Comandancia General de Policia virus - How to remove?

 

What is Comandancia General de Policia virus?

Comandancia General de Policia virus is a ransomware targeting users in Ecuador. This parasite will block the PC and show a fake screen claiming that the police, Unidad de Investigaciones Especiales (UIES) detected some sort of illegal activity. To scare you into paying the ransom, it will stack every offense they can think of: watching pornography, downloading movies illegally or using pirated software. It will warn about huge penalties and will demand a 100 USD ransom to unlock PC.

Usted está acusado de mirar/conservar y/o divulgar los materiales pornográficas del contenido
prohibido (Pornografia infantil / Zoofilia/violación etc.). Usted ha infringido la Declaración mundial
de la lucha contra la divulgación de la pornografia infantil y esta’ acusado de cometer el crimen en
razón al Articulo 161 del Código Penal del República de Ecuador.

El artíonlo 161 del Código Penal del República de Ecuador prevé a titulo de punición la encarcelación
por el plazo desde 5 hasta 11 años.

Además, usted es sospechoso de la violación de la ‘Ley de los derechios de autor y
adyacentes’ (descarga de música pirata, video, soporte lógico sin licencia) y uso y/o divulgación
del contenido defendido por el derecho de autor. Con eso usted es sospechoso de la infracción del Articulo 148 del Código Penal del República de Ecuador.

El artículo 148 dei Código Penal dei República de Ecuador prevé a titulo de punición una multa por la
cantidad desde 150 hasta 550 valores básicos o encaroelación por el plazo desde 3 hasta 7 años.

This message is obviously a fake one. If you break the law in any country, the police would tell you this in person or would use other means to communicate than using ransomwares. However, Comandacia General de Policia might seem legitimate and convincing for some people. Alas paying the ransom in Ukash won’t help to clean your PC.

Special Comandancia General de Policia virus removal guide

If your computer has more than one user account and not all of them are locked, scan whole PC with anti-malware programs, e.g. spyhunter, by logging to the account that is not blocked. This should remove Comandancia General de Policia virus. However, there are cases when there is no user account.

  • Restart your computer;
  • Press F8 while it is still restarting;
  • Choose between safe modes in following order: Safe mode, Safe mode with command prompt

Then follow the guides below:

If your computer runs in Safe mode or Safe mode with networking and you see no blank screen instead of Comandancia General de Policia virus one

  1. Launch MSConfig.
  2. Disable startup items rundll32 turning on any application from Application Data;. Note, that these are typical locations for Comandancia General de Policia virus but some others might be used.
  3. Restart the system once again.
  4. Scan with http://www.2-viruses.com/downloads/spyhunter-i.exe to identify Comandancia General de Policia virus files and delete it.

Here is a video showing how to complete the steps:

If your computer runs in Safe mode with command prompt

  1. Run Regedit.
  2. Search for WinLogon Entries. Write down all files it references that are not explorer.exe or blank. Replace them with explorer.exe.
  3. Search registry for Comandancia General de Policia virus files and delete the registry keys referencing the files.
  4. Try to reboot and scan with Spyhunter.
  5. If this fails, try doing system restore from safe mode with command prompt (rstrui.exe).
  6. If this fails, try running this command “control nusrmgr.cpl”. Create another administrative user, reboot, log in into this user and scan with anti-malware programs like Spyhunter, Malwarebytes.

If none of safe modes could be launched

Hitman Pro USB disk

If you did not succeed using any of the methods above, try scanning PC with a bootable USB or DVD disk. These should be able to remove all versions of Comandancia General de Policia virus, but will not work if your hard drive is encrypted.

For that, we recommend using Hitman Pro Kickstarter USB.

  1. Download Hitman Pro on uninfected PC.
  2. Run Hitman and ask to create Kickstarter USB (option on initial screen).
  3. When USB is ready, reboot infected PC with USB attached and press DEL.
  4. Choose USB as primary boot device.
  5. Boot normally.
  6. Run Hitman Pro and http://www.2-viruses.com/downloads/spyhunter-i.exe . One of these programs should detect and remove malware from your PC.

 

Automatic Comandancia General de Policia virus removal tools

 
  Download Spyhunter for Comandancia General de Policia virus detectionNote: Spyhunter trial provides detection of parasite like Comandancia General de Policia virus and assists in its removal for free. You can remove detected files, processes and registry entries yourself or purchase a full version.
 
 
 
* Support is performed by Callstream.
 
 

Manual Comandancia General de Policia virus removal

 

Important Note: Although it is possible to manually remove Comandancia General de Policia virus, such activity can permanently damage your system if any mistakes are made in the process, as advanced spyware parasites are able to automatically repair themselves if not completely removed. Thus, manual spyware removal is recommended for experienced users only, such as IT specialists or highly qualified system administrators. For other users, we recommend using Spyhunter or other tools found on 2-viruses.com.

Processes:
Files:

It is impossible to list all file names and locations of modern parasites. You can identify remaining parasites, other Comandancia General de Policia virus infected files and get help in Comandancia General de Policia virus removal by using Spyhunter scanner. 

 

Comandancia General de Policia virus screenshots

 
ecuador-police-virus
     
 
 
     
     

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title="" rel=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>