Polisen virus is a fake program, which pretends to belong for an official authority but in reality belongs for a malicious group of viruses. This dangerous group is called 'Ukash' and should be avoided because it seeks only to rip its victims off. Polisen virus is mostly spread in Sweden but you can also get infected with this threat in other countries, that use or understand this language. Besides, you should NOT forget that this ransomware has numerous versions that all apply the same malicious techniques based on a fake alert that uses user's local language (you must have heard about Den Svenska Polisen It-sakerhet Ukash threat). The main reason why scammers have invented Polisen virus is, of course, the money. As soon as it gets inside the system, it locks victim's desktop and displays an alert, which includes Swedish law terms and claims that user has violated various laws. Instead of falling for this seemingly-legitimate alert, you should ignore this notification and remove Polisen virus as soon as possible.
HOW CAN I GET INFECTED WITH POLISEN VIRUS?
There is a huge chance you can get infected with Polisen virus. Typically, this scamware relies on a trojan horse, that hides inside freeware, shareware and other infected downloads. Besides, it can easily get inside after you click on the attachment send through the spam email. Once inside and active, it configures the system and makes itself active every time computer starts. As a result, you can't do anything on your computer and see only a huge alert that belongs for the ransomware. As you can see, this virus is genius in misleading its victims that their online activities have violated various laws and now they have to pay the fine in order to unlock the PC. Instead of paying those 50 euros, you must remove Polisen virus.
HOW CAN I REMOVE POLISEN VIRUS?
If you have been infected by Polisen virus, you must run a full system scan with reputable anti-malware program to fix your computer. However, you may find that you are blocked from getting on the Internet. In order to avoid this issue, follow these options:
* Flash drive method:
1. Take another machine and use it to download Reimage or other reputable anti-malware program.
2. Update the program and put into the USB drive or simple CD.
3. In the meanwhile, reboot your infected machine to Safe Mode with command prompt and stick USB drive in it.
4. Reboot computer infected with Ukash virus once more and run a full system scan.
* Users infected with Ukash viruses are allowed to access other accounts on their Windows systems. If one of such accounts has administrator rights, you should be capable to launch anti-malware program.
* Try to deny the Flash to make your ransomware stop function as intended. In order to disable the Flash, go to Macromedia support and select 'Deny': http://www.macromedia.com/support/documentation/en/flashplayer/help/help09.html. After doing that, run a full system scan with anti-malware program.
* Manual Ukash virus removal (special skills needed!):
- Reboot you infected PC to 'Safe mode with command prompt' to disable Ukash virus (this should be working with all versions of this threat)
- Run Regedit
- Search for WinLogon Entries and write down all the files that are not explorer.exe or blank. Replace them with explorer.exe.
- Search the registry for these files you have written down and delete the registry keys referencing the files.
- Reboot and run a full system scan with updated Reimage to remove remaining virus files.