> VilmaTech Blog > Remove Virus Asking for Money, Android Virus Removal

Remove Virus Asking for Money, Android Virus Removal

Counterfeit on Computer and Android Phone

New tricks have been played by cyber criminals to recapture trust from PC and Android users across the world. Ransomware now jumps from mechanical damages to browser damages simply due to the fact that more personal and financial activities can be and are finished online. Bigger fish can be located to pay off all the effort to make ransomware like virus.

trustpolice is a newly released version of ransomware. As a matter of fact, U.S.A. Cyber Crime Center virus has been so far found to be the primary interface displayed by such version. Obviously, the virus is not the interface that is displayed. Trojan works inwardly to control the operation. Though the domain http:// looks not as formal as, the new form could confuse victims and make them into submitting $300 just in case is real. Global PC Support Center would like to reiterate hereby that is a virus that is made by cyber criminals for easy money, no enforcement agency will act so. VilmaTech Online Support recommends a complete reading of this article so as to get a general and clear picture of and the damages it arouses. The removal method can be reached at the end. Should there be anything you want to talk to technicians and get instant response, hit the live chat button to start off.

live chat


Harms from Virus to Computer and Android Phone

According to the current situation, it is believed that there are still a part of PC and Android users handing over money to cyber criminals since new version has been funded and realized. Based on the survey, people who finished the money submission only expect the return of significant documents stored on computer/ Android phone. It, again, indicates the importance to back up data regularly. Apart from the insecure online environment stemming from money submission, the information of the payment method will also be recorded. Fortunately, MoneyPak is pre-paid card that no big lost can be created.

Though virus doesn’t cause pivotal harms to system as what previous versions did, it should also make you concerned. Http:// is a vicious domain made by cyber criminals. With BHO technique, manages to load its vicious code into system’s startup section the moment web vulnerability is located by its sniffer. Due to its legitimacy, anti-virus programs will not pick it up as virus. As a consequence, victims get to believe that is genuine.

Right during the process, virus modifies DNS settings to load down additional codes from designated web sites to stop victims from leaving its counterfeit accusation message. That’s why victims can still operate a computer after quitting browsers by force but unable to surf the Internet thereafter. Be noted that the ultimate goal of virus is money. It is capable of making money even if victims do not hand over money by recording the log-in credentials stored in cookies. In other word, if one once finished finance transaction on a target machine, there’s a big chance that money lost would occur.

To regain a computer and the Android system that can surf the Internet and safeguard your online security, it is always recommended to remove virus upon its detection. To do so, some rectifications should be made deep in system configuration manually when anti-virus programs are not able to run the errand. Therefore, certain level of computer skills is required. Android users please get the help directly from VilmaTech experts. In the event of deficient skills, get experienced technician to help out at once.

live chat


Latest Manual Removal Instruction to Remove Virus

The below instruction is for Windows user. The removal guide for Macs is in the end since the guide is much simpler. To remove virus smoothly, it is recommended to carry out the instruction in Safe Mode with Networking where some vicious executable items will be exterminated. Be noted that no executable items should be launched during the removal.

Get into Safe Mode with Networking to access desktop.

Windows 7/Vista/XP

  • Hold the power button on motherboard to restart the infected computer and keep tapping on “F8 key” as the computer is booting but before Windows launches.
  • Use your arrow keys to highlight ‘Safe Mode with Networking’ option in “Windows Advanced Options Menu”.
  •  Press Enter key to get into Safe Mode with Networking.       safe mode with networking

Windows 8

  • Hold the power button on motherboard to restart the infected computer.
  • Hold the Shift button and keep tapping on the F8 key as the computer is booting but before Windows launches.
  • A new screen will be brought up to choose ‘See advanced repair options’ with arrow keys and hit Enter key to continue.                                                                                                           win8 safe mode
  • Select ‘Troubleshoot’ with the same method.                               win8 safe mode1
  • Click on ‘Advanced Options’ to select ‘Windows Startup Settings’ next.win8 safe mode3
  • Hit ‘Restart’ on the lower right hand corner of the screen.

Show hidden items to remove virus and other possible vicious items from local disk.

Windows 8

  • Open Windows Explorer and navigate to View tab.
  • Check the box next to ‘File name extensions’ and ‘Hidden items’ options.
  • Press “OK” button finally to show all hidden items.                                  win8 hidden file

Windows 7/XP/Vista

  • Click Start button to access ‘Control Panel’.
  • Click open user accounts and family safety to access ‘Folder Options’.folder options1
  • Navigate to View tab to tick the box next to ‘Show hidden files and folders and non-tick Hide protected operating system files (Recommended)’.
  • Press “OK” button finally to show all hidden items.

When done, navigate to C:\Windows, C:\Windows\System32\Roaming and C:\Windows\System32\Temp to remove items that are created on the date virus blocks down browsers; steps to arrange files by date:

  • Right click on space to select “Arrange Icons by”.
  • Choose “Modified” then.
  • The documents/icons/files/folders will be placed in orders automatically.

Other files that need to be removed:


Some of virus’s components should be removed from Database.

  • Use Win key and R key to type “regedit” and hit Enter key to bring up Database.
  • Press and hold Ctrl+F to search for Winlogon.
  • Locate key labeled “Shell” in the right pane to right click on it and replace it with ‘explorer.exe’ to help remove virus.change to explorer
  • Remove the following values:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Current Version\Run\random.exe”

Since virus mainly causes browser issue, it is necessary to rectify browser settings.

Internet Explorer
Click on the Tools menu and then select Internet Options to press Restore Defaults button under Advanced tab.

reset IE
Mozilla Firefox
Click on the Firefox button to select  Troubleshooting information from Help options and press ‘Reset Firefox’ button.

Google Chrome

Click  ‘Customize and Control Google Chrome’ menu to select ‘Options’; press ‘Reset to Defaults’ button under ‘Under the Hood’ tab.

reset gg4
Show hidden files and folders to remove Operapref.ini file under “C:\Users\user_name\AppData\Roaming\Opera\Opera\”.

reset opera

For Mac users, the only thing one should do is to reset Safari since nothing has been further developed to affect Mac destructively.

  • Do not quit Safari and go to Safari menu.
  • Choose ‘Reset Safari’ in the drop down list to bring up its window.                                                                                 Reset safari
  • Tick all given options in “Reset Safari” window and press ‘Reset’ to confirm the change.                                                   reset safari1



More steps might have to be undertaken after virus is taken down with the above given instruction as web vulnerability can be easily exploited by various infections. Optimization is recommended to be carried out for sluggish PC performance afterward. Though virus locks down browser only, the problem doesn’t confine to browser, additional remedy should be made to system configuration. Considering the possibility to introduce in additional infections, VilmaTech Online Support would like to remind you of other vicious items that are not necessarily related to virus directly so that complete removal can be achieved without doubt. Stick to the manual instruction and help yourself. Android users please get help from experts here. On the occurrence of unexpected issues, exclusive help will be offered by Global PC Support Center to solve your concrete situation accordingly.

live chat

Comments are closed.

Latest Posts