Are you getting a fake warning which has locked your computer saying that ” Your computer is blocked due to at least one of the reasons specified below ” ? Have you realized this is just a scam that is designed to rip you off? Users must ignore this warning and take immediate measure to get rid of such dangerous threat to prevent the computer from damage.
Cybercrime Investigation Department virus is a newly-released Ransomware that is used to attack computer users from Canada. It uses the same trick like Canadian security intelligence service virus and Royal Canadian Mounted Police (RCMP) Ransomwareby blocking users from accessing desktop and showing scary warning to mislead users into paying a fine so as to steal money from the victims. Mainly, the computer users require this horrible virus by clicking malicious code or distribute unsafe advertising pop-ups, visiting pornographic website or downloading attachment from spam emails. Once successfully installed, a disaster will begin soon.
Being classified as a Ransomware, this virus poses a huge risk for an infected machine because of its fraudulent expectations to steal unaware users’ money. At the first beginning, it shows its malicious attack by locking users’ computers immediately every time when Windows starts. However, users should never be panic by this situation since this Cybercrime Investigation Department alert is just a scam. It claims the users have been violating Copyright and Related Rights Law (Video, Music, Software) and illegally using or distributing copyrighted content, thus infringing Article 128 of the Criminal Code of Canada or viewing or distributing prohibited Pornographic content like Child Porn/Zoofilia and etc. Besides, this tricky malware threatens users with jail time or erasure of valuable data stored on the system, so a complete crash and wipe out. Even worse, it says if you don’t sent the fine within 72 hours, you will be sent to the prison. With such scare tactic, criminal aims to extort money from innocent users. No matter how trusty it looks like, users should never hand over your money to the crinimal since this is only a dangerous threat compromises your computer. Even if you pay for it, nothing will be different. Instead, you will soon experience money loss or possible identify theft, also your computer will be still locked after you entered the so called “code”. This warning has is not related to Cybercrime Investigation Department. Thus, once you received this fake message, the first thing you need to do is to ignore what it says and quickly take measure to get rid of it completely to avoid further damage.
It will take control of your computer rapidly once it is downloaded.
It will pretend as a legit warning and ask for a ransom.
It can connect to a remote IRC server and forward the data to cybercriminals without a computer user’s awareness.
It can’t be simply uninstalled or removed in control panel.
Since the virus can block your antivirus programs to stop them from running even lock your PC entirely, under such circumstance, manual removal is required to handle with the virus. This manual removal guide is for advanced computer users to follow. If you are not 100% confident of what you will have to do, it’s suggested to get help from experts.
Please do a system backup before you start to delete Cybercrime Investigation Department virus manually.
1. Restart your PC before windows launches, tap “F8” constantly. Choose“Safe Mode with Networking” option, and then press Enter key.
2. Press Ctrl+Alt+Del keys together and stop the Ransomware processes in the Windows Task Manager.
Random.exe
3. Delete associated files from your PC completely as follows:
%AllUsersProfile%\Application Data\~
%AllUsersProfile%\Application Data\~r
%AllUsersProfile%\Application Data\.dll
4. Search for all related registry entries infected by this dangerous virus and wipe them out:
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\{random}
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Settings “net
5. Reboot the computer to normal mode when the above steps are done.
In conclusion:
Cybercrime Investigation Department Virus is undoubtedly a huge risk for all the compromised computers. Although it is not real, it also can damage the computer beyond your imagination. It may drop malicious files and folders in your computer, notably reducing your PC performance. In some case, it may lock your important files so that you can’t access them forever if the virus still remains. Hence, it is suggested users to uninstall this Ransomware as quickly as possible.
Published by on August 17, 2012 4:45 pm, last updated on March 3, 2014 3:33 am
Leave a Reply
You must be logged in to post a comment.