Police Cybercrime Investigation Department virus is another ransomware, which is set to attack Canadian PC users and swindle their money. For that, it blocks the entire system and shows a scam message claiming that the user is disabled due to various law violations, such as the use of copyrighted content and the distribution of pornography. Additionally, this scam message claims that the system will be unblocked only after paying the fine of 100 CAD. Before you fall for this misleading story, keep in mind one thing: no matter that this message appears to belong for Police Cybercrime Investigation Department, in reality there is no such governmental authority, which blocks the system and asks to make a payment. You must remove Police Cybercrime Investigation Department virus as soon as possible.
HOW CAN I GET INFECTED WITH POLICE CYBERCRIME INVESTIGATION DEPARTMENT VIRUS?
Similarly to Cybercrime Investigation Department virus, Police Cybercrime Investigation Department virus is usually spread by trojan horses that come inside together with freeware/shapreware/spm emails and similar downloads. However, the most popular way to get infected with this scam is to click on a fake update for Adobe Flash Player. Once this ransomware gets inside the system, it displays such alert:
Police Cybercrime Investigation Department
All activity of this computer has been recorded
If you use a webcam , videos and pictures were saved for identification
Your computer has been locked!
The work of your computer has been suspended on the grounds of unauthorized cyberactivity.
Described below are possible violations, you have made: Article 274 – Copyright
A fine or imprisonment for the term of up to d years (The use or sharing of copyrighted files – movies, software)
A fine or imprisonment for the term of up to 2 years (You have been gambling, but according to the lav/ residents of the your country are not allowed gambling in any format)
in connection v/ith the decision of the Government as of August 22, all of the violations described above could be considered as conditional in case of payment of a fine.
Amount of the fine is 100 CAD. Payment must be made within 48 hours after the discovery of the violation. If the fine has not been paid, you will become the subject of criminal prosecution.
After paying the fine your computer will be unblocked
Please, ignore this message and never pay the fine because you will only lose your money! As we have already said, governmental authorities don't use such methods for punishing people. We highly recommend to remove Police Cybercrime Investigation Department virus ASAP.
HOW CAN I REMOVE POLICE CYBERCRIME INVESTIGATION DEPARTMENT VIRUS?
When trying to remove Police Cybercrime Investigation Department virus, you may find that your PC is completely blocked and you can't do anything about it. Try restoring your computer's date to the previous time in order to unblock the system. If this doesn't help, follow these steps:
* Users infected with Ukash viruses are allowed to access other accounts on their Windows systems. If one of such accounts has administrator rights, you should be capable to launch anti-malware program.
* Try to deny the Flash to make your ransomware stop function as intended. In order to disable the Flash, go to Macromedia support and select 'Deny': http://www.macromedia.com/support/documentation/en/flashplayer/help/help09.html. After doing that, run a full system scan with anti-malware program.
* Manual Ukash virus removal:
- Reboot you infected PC to 'Safe mode with command prompt' to disable Ukash virus (this should be working with all versions of this threat)
- Run Regedit
- Search for WinLogon Entries and write down all the files that are not explorer.exe or blank. Replace them with explorer.exe.
- Search the registry for these files you have written down and delete the registry keys referencing the files.
- Reboot and run a full system scan with updated Reimage to remove remaining virus files.
* Flash Drive method:
- Take another computer and download Malwarebytes MalwarebytesCombo Cleaner, Reimage or other reputable anti-malware program with it.
- Update the program and put it into your USB drive or simply burn a CD disk.
- While the CD burns or USB drive get's the information, reboot your infected machine to Safe Mode with Command Prompt (by pressing F8 on boot) and then stick the prepared USB drive or put the CD disk in it.
- Reboot the infected computer once more and run a full system scan with the program you downloaded.