Canadian Police Association Virus is a ransomware that blocks an infected computer completely. After an attack monitor displays an officially looking screen with Canadian Police emblem. The message is supposed to be from this governmental institution and is a warning informing about a breach of laws. A computer user is charged with illegal usage and distribution of copyrighted content (such as music, videos or other types of files), software and even child pornography. Furthermore, one can see a webcam window informing that your videos as well as photos were sent to the remote server for identification of a computer user. Canadian Police Association Virus states that in order to remove the charges and to unblock a computer one must pay the fine:
What should I do?
According to “Information Security and Control Act 2012″, you are required to pay a fine of 100 Canadian dollars. For the convenience of paying the fine we provide a payment gateway for Ukash or PaySafeCard vouchers. You need to buy voucher for sum of 100 Canadian dollars and enter the 19 or 16 digit code written on the voucher the secure payment form, then press “OK” button to send the code.
Similar to Canadian Police Association Virus scheme of taking away peoples’ money is being used for a list of scams, such as FBI virus, West Yorkshire Police virus, Ukash virus, etc. Some of them target computers worldwide; others are local versions of the virus. Even though media keeps informing about this type of scam and that one should not pay the money, there still are computer users that become victims of cyber criminals. Due to huge amounts of money involved, Canadian Police Association Virus is being distributed aggressively. Such means as malicious websites, corrupted freeware or shareware are being used.
To remove Canadian Police Association Virus you should choose one of the methods depending on the ransomware version you have:
- Restart your computer; press F8 while it is restarting;
- Choose safe mode with networking;
- Launch MSConfig;
- Disable startup items rundll32 turning on any application from Application Data;
- Restart the system once again.
- Scan with https://www.2-viruses.com/downloads/spyhunter-i.exe to identify file and delete it.
Method II (suitable for PCs with disabled safe modes by the virus):
- Use a short gap before a blocking screen shows up to run anti-malware programs.
- Reboot normally.
- Enter http://2-viruses.com/downloads/spyhunter-i.exe . If malware is loaded, just press alt+tab once and keep entering the string blindly. Press Enter.
- Press Alt+tab and then R couple times. The Canadian Police Association Virus process should be killed.
Automatic Malware removal tools