Policijos virusas is a seriously dangerous virus, which belongs to 'ransomware' category. At the moment of writing, it actively spreads in Lithuania, but there is no guarantee that hackers won't try to expand its distribution. Once it infiltrates computer, Policijos virusas locks down the entire PC system and starts showing its fake message that covers entire computer's screen. Just like other ransomware threats, this cyber infection blocks Internet connection and other programs that could help remove it from the system. Basically, this program seeks to convince its victims that they were blocked by a local Police Department for various law violations and have to pay a fine of 300 LTL. Please, never do that because you will lose your money.
How can Policijos virusas infect my computer?
Policijos virusas is mostly spread by trojan horse, which is known as Trojan.RansomLock. This trojan is hidden in various places, such as illegal websites, unlicensed programs, trustworthy-looking emails and similar. Of course, the easiest way to avoid such viruses is to install reputable anti-malware. However, you should also stay away from malicious websites and ignore those emails that belong to unknown senders. If this trojan infiltrates computer, it immediately downloads malicious files that belong to Policijos virusas. After that, victim starts seeing a fake warning, which asks to pay a fine for the use of illegal programs, distribution of viruses, the use of pornographic material and similar invented violations. Please, ignore such alert and remove Policijos virusas from the system.
How to remove Policijos virusas?
If you think that Policijos virusas has infected your computer, you should waste no time and scan it with updated anti-spyware. Remember, no matter that this virus promises that your payment will unblock computer, it's not true. For that, you should scan it with Reimage or Malwarebytes MalwarebytesCombo Cleaner. If you can't reach the Internet because this virus blocks you, follow these instructions:
* Flash drive method:
1. Take another machine and use it to download Reimage or other reputable anti-malware program.
2. Update the program and put into the USB drive or simple CD.
3. In the meanwhile, reboot your infected machine to Safe Mode with command prompt and stick USB drive in it.
4. Reboot computer infected with Ukash virus once more and run a full system scan.
* Users infected with such viruses are allowed to access other accounts on their Windows systems. If one of such accounts has administrator rights, you should be capable to launch anti-malware program.
* Try to deny the Flash to make your ransomware stop function as intended. In order to disable the Flash, go to Macromedia support and select 'Deny': http://www.macromedia.com/support/documentation/en/flashplayer/help/help09.html. After doing that, run a full system scan with anti-malware program.
* Manual virus removal:
- Reboot you infected PC to 'Safe mode with command prompt' to disable Ukash virus (this should be working with all versions of this threat)
- Run Regedit
- Search for WinLogon Entries and write down all the files that are not explorer.exe or blank. Replace them with explorer.exe.
- Search the registry for these files you have written down and delete the registry keys referencing the files.
- Reboot and run a full system scan with updated Reimage to remove remaining virus files.