Latest version of "Police / Justice Department ransomware" virus, detected on our computer labs at 20/06/2013. As previous versions, the virus lock infected computer and scares computer users that their computer is locked because they violate “Copyright and Related laws” or because they “Distribute Prohibited or Pornographic content” asking them to pay a fee of 200$ (or more) Dollars or Euros to unlock their computer, otherwise the justice or police department comes against them.
As before versions of ransomware virus, the fake warning message seems real because displays your location, your IP Address and your own photo (or video) captured by your webcam.
The infection is caused when the user browses infected internet sites, opens malicious links or mails, or by downloading and installing malicious software on their computer.
The latest version of ransomware virus cannot be removed using the “Safe Mode with Command prompt” method or by booting Windows in “Safe Mode With Command Prompt & System Restore” method, as described at the following older articles: (especially in computers running Windows XP OS)
Previous methods for "Police Virus (Your PC is blocked) removal:
FBI Virus removal Method 1: Safe Mode With Command Prompt.
FBI Virus removal Method 2: Safe Mode With Command Prompt & System Restore
If you want to remove any version of “Police or Justice Department Ransomware virus”, follow the steps below:
How to disinfect and unblock your computer from any version of:
“Police or Justice Department Ransomware virus”:
Step 1. Download and burn “Hiren’s BootCD” into an optical disk.
1. From another computer download “Hiren’s BootCD” .
( Hiren’s BootCD Download page: http://www.hirensbootcd.org/download/
Scroll page down and click on “Hirens.BootCD.15.2.zip” )
2. Right click on “Hirens.BootCD.15.2.zip” file and extract it.
3. From inside “Hirens.BootCD.15.2” folder, find the “Hiren's.BootCD.15.2.ISO” disc Image file and burn it to a CD.
Step 2. Download RogueKiller.
1. From the same (clean) computer download and save "RogueKiller" utility into a USB flash drive.
Notice*: Download version x86 or X64 according the infected operating system’s version if you remember it, otherwise download both versions to your USB flash drive.
Step 3: Boot the infected computer with Hirens.BootCD.
1. Take the CD out from the clean computer and insert it on the infected ‘s computer CDROM drive.
2. Restart (Reset) infected computer and boot from CD/DVD drive (Hiren’s CD).*
Notice*: First make sure that CD/DVD Drive is selected as first boot device from inside BIOS.
3. When the "Hiren’s BootCD” menu appears on your screen, use your keyboard arrows keys to move into the “Mini Windows Xp” option and then press "ENTER"
Step 4. Clean malicious entries (items) from you computer with RogueKiller.
1. Plug the USB drive into the affected computer.
2. From inside “Mini Windows XP” environment, open Windows explorer and from USB drive, find & double click to run RogueKiller.
3. Let the prescan to complete and then press on "Scan" button to perform a full scan.
4. When the full scan is completed, press the "Delete" button to remove all malicious items found from Disk C:\..
5. Close “Rogue Killer” and remove Hiren’s Boot CD from CD/DVD drive.
6. Restart infected computer (normally you should to log on to Windows without lock problems).
7. From inside Windows run “Rogue Killer” again to repeat the scan / cleaning procedure and make sure that all malicious entries are gone. If malicious entries are found delete them immediately.
8. Restart your computer and continue to the next step.
Step 5. Clean your computer from remaining malicious threats.
Download and install one of the most reliable FREE anti malware programs today to clean your computer from remaining malicious threats. If you want to stay constantly protected from malware threats, existing and future ones, we recommend that you install Malwarebytes Anti-Malware PRO:
1. Run "Malwarebytes Anti-Malware" and allow the program to update to it's latest version and malicious database if needed.
2. When the "Malwarebytes Anti-Malware" main window appears on your screen, choose the default scanning option:
"Perform quick scan" and then choose "Scan" and let the program scan your system for threats.
3. When the scanning is completed, press “OK” to close the information message and then press the "Show results" button to view and remove the malicious threats found.
4. At the "Show Results" window check – using your mouse's left button- all the infected objects and then choose the "Remove Selected" option and let the program remove the selected threats.
5. When the removal of infected objects process is complete, "Restart your system to remove all active threats properly"
6. Continue to the next step.
Advice: To ensure your computer is clean and safe, perform a Malwarebytes’ Anti-Malware full scan in windows “Safe mode“.*
*To get into Windows Safe mode, press the “F8” key as your computer is booting up, before the appearance of the Windows logo. When the “Windows Advanced Options Menu” appears on your screen, use your keyboard arrows keys to move to the Safe Mode option and then press “ENTER“.
Step 6. Clean unwanted files and entries.
Use “CCleaner” program and proceed to clean your system from temporary internet files and invalid registry entries.*
*If you don’t how to install and use “CCleaner”, read these instructions.