Confédération Suisse Ransomware

The Confédération Suisse Ransomware is a police Winlocker that criminals use to trick computer users into paying a fake police fine. Confédération Suisse Ransomware targets computers with an IP address located in Switzerland. To do this, the Confédération Suisse Ransomware uses a threatening message that appears to come from the Swiss police force. Confédération Suisse Ransomware also includes fake logos for Swiss organizations and uses a threatening message written in German and targeted directly to a Swiss audience. The Confédération Suisse Ransomware is part of a well known scam that consists of displaying a threatening message on the victim's computer in order to convince the victim to send money to the police ransomware developers. The sternly worded message lists infractions such as viewing child pornography or dealing with illegally copied software and then threatens the victim with jail time unless a substantial fine is paid using an online money transfer service. ESG malware researchers advise computer users to ignore the Confédération Suisse Ransomware message and treat this threat as any other malware infection.

To take over your computer, the Confédération Suisse Ransomware Winlocker uses malicious components that block access to the Windows Desktop, files, Start Menu, Task Manager and other critically important components. Once the victim is locked out from their own computer, the Confédération Suisse Ransomware displays a full screen message threatening the victim with police action. Vicious variants of Confédération Suisse Ransomware can even block system restore and Safe Mode, making it nearly impossible to control the infected computer without the help of an external drive or boot disk.

The main difficulty involved in a Confédération Suisse Ransomware is bypassing the Winlocker in order to run your security software. Safe Mode is usually the first alternative, preferably with a Command Prompt in order to gain access to the Windows Registry Editor directly. ESG security researchers advise using an alternate boot method is Safe Mode fails to bypass the Confédération Suisse Ransomware. Once you have access to your desktop, a strong anti-malware program should take care of the Confédération Suisse Ransomware by removing its associated files and reverting the harmful changes Confédération Suisse Ransomware makes to the Windows Registry.