FacebookTwitterLinkedIn

Federal Department of Justice and Police Virus

Also Known As: Federal Department of Justice Ransomware
Damage level: Severe

Federal Department of Justice and Police virus - how to unlock your computer?

What is Federal Department of Justice and Police?

The Federal Department of Justice and Police "Achtung! Ein Vorgang illegaler Aktivitaten wurde erkannt" message is a scam that blocks computer users' screens, demanding payment of a bogus 150 CHF fine for allegedly watching and distributing pornography. This message appears as if sent from Schweizerische Eidgenossenschaft Conferation Suisse Confederazione Svizzera Confederaziun svizra, whilst in fact Swiss authorities have no connection with this deceptive message. This is a ransomware infection which attempts to scare unsuspecting PC users into paying a bogus fine. This screen locker originates from a family of ransomware called Adneukine and targets PC users predominantly from Switzerland.

Federal Department of Justice and Police Virus

This fake message is one of many variants created by cyber criminals. Other known variants target different countries and exploit the names and graphics of local authorities. For example, this particular ransomware infection on a computer located in Germany would appear in German as if being sent by GVU. This localization is achieved by the ransomware's ability to identify computer IP addresses. Whatever variant that appears, you should not pay any fines in order to unblock your computer - it is a scam. No international authorities, including Switzerland's police, use messages which lock users' systems in order to collect fines for any law violations.

Federal Department of Justice and Police ransomware is distributed by exploiting security vulnerabilities within users' computers. Cyber criminals exploit Flash, Java, and other software security holes, thus infiltrating personal computers with malicious code capable of downloading and executing this type of ransomware infection. Do not pay the fine as demanded by the message - you will send your money to cyber criminals and your computer will remain infected. The best way to deal with this ransomware infection is to eliminate it from your computer.

A fake message displayed by the Federal Department of Justice and Police virus:

Achtung! Ein Vorgang illegaler Aktivitaten wurde erkannt. Das Betriebssystem wurde im Zusammenhang mit Verstell en gegen die Gesetze der Schweiz gesperrt! Es wurde folgender Verstell festgestellt: Ihre IP Adresse lautet mit dieser IP wurden Seiten mit pornographischen Inhalten, Kinderpornographie, Sodomie und Gewalt gegen Kinder aufgerufen Auf Ihrem Computer wurden ebenfalls Videodateien mit pornographischen Inhalten, Elementen von Gewalt und Kinderpornografie festgekeilt! Es wurden auch Emails in Form von Spam, mit terroristischen Hintergrunden, verschickt. Diese Sperre des Computers dient dazu, Aktivitaten zu unterbinden. Um die Sperre des Computers aufzuheben, sind Sie dazu verdichtet eine Strafe von CHF 150 zu zahlen. Die Zahlung ist innerhalb von 24 Stunden zu leisten. Suite der Eingang der Zahlung in der vorgegebenen Zeit nicht erfolgen, so wird Ihre Festplatte unwiderruflich formatiert (gelöscht). Die Zahlung per Paysafecard begleichen: Dazu geben Sie bitte den erworbenen Code in das Zahlungsfeld ein und drücken Sie anschliessend auf OK (haben Sie mehrere Codes, so geben Sie Diese einfach nacheinander ein und drücken Sie anschiessend auf OK) Paysafecard via SMS auf dein Handy! Mit der neuen SMS Funktion Kannst du sehne], Spontan und bequem Deine paysafecard kaufen! Egal welcher Tarif - Egal welches Angebot -ob Prepaid Handy oder Handy mit Abo -Vertrag-paysafecard funktioniert Auf alen Mobilfunkgeraten, De SMS empfangen oder versenden können.

Instant automatic malware removal: Manual threat removal might be a lengthy and complicated process that requires advanced IT skills. Combo Cleaner is a professional automatic malware removal tool that is recommended to get rid of malware. Download it by clicking the button below:
▼ DOWNLOAD Combo Cleaner By downloading any software listed on this website you agree to our Privacy Policy and Terms of Use. To use full-featured product, you have to purchase a license for Combo Cleaner. 7 days free trial available. Combo Cleaner is owned and operated by Rcs Lt, the parent company of PCRisk.com read more.

Quick menu:

Federal Department of Justice and Police virus removal:

Step 1

Start your computer in Safe Mode. Click Start, click Shut Down, click Restart, click OK. During your computer starting process press the F8 key on your keyboard multiple times until you see the Windows Advanced Option menu, then select Safe Mode with Networking from the list.

alt

Video showing how to start Windows 7 in "Safe Mode with Networking":

Step 2

Log in to the account infected with the Federal Department of Justice and Police virus. Start your Internet browser and download a legitimate anti-spyware program. Update the anti-spyware software and start a full system scan. Remove all entries detected.


After completing these steps your computer should be clean. Reboot your computer in Normal Mode.

Alternative Federal Department of Justice and Police virus removal guide:

If this ransomware blocks your screen when you start your computer in Safe Mode with Networking, try starting your PC in Safe Mode with Command Prompt.

1. During your computer starting process, press the F8 key on your keyboard multiple times until the Windows Advanced Options menu appears, and then select Safe Mode with Command Prompt from the list and press ENTER.

win 7 safe mode with command prompt

2. In the opened Command Prompt, type explorer and press Enter. This command will open the Explorer window - do not close it and continue to the next step.

3. In the Command Prompt, type regedit and press Enter. This will open the Registry Editor window.

4. In the Registry Editor window, navigate to HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\

registy editor winlogon

5. In the right side of the window, locate "Shell" and right click on it. Click on Modify. The default value in the Data column is Explorer.exe - if you see something else displayed in this window, remove it and type Explorer.exe (take a note of whatever else was displayed in the Data column - this is the path of the rogue execution file). Use this information to navigate to the rogue executable and remove it.

6. Restart your computer, download and install legitimate anti-spyware software and perform a full system scan to eliminate any remnants of Federal Department of Justice and Police virus.

If you cannot start your computer in Safe Mode with Networking (or with Command Prompt), boot your computer using a rescue disk. Some variants of ransomware disable Safe Mode, making its removal more complicated. For this step, you need access to another computer. After removing the Federal Department of Justice and Police virus from your PC, restart your computer and scan it with legitimate antispyware software to remove any possible remnants of this security infection.

Other tools known to remove the Federal Department of Justice and Police virus:

▼ Show Discussion

About the author:

Tomas Meskauskas

Tomas Meskauskas - expert security researcher, professional malware analyst.

I am passionate about computer security and technology. I have an experience of over 10 years working in various companies related to computer technical issue solving and Internet security. I have been working as an author and editor for pcrisk.com since 2010. Follow me on Twitter and LinkedIn to stay informed about the latest online security threats. Contact Tomas Meskauskas.

PCrisk security portal is brought by a company RCS LT. Joined forces of security researchers help educate computer users about the latest online security threats. More information about the company RCS LT.

Our malware removal guides are free. However, if you want to support us you can send us a donation.

About PCrisk

PCrisk is a cyber security portal, informing Internet users about the latest digital threats. Our content is provided by security experts and professional malware researchers. Read more about us.

Malware activity

Global malware activity level today:

Medium threat activity

Increased attack rate of infections detected within the last 24 hours.

QR Code
Federal Department of Justice Ransomware QR code
Scan this QR code to have an easy access removal guide of Federal Department of Justice Ransomware on your mobile device.
We Recommend:

Get rid of Windows malware infections today:

▼ REMOVE IT NOW
Download Combo Cleaner

Platform: Windows

Editors' Rating for Combo Cleaner:
Editors ratingOutstanding!

[Back to Top]

To use full-featured product, you have to purchase a license for Combo Cleaner. 7 days free trial available. Combo Cleaner is owned and operated by Rcs Lt, the parent company of PCRisk.com read more.