An Garda Siochana Trojan (aka Ireland National Police Service virus) is a ransomware that infects computer systems using Trojans. It changes your Registry to enable itself to perform all actions that it planned. An Garda Siochina locks your computer so you cannot perform any actions – your PC will be completely blocked. You will only see a message telling that you are breaking a law by sharing or watching some adult content videos and that you have to pay a fine so your system would be unlocked. You will be asked to make payment using Ukash or similar pre-paid cards. Never pay any fines by official institutions using any pre-paid systems simply because none of them would ever make you pay anything using this type of payment systems.
This ransomware might be result of several malware families. For some, this malware is easy to remove, and some versions might be tougher. However, in most cases complete system reinstall is not necessary.
You should remove An Garda Siochina virus with no hesitations. It is not related to police in any way and it was only designed to swindle your money away. Here are simple steps that you should take once you noticed this badware on your system:
- Reboot and press F8 while your computer is booting
- Choose safe mode with networking
- Launch MSConfig
- Disable startup items rundll32 launching something from Application Data
- Reboot your system
- Download https://www.2-viruses.com/downloads/spyhunter-i.exe and scan your PC.
If this will not help, use Norton Power Eraser or Avira Boot Scanner to scan your PC from bootable disk.
Automatic Malware removal tools
5 responses to “An Garda Siochana Trojan”
Found easiest way to get round this nasty little thing is to reboot and f8 and choose safe mode,then when windows boots, goto start then go into control panel,then recovery, open system restore and restore comp to an earlier point, i tried all of the other meathods and couldn’t get them to work. hope it helps
When I go onto safe mode I just get a white screw any idea how to get around this?
Mike: Boot into safe mode with command prompt. Run explorer manually. Run regedit, search for winlogon subkey shell. if it references something else than explorer.exe, change it to explorer.exe. http://www.2-viruses.com/remove-gimemo for more information
I am in safe mode with command prompt, I have a white screen with a mouse but do any thing with it o commands work including windows tab and r.
Then you need to boot from alternate os scanner like norton power eraser, etc.