Politie Virus is a dangerous cyber threat, a screen locker, that seeks to make users pay the invented fine for their 'illegal' crimes. This threat is designed for Netherlands, so it uses this country's language. Note that there are many other Politie Virus versions (such as Buma Stemra Politie virus) that all belong to a widely-known group of ransomwares, which called Ukash. As soon as they get inside the system, they take over the whole computer's system and lock it down with their misleading alert, which includes the names of governmental organizations, shows victim's IP address and gives the misleading information. It claims something like that: 'Uw computer is vergrendeld'. Instead of falling for Politie Virus or other Ukash virus, keep in mind that they have nothing to do with Netherlands police and must be ignored. You must remove Politie Virus as soon as you start seeing its misleading alert.
HOW CAN I GET INFECTED WITH Politie Virus?
Politie Virus is distributed by trojan horse that takes an advantage of every security vulnerability it finds. Typically, it comes inside the PC together with freeware, shareware, spam emails and other files that have been infected with this trojan. Once inside and active, it starts its activity with this fake alert claiming 'Uw computer is vergrendeld. Illegaal gedownloade muziek stukken'. Typically, to other Ukash threats, it uses the language of the victim (Netherlands in this case) in order to make the user think that he truly has a deal with a local governmental authority. By blocking its victims from getting online and reaching their files, this scam seeks make them pay the fine. We highly recommend not to pay those 50 euros because this won't help you to unlock your machine. If you need the help in this, continue reading the post.
HOW CAN I REMOVE POLITIE VIRUS?
When trying to remove Politie virus, you may find that you are blocked from getting on the Internet and that's the most important thing because you won't be capapble to download anti-malware program and remove infected files from the system. However, if you have the Internet connection on your computer, download Malwarebytes or Reimage that will remove infected files from your computer.If you are blocked, follow these options:
* Flash drive method:
1. Take another machine and use it to download Malwarebytes or other reputable anti-malware program.
2. Update the program and put into the USB drive or simple CD.
3. In the meanwhile, reboot your infected machine to Safe Mode with command prompt and stick USB drive in it.
4. Reboot computer infected with Ukash virus once more and run a full system scan.
* Users infected with Ukash viruses are allowed to access other accounts on their Windows systems. If one of such accounts has administrator rights, you should be capable to launch anti-malware program.
* Try to deny the Flash to make your ransomware stop function as intended. In order to disable the Flash, go to Macromedia support and select 'Deny': http://www.macromedia.com/support/documentation/en/flashplayer/help/help09.html. After doing that, run a full system scan with anti-malware program.
* Manual Ukash virus removal (special skills needed!):
- Reboot you infected PC to 'Safe mode with command prompt' to disable Ukash virus (this should be working with all versions of this threat)
- Run Regedit
- Search for WinLogon Entries and write down all the files that are not explorer.exe or blank. Replace them with explorer.exe.
- Search the registry for these files you have written down and delete the registry keys referencing the files.
- Reboot and run a full system scan with updated Malwarebytes to remove remaining virus files.