Police virus has been aggressively spreading around and actively infecting computer users since the end of 2011. If you have also been attacked by this dangerous infection, you will definitely know how malicious this virus is: it not only displays a large alert, which pretends to be from a legitimate organization, but has also been reported to lock its target computers down. This virus claims that the user has been involved into distribution of pornographic material or other copyrighted content, and now, in order to access his desktop and applications, he must first pay a fine. Categorized as ransomware, Police virus has many versions that have all been used for the same aim – to make users pay a ‘fine’ in the form of Ukash, Moneypak or PaySafeCard voucher. However, none of them should be purchased because they fail to unlock computers and remove Police virus from the system.
WHAT ARE THE TYPES OF POLICE VIRUS?
There have been released many different forms of Police virus: you must have heard about IPA virus, PCeU virus, FBI virus, Metropolitan virus, PRS For music Metropolitan Police, Canadian Security Intelligence Service and many others. The latest police virus versions are Metropolitan Police Total Policing, EU Police virus and Virus Bundespolizei that are also targeted at people who could pay a fine for their ‘illegal’ activity. While we haven’t found that these programs are capable to steal your personal information or remove your important data from the target PC, it’s almost impossible to ignore Police virus because of its scary message, which locks computer’s desktop completely. Basically, user is disabled from getting online, reaching Task manager or any other application on his computer.
HOW CAN I GET INFECTED WITH POLICE VIRUS?
Note that Police virus is spread via hacked websites that contain malicious scripts and use security vulnerabilities found on the computer. You can also get infected with this ransomware after opening a spam email, downloading fake video/audio codec, torrent file and other downloads. That’s why it’s highly recommendedmaking sure that your installed security applications are up-to-date, and you are always following safe browsing practices.
HOW CAN I REMOVE POLICE VIRUS?
As you must have already realized, you must unblock your computer first in order to remove Police virus from the system. If you have been infected with this threat, remove the lock from your computer by following these steps:
2. Update the program and put into the USB drive or simple CD.
3. In the meanwhile, reboot your infected machine to Safe Mode with command prompt and stick USB drive in it.
4. Reboot computer infected with Police virus/ransomware once more and run a full system scan.
* Users infected with any of Police viruses are allowed to access other accounts on their Windows systems. If one of such accounts has administrator rights, you should be capable to launch anti-malware program.
* Try to deny the Flash to make your ransomware stop function as intended. In order to disable the Flash, go to Macromedia support and select ‘Deny’: http://www.macromedia.com/support/documentation/en/flashplayer/help/help09.html. After doing that, run a full system scan with anti-malware program.
* Manual Police virus removal (special skills needed!):
- Reboot you infected PC to ‘Safe mode with command prompt’ to disable Police virus (this should be working with all versions of this threat)
- Run Regedit
- Search for WinLogon Entries and write down all the files that are not explorer.exe or blank. Replace them with explorer.exe.
- Search the registry for these files you have written down and delete the registry keys referencing the files.
- Reboot and run a full system scan with updated Reimage to remove remaining files.