Like most Police Ransomware Trojans, the Cheshire Police Authority Ransomware tries to make the victim believe that they are being processed by the police. The Cheshire Police Authority Ransomware preys on inexperienced computer users' guilt by accusing them of viewing illegal pornographic material, allowing their computer to distribute malware and distributing or dealing with copyrighted content without permission. The Cheshire Police Authority Ransomware message lists penalties of thousands of pounds and years of jail time unless the victim pays a fine of 100 pounds. The scam does not stop at a threatening message; the main problem when dealing with malware like the Cheshire Police Authority Ransomware Trojan is that these kinds of threats lock the victim's computer, preventing the victim from accessing Windows or any files stored on the infected computer. Because of this, these kinds of malware attacks are often referred to as Winlockers.
Classified as a trojan.It is a type of malware that performs activites without the user’s knowledge. These activities commonly include establishing remote access connections, capturing keyboard input, collecting system information, downloading/uploading files, dropping other malware into the infected system, performing denial-of-service (DoS) attacks, and running/terminating processes.
ALIASES: Virus:Win32/Ghostdog.D (Microsoft); W32/GhostDog.d (McAfee); W32.HLLP.GhostDog.D (Symantec); Virus.Win32.HLLP.Ghostdog.d (Kaspersky); ERROR (Sunbelt); Win32/GhostDog.A (AVG) This file infector arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites.
This file infector drops the following files:
%System Root%\GhostDog4.exe
%Windows%\Installer\GhostDog4.msi
A:\GhostDog4.exe
%System%\Ghostdog4.exe
(Note: %System Root% is the root folder, which is usually C:. It is also where the operating system is located.. %Windows% is the Windows folder, which is usually C:\Windows.. %System% is the Windows system folder, which is usually C:\Windows\System32.)
This report is generated via an automated analysis system. Before doing any scans, Windows XP, Windows Vista, and Windows 7 users must disable System Restore to allow full scanning of their computers.
This virus spreads by attaching its code to other files on your PC or network. Some of the infected programs might no longer run correctly. You might need to manually remove this program