The Police virus is a term for dangerous cryptoviruses and malware categorized as ransomware that restricts access to computer systems and mobile devices that it infects by using a full screen page or internet browser window that fraudulently claims to be from the Police (relating to geographical location). The screen or browser window usually states that the computer was used illegally, and therefor the owner must pay a fine using Ukash vouchers, MoneyPak cards, and other online currency services. The Police virus and other forms of ransomware are dangerous computer viruses that are not associated with the actual Police or government which it claims to derive from. Paying the penalty fine will not remove the Police virus and may actually cause further complications. The police virus may also encrypt personal files on a computer system and hold them for ransom.

There are many forms of Police viruses that relate to specific geographical locations, for instance a popular virus is the Police Central e-crime unit virus that infiltrates computer systems in European countries disguised as the Metropolitan police and other policing departments and is part of the reveton and Weelsof family of ransomware.

Common Police viruses (Ransomware)

• Malta Police virus
• Australian Police virus
• Canadian Police virus
• Interpol virus
• UK Police virus
• International Police Association virus

Police viruses and ransomware such as the FBI virus we discovered in 2012, are especially dangerous and considered a severe-form of malware because of actions that can take place and tactics used to defraud individuals. Police viruses make claims that may seem realistic, though some claims made by the computer virus are outlandish. The lock-screen pages displayed and promoted by Police viruses often represent the template of the actual organization or department. The details described on the fake Police virus lock-screen page often claim that the computer was used illegally, including the download and distribution of illegal content, such as general media related content that violates Copyright Laws, child pornography, zoophillia, and more. The Police virus may also claim that the computer was neglected. Generic content found on common police virus screen-lock windows is detailed below and will vary per  country and infection:

Your computer has been locked!

Technical details:
Involved IP address: 
Involved host name: <computer 's host name>
Source or intermediary sites:

You have been violating Copyright and Related Rights Law (Video, Music, Software) and illegally using or distributing copyrighted content, thus infringing Article 128 of the Criminal Code of Great Britain.

Article 208 of the Criminal Code provides for a fine up to E 100,000 and/or a deprivation of liberty for four to nine years.

How does the Police virus infect a computer?

The Police virus and other forms of ransomware infiltrate computer systems by utilizing specific trojan horses and exploit kits. The malicious payloads that may initiate a computer to become infected with Police ransomware are often hidden in email attachments, compromised websites, and can be obtained by visiting drive-by-download websites. Furthermore, the Police virus can be contracted by downloading free items online including freeware, shareware, codecs, and torrents.

How to remove Police virus (Removal Instructions)

1. Download and install the free or full version of Malwarebytes Anti-Malware.

2. Open Malwarebytes Anti-Malware.

3. Click the large Scan Now button or visit the “Scan” tab to scan your computer for Police virus malware and malicious files.

4. Once the scan is complete, click the Quarantine All button to remove the files and restart your computer.

User accounts

Ransomware usually infects 1 user account on Windows systems at a time. Here are some tips to remove ransomware by using different user accounts.

1. Log into an account not affected by malware (with administrative rights) and perform a scan with reputable software to detect and remove malware.
2. You can also delete the infected account.
3. Other options include creating a new user account to remove malware if only 1 Window’s user account is present on the computer system.

Internet/network issues

Safe Mode With Networking can be used to access the Internet for updates, drivers, removal software, or other files if internet and network connectivity is compromised.