The Guardians of the Peace of Ireland virus removal

Some computers in Ireland are blocked by the Guardians of the Peace of Ireland ransomware (computer infection that locks the desktop of the attacked PC). This virus also attempts to identify itself with Garda (the Irish Police), Interpol, the National Crime Prevention Unit, Europol and Cyber Crime Unit. The fact is that none of these organizations is actually associated with this virus. If you’re concerned about removal of this virus from your computer please continue reading this article as we attempt to explain to you the methods that can be undertaken by you to unlock your infected workstation.

The Guardians of the Peace of Ireland scam

The scary warning supposedly coming the Guardians of the Peace of Ireland is the ransomware of Urausy family which is localized to target many other countries of the world. The peculiarity of this particular infection attacking Ireland is that it even uses the photo of the president of Ireland Michael D. Higgins (Mícheál D. Ó hUiginn). The sad fact is that even the PC of the Irish president may be attacked by this malware sample. So, if you’ve encountered this scam on your system which has replaced your entire desktop background with its scary contents, you must realize that this is not a real warning from Michael Higgins or the Guardians of the Peace of Ireland agency.

The primary message expressed by the Guardians of the Peace of Ireland virus is this – ‘Attention! Your computer has been blocked up for safety reasons listed below’. This malware is very instrumental in its attempts to accuse users of committing various crimes. Please find the quotation from the text of this ransomware:

Garda
The Guardians of the Peace of Ireland
The National Crime Prevention Unit
Attention! Your computer has been blocked up for safety reasons listed below.

You are accused of viewing/storage and/or dissemination of banned pornography (child pornography/zoophilia/rape etc). You have violated World Declaration on non-proliferation of child pornography. You are accused of committing the crime envisaged by Article 161 of Ireland criminal law.
Article 161 of Ireland criminal law provides for the punishment of deprivation of liberty for terms from 5 to 11 years.
Also, you are suspected of violation of “Copyright and Related rights Law” (downloading of pirated music, video, warez) and of use and/or dissemination of copyrighted content. Thus, you are suspected of violation of Article 148 of Ireland criminal law.
Article 148 of Ireland criminal law provides for the punishment of deprivation of liberty for terms from 3 to 7 years or 150 to 550 basic amounts fine.
It was from your computer, that unauthorized access had been stolen to information of State importance and to data closed for public Internet access.
Unauthorized access could have been arranged by yourself purposely on mercenary motives, or without your knowledge and consent, provided your computer could have been affected by malware. Consequently, you are suspected – until the investigation is held – of innocent infringement of Article 215 of Ireland criminal law (“Law on negligent and reckless disregard of computers and computer aids”).
Article 215 of Ireland criminal law provides for the punishment of deprivation of liberty for terms from 5 to 8 years and/or up to €100.000 Euro fine.
Further, after information of your personal computer was examined, it was found out that your personal computer had been regularly used for bulk-spamming, either arranged by yourself purposely on mercenary motives, or without your knowledge and consent, provided your computer could have been affected by malware. Bulk-spamming is a way to disseminate malware of banned pornography. Consequently, you are suspected – until the investigation is held – of innocent infringement of Article 301 of Ireland criminal law (“On bulk-spamming and malware (virus) dissemination”).
Article 301 of Ireland criminal law provides for the punishment of deprivation of liberty for term up to 5 years, and up to €250.000 Euro fine.
Please, mind that both your personal identities and location are well identified, and criminal case can be opened against you in course of 96 hours as of commission of crimes per above Articles. Criminal case can be submitted to court.
However, pursuant to Amendments to Ireland criminal law dated July 10, 2013, and according to Declaration on Human Rights, your disregard of law may be interpreted as unintended (if you had no incidents before) and no arraignment will follow. However, it is a matter of whether you have paid the fine to the Treasury (to the effect of initiatives aimed at protection of cyberspace).
The penalty set must be paid in course of 48 hours as of the breach. On expiration of the term, 48 hours that follow will be used for automatic collection of data on yourself and your misconduct, and criminal case will be opened against you.
Amount of fine is €100 Euro.
You can pay a fine PaySafeCard or Ukash vouchers.
As soon as the money arrives to the Treasury account, your computer will be unblocked in course of 24 hours.
Then in 7 day term you should remedy the breaches associated with your computer. Otherwise, your computer will be blocked up again and criminal case will be opened against youself (with no option to pay fine).
Please mind, that you should enter only verified passs of vouchers and abstain from caching out of vouchers once used for fine payment. If erroneous passs were entered, or if attempt was made to cancel vouchers after transaction, then, apart from above breaches, you will be charged with fraud (Article 377 of Ireland criminal law; 1 to 3 years of imprisonment) and criminal case will be opened.

Paying the fine in amount of 100 Euro is a serious mistake. The malware instructs you to do it through payment systems like Ukash or Paysafecard. Some users think that this virus is the product of these two payment organizations. In reality this is not so. The scam is the product of cyber hackers who want to become richer through deceiving simple users. Instead of obeying the commands of virus makers please rather refer to our guidelines below that will assist you in effective removal of this scareware from your computer.

Recommended ransomware removal solution:

  1. Restart your computer into Safe Mode with Networking. To do it, keep hitting F8 key repeatedly, before Windows OS starts booting.
  2. Select your operating system and the account that got locked with ransomware.
  3. When Windows launches in Safe Mode with Networking, use “Win + R” hotkey combination to open Windows Explorer.
  4. In the address line insert the text “https://www.system-tips.net/download.php
  5. Click “OK”.
  6. Download, install, update and run Plumbytes Anti-Malware.
  7. Malware removal tool
  8. Scan your computer with Anti-Malware and remove all detected threats.
  9. Restart your computer.
  10. Share this information with your friends on Facebook and other social networks.

Similar removal video at YouTube:

So, we do recommend you to try the above method initially. Then, if it does not work, try these other guides below. It is probable that these other methods will be effective solutions to fix your problem. If this information has been helpful to you please share it with other friends of yours.

Alternative removal guides to remove ransomware from your computer:

  1. Ransomware removal in Safe Mode with Networking – https://www.system-tips.net/ransomware-removal-in-safe-mode-with-networking/
  2. Removal of ransomware that modifies “Shell” registry entry – https://www.system-tips.net/remove-ransomware-that-modifies-shell-registry-entry/
  3. Removal of ransomware that replaces explorer.exe file – https://www.system-tips.net/ransomware-that-replaces-explorer-exe-file-guide-to-unlock/

Optional ransomware removal through System Restore:

https://www.system-tips.net/how-to-unlock-computer-though-system-restore-restore-point/

Optional similar virus removal video guide (through System Restore method):

Important! If the above-mentioned guidelines didn’t help you unlock your PC, use this guide as a final solution – http://www.bleepingcomputer.com/virus-removal/remove-your-computer-has-been-locked-ransomware

Leave a Comment

Your email address will not be published. Required fields are marked *