Cuerpo Nacional de Policia virus is a ransomware threat that was firstly noticed in March, 2012 and it still continues its misleading activity. It is another, slightly modified version of the similar threats that belong to Ukash virus group and are actively spread all around the world. They are all capable to block the system down and then display a huge alert that looks like it was sent by an official institution, such as Cuerpo Nacional de Policia or other. You must ignore such alert because all what it seeks is to get you out of your money. Note that this virus uses other possible languages, not only Spanish, to trick its victims.
HOW CAN I GET INFECTED WITH Cuerpo Nacional de Policia virus?
Typically, Cuerpo Nacional de Policia virus is distributed by trojan horse that is capable to come inside PC after user gets tricked into opening the infected letter's attachment. Immediately after this infiltration, it hacks the system down and locks the desktop with such alert
CUERPO NACIONAL DE POLICÍA
Su ordenador se ha bloqueado!
El funcionamiento de su ordenador fue interrumpido a causa de indices de ciberactividad desautorizada.
Los delitos posibles cometidos por Lid se indican abajo.
Cláusula 274— Derechos de autor Multa o privación de libertad de hasta 4 anos. (utilización o distribuición de los ficheros protegidos con derechos de autor — peliculas, software]
Cláusula 183 — Productos pornográficos Multa o o privación de libertad de hasta 2 anos. (Utilización o distribuición de los ficheros pornográficos)
Resolución del Gobierno de 22 de agosto se puede considerar todos estos delitos como condicionales con la multa pagada La suma de multa es 100 euros.
El pago debe ser realizado durante 48 horas a partir de revelación de delito.
Si la multa no es pagada, será iniciada la causa penal contra Ud.
tma vez está pagado lo multo su ordenador será desbloqueado.
This threat claims that Spanish police office wants you to pay 100 Euro fine or other amount of money for your illegal activity, like malware distribution, the use of copyrighted content or child pornography. Of course, all these crimes are invented and you should never pay this fine through Ukash or other prepayment system because you will only lose your money. As soon as you see Cuerpo Nacional de Policia alert, you must ignore it and remove trojan from computer immediately. It's critical to do that because this cyber threat may finally damage your computer's system. This virus has nothing in common with the legitimate police office.
HOW CAN I REMOVE Cuerpo Nacional de Policia virus?
In order to remove Cuerpo Nacional de Policia virus, run a full system scan with Reimage, Plumbytes Anti-MalwareWebroot SecureAnywhere AntiVirus or Malwarebytes Anti Malware. If you can't do that because you are locked by its alert, follow these steps to disable your virus that have already been applied by thousands victims of this Spanish threat:
1. Take another machine and use it to download Reimage or other reputable anti-malware program.
2. Update the program and put into the USB drive or simple CD.
3. In the meanwhile, reboot your infected machine to Safe Mode with command prompt and stick USB drive in it.
4. Reboot computer infected with Cuerpo Nacional de Policia virus once more and run a full system scan with anti-malware.
UPDATE: In order to unblock computer and remove Cuerpo Nacional de Policia virus, you can also follow these steps:
* Users infected with Ukash viruses are allowed to access other accounts on their Windows systems. If one of such accounts has administrator rights, you should be capable to launch anti-malware program.
* Try to deny the Flash to make your ransomware stop function as intended. In order to disable the Flash, go to Macromedia support and select 'Deny': http://www.macromedia.com/support/documentation/en/flashplayer/help/help09.html. After doing that, run a full system scan with anti-malware program.
* Manual Ukash virus removal (special skills needed!):
- Reboot you infected PC to 'Safe mode with command prompt' to disable Ukash virus (this should be working with all versions of this threat)
- Run Regedit
- Search for WinLogon Entries and write down all the files that are not explorer.exe or blank. Replace them with explorer.exe.
- Search the registry for these files you have written down and delete the registry keys referencing the files.
- Reboot and run a full system scan with updated Plumbytes Anti-MalwareWebroot SecureAnywhere AntiVirus, Reimage, Malwarebytes Anti Malware or other reputable security tool to remove remaining virus files.