your computer back without paying the SEK 1000 fine? Please have a look at this post to know more.
Svensk National Bureau of Investigation Virus is a new ransomware which is able to lock the computer and ask the computer user to pay a fine amounting to SEK 1000 via PaySafeCard or Ukash. Residents in Sweden are the targets of the virus. There some other viruses that have the same symptoms including Centre for Critical Infrastructure Protection Virus, Police Judiciaire Fédérale Virus and Guardians of the Peace of Ireland Virus.
Usually, you may have the computer infected with it if you visit some malicious websites or legitimate websites that have been taken controlled of by the cyber criminals, open the infected attachments from spam emails or click on links that can point you to download the virus directly. Besides, the cyber criminals may trick the computer users into thinking that they are downloading useful components for a legitimate program. For example, cyber criminals can put the virus into a fake update for Adobe Flash Player. Once the Svensk National Bureau of Investigation Virus has finished its infiltration into the computer, it will pop up a page saying VIKTIGT! Din dator blev blockerad av säkerhetsskäl. Detaljer ansivas and claim that it is from Svensk National Bureau of Investigation (IT-relaterade brott) to scare you. It also says you have violated laws and lists some articles of laws you supposedly have violated (watching pornographic videos, using pirated copies of music or video files etc.). Actually, all the things in the virus page cannot be trusted because it is created by cyber criminals instead of any Sweden government institution. You shall know that there is no government institution that collects fines by locking your computer. If you pay, the money will be acquired by the cyber criminals. Your computer will still be locked and there is no way to get the money back.
The virus is so powerful that it can occupy the whole computer. Most computer users don’t know how to bypass the lock screen to access the computer system. Antivirus programs also cannot block its attack and even could be disabled by it. But please don’t be frustrated, manual removal can get rid of it thoroughly.
Victim said: My husband was on the Internet earlier and he stumbled into the lock down screen. He wasn’t even watching porn or doing anything illegal!!! It said he had to pay SEK 1000 and then the computer would be unlocked. Well he paid it and now we found out this was a scam. His computer is still locked. What do we do and how can we get our SEK 1000 back ?? Help..
This is a tricky virus that can escape from all kinds of antivirus programs. It may get into your computer via the following ways:
Open spam email and click the strange links attached or download the attachment which contains the virus.
Visit malicious websites or click on unknown links.
Download or install some free applications and movies from hacked sources.
1. Access Safe Mode with Networking
Restart your computer, immediately, quickly and repeatedly hit F8 key before the Windows start-up screen shows. Select “Safe Mode with Networking”, and then press Enter key.
2. End the Virus Processes
Press Ctrl+Alt+Del keys together and end the virus processes in the Processes tab of Windows Task Manager.
Random.exe (The names of the virus processes may be different all the time)
3. Show Hidden Files
(1). Click on the Start button and then on Control Panel
(2). Click on the Appearance and Personalization link
(3). Click on the Folder Options link
(4). Click on the View tab in the Folder Options window
(5). Choose the Show hidden files, folders, and drives under the Hidden files and folders category
(6). Click OK at the bottom of the Folder Options window.
4. Delete Virus Files
(1). Delete the related registry entries to this virus through Registry Edit
Guides to open registry editor: Click “Start” menu, hit “Run”, then type “regedit”, click “OK”
While the Registry Editor is open, search and delete the following registry entries listed below:
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\[RANDOM CHARACTERS].exe
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Random
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\run\Random.exe
(2). Find out and remove the associated files of this virus.
%AllUsersProfile%\random.exe
%Temp%\random.exe
%AllUsersProfile%\Application Data\.dll HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Random “.exe”
5. Restart the Computer to Normal Mode after the above Steps are Done.
In a word, Svensk National Bureau of Investigation Virus is indeed a scam that is designed by the cyber criminals. It specially targets computer users in Sweden. By making full use of security vulnerabilities, the virus can attack computer furtively. It pretends to be a message sent by Svensk National Bureau of Investigation (IT-relaterade brott) to scare you and trick you into paying money. Please realize that it is a virus. If you encounter the virus, you shall remove it as soon as possible instead of paying the SEK 1000 fine.
If you have no idea of how to do that, please contact experts from YooCare Online Tech Support for further help.
Published by & last updated on July 31, 2013 10:58 am
Leave a Reply
You must be logged in to post a comment.