United States Courts virus - How to remove?
United States Courts virus is a ransomware application that gets into random computers and tries to makes its users pay a fine pretending that this fine has been imposed by police. The program comes inside systems secretly with a help of Trojan viruses so it is impossible to track it straight away. Once inside, United States Courts virus blocks your PC completely and displays a message in the middle of a computer screen saying that you have violated the law because of illegally downloading various files (MP3’s, Movies, Software) from the Internet.
The program tells you to pay a fine of 300 dollars through GreenDot MoneyPak payment system in order to avoid other legal consequences. It claims that after that your system will be unblocked. This is just how United States Courts virus collects the money. In fact it has nothing to do with legal institutions. Computer hackers are using the name of US courts illegally, just to scare their victims. Have a look at its message and never trust it:
United States Courts
YOUR COMPUTER HAS BEEN LOCKED
Criminal Case NO. 4:12CV072011
Illegally downloaded material (MP3′s, Movies or Software) has been located on your computer.
By downloading or uploading, those files have been reproduced, thereby involving a criminal offense under 17 U.S.C.A. SS506(a) and 18 USCA SS2319 (2)(A)(B).
(a) Whoever violates section 506(a) (relating to criminal offenses) of title 17 shall be punished as provided in subsection (b) of this section and such penalties shall be in addition to any other provisions of the title 17 or any other law. (b) Any person who commits an offense under subsection (a) of this section–
(2) shall be fined not more than $250,000 or imprisoned for not more than two years, or both, if the offense:
(A) involves the reproduction of distribution, during any one-hundred-and-eighty-day period, or more than one ten but less than one hundred phono records or copies infringing the copyright in one of more sound recordings;
(B) involves the reproduction or distribution, during any one-hundred-and-eighty-day period, of more than two but less than sixty-five copies infringing the copyright in one or more motion pictures or other audiovisual works.
As you see the text looks very convincing and creates the feeling you are really in trouble. Despite how reliable the message looks like, you should never trust it. Pay attention to these few details that will help you to determine that it is a scam. The message asks you to make a payment using pre-paid card system. This is completely impossible that US Courts would accept the fines paid through such system. What is more, you are given only 48 hours to make a payment saying that after this time the possibility of making the payment will expire. Since nobody wants to risk and have any problems with police, many users pay this fake fine straight away.
You should have no doubt and remove United States Courts virus as soon as you detect it on your system instead of trusting it. Choose one of the following methods and eliminate this badware immediately.
Method I – using unaffected user’s account
If you have more than one user’s account and at least one of them is not infected, login to it and scan your computer with Spyhunter. United States Courts virus will be removed and other users’ accounts unblocked.
Method II – using System Restore
- Press and hold F8 while it is restarting in order to select safe mode with a Command prompt.
- At the command prompt, type cd restore, and then press enter.
- Type rstrui.exe and press enter (for Windows Vista, 7 and 8, you should type : C:\windows\system32\rstrui.exe; for Windows XP – C:\windows\system32\restore\rstrui.exe).
- When the System Restore starts, select a restore point previous to this infection. Do not forget to scan your computer with Spyhunter for the malicious files to be removed.
Method III – using Safe Mode or Safe Mode with Networking
- Restart your computer. Press F8 while it is restarting.
- Choose safe mode or safe mode with networking.
- Launch MSConfig.
- Disable startup items rundll32 turning on any application from Application Data. Please note, that other locations can be also used.
- Restart the system once again.
- Scan with http://www.2-viruses.com/downloads/spyhunter-i.exe. It should detect and delete United States Courts virus. Watch a video guide of a similar virus illustrating the steps above:
Method IV – using Safe Mode with Command Prompt
- Restart your computer choosing Safe Mode with Command Prompt.
- Run Regedit.
- Search for WinLogon Entries. Write down all files it references that are not explorer.exe or blank. Replace them with explorer.exe.
- Search registry for United States Courts virus files and delete the registry keys referencing the files.
- Try to reboot and scan with Spyhunter. Here’s a video guide that illustrates the removal of a similar virus: