Polisen Enheten for databrott virus is another ransomware, which is set to attack Norwegian-speaking PC users. It starts its activity as soon as it attacks the system with a help of malicious Trojan horse. Typically to other Ukash parasites, it blocks down the system and covers the entire PC's desktop with a huge alert that is filled with various tricky details, like victim's IP address and location. Don't be surprised after discovering that this fake notification poses as an official alert from some law enforcement agency and claims that you are caught by it for your illegal Internet activities. In reality, Polisen Enheten for databrott is a huge scam that can be safely ignored. You won't be capable to get on the Internet and launch security software when infected with it. For that, you will have to rely on the guide given below.
HOW CAN I GET INFECTED WITH Polisen Enheten for databrott virus?
Polisen Enheten for databrott virus is spread by trojan horse, which gets inside the system via security vulnerabilities found. This trojan typically hides in illegal or hacked sites, freeware, shareware and spam, so stay away from all these things if you want to avoid the threat. As soon as this trojan infiltrates the PC, it locks the whole system down and downloads malware's files that additionally cause the fake alert on user's desktop. Here is this forged notification that must be avoided:
Polisen Enheten for databrott
Detta operativsystem är blockerad på grund av brott mot svensk lag. Fastställt följande brott:
Din IP-adress (removed). Med denna IP-adress var besökta webbplatser som innehåller pornografi, barnpornografi, tidelag, och våld mot barn. Videofiler som innehåller pornografi, våld och inslag av barnpornografi har installerats på dator! Dessutom skickades e-postmeddelanden i form av spam, som innehåller terrorist motiv från din epost adress.
Datorn har blockerats för att stoppa din olaglig verksamhet.
För att låsa upp datorn, du måste betala böter på 100 euro.
You must realize that this alert is only used by internet criminals to scare people into paying a non-existing fine via Ukash, Paysafecard or other prepayment system. Instead of doing that, follow this guide:
HOW TO REMOVE Polisen Enheten for databrott virus?
If your PC is infected with Polisen Enheten for databrott virus or other ransomware from Ukash group, you have to remove malicious files from the system as soon as possible. Sometimes users can't launch their anti-spywares and have to unblock their PCs at first. For that, you can follow these steps: (Note that if you use Windows 8, you may also need this guide: How to start Safe Mode on Windows 8)
Flash drive method:
1. Take another machine and use it to download SpyHunter or other reputable anti-malware program.
2. Update the program and put into the USB drive or simple CD.
3. In the meanwhile, reboot your infected machine to Safe Mode with command prompt and stick USB drive in it.
4. Reboot computer infected with Polisen Enheten for databrott virus once more and run a full system scan.
* Users infected with Polisen Enheten for databrott virus are allowed to access other accounts on their Windows systems. If one of such accounts has administrator rights, you should be capable to launch anti-malware program.
* Try to deny the Flash to make your ransomware stop function as intended. In order to disable the Flash, go to Macromedia support and select 'Deny': http://www.macromedia.com/support/documentation/en/flashplayer/help/help09.html. After doing that, run a full system scan with anti-malware program.
* Manual Polisen Enheten for databrott virus removal:
- Reboot you infected PC to 'Safe mode with command prompt' to disable thisI virus (this should be working with all versions of this threat)
- Run Regedit
- Search for WinLogon Entries and write down all the files that are not explorer.exe or blank. Replace them with explorer.exe.
- Search the registry for these files you have written down and delete the registry keys referencing the files.
- Reboot and run a full system scan with updated SpyHunter to remove remaining files.