FacebookTwitterLinkedIn

Abu Dhabi Police GHQ Virus

Also Known As: Abu Dhabi Police Ransomware
Type: Ransomware
Damage level: Severe

Tomas Meskauskas Written by on (updated)

Abu Dhabi Police GHQ virus removal guide

The Abu Dhabi Police GHQ message blocks computer users' screens demanding payment of a $100 (500 AED or 100 Euro) fine using cashU. This is a scam, a ransomware virus created by cyber criminals with the purpose of tricking unsuspecting PC users from the United Arab Emirates into paying a fake fine for alleged law violations.

The deceptive message displayed by this ransomware states that a fine must be paid for watching pornography or using and distributing copyrighted content such as videos, music, software, etc. No international authorities including the Abu Dhabi Police GHQ use computer screen blocking messages to collect fines for any law violations.

Paying this $100 fine is equivalent to sending money to cyber criminals. This particular ransomware virus originates from a family called Urausy and targets PC users from the United Arab Emirates. Note that rogue messages such as these are localized, so that PC users from different countries observe variants of the same message.

Abu Dhabi Police GHQ virus

Ransomware viruses are capable of determining the location of PCs they infiltrate by detecting the system's IP address. These messages are thus presented as if sent by local authorities and translated into the local language. For example, PC users from the USA see this message as if sent by the FBI Cybercrime Division, and computer users from Australia, as if sent from the Australian Federal Police.

A variant of this ransomware virus:

Abu Dhabi Police virus

PC users from the United Arab Emirates should be aware that Abu Dhabi Police GHQ do not send this type of message. It is a scam and should not be trusted. Commonly, ransomware viruses from the Urausy family are proliferated using exploit kits, which are capable of infiltrating users' PCs through detected security vulnerabilities.

The best way to protect your operating system from deceptive screen locking messages is by using legitimate antivirus and anti-spyware software.

Note that keeping your operating system and installed software (Java, Flash, etc.) up-to-date also greatly reduces the risk of infection with ransomware and other malware. If your PC is already infected with the Abu Dhabi Police GHQ virus, use the removal instructions provided to eliminate this scam from your computer.

Abu Dhabi Police GHQ virus removal:

Step 1

Start your computer in Safe Mode. Click Start, click Shut Down, click Restart, click OK. During your computer starting process press the F8 key on your keyboard multiple times until you see the Windows Advanced Option menu, then select Safe Mode with Networking from the list.

Safe Mode with Networking

Video showing how to start Windows 7 in "Safe Mode with Networking":

Step 2

Log in to the account infected with Abu Dhabi Police GHQ virus. Start your Internet browser and download a legitimate anti-spyware program. Update the anti-spyware software and start a full system scan. Remove the entries detected.


If you cannot start your computer in Safe Mode with Networking, try performing a System Restore.

Video showing how to remove a ransomware virus using "Safe Mode with Command Prompt" and "System Restore":

1. During your computer starting process, press the F8 key on your keyboard multiple times until the Windows Advanced Options menu appears, and then select Safe Mode with Command Prompt from the list and press ENTER.

Boot your computer in Safe Mode with Command Prompt

2. When Command Prompt Mode loads, enter the following line: cd restore and press ENTER.

system restore using command prompt type cd restore

3. Next, type this line: rstrui.exe and press ENTER.

system restore using command prompt rstrui.exe

4. In the opened window click "Next".

restore system files and settings

5. Select one of the available Restore Points and click "Next" (this will restore your computer system to an earlier time and date, prior to the ransomware infiltrating your PC).

select a restore point

6. In the opened window click "Yes".

run system restore

7. After restoring your computer to a previous date, download and scan your PC with recommended malware removal software to eliminate any remnants of the Abu Dhabi Police GHQ virus.

If you cannot start your computer in Safe Mode with Networking (or with Command Prompt), boot your computer using a rescue disk. Some variants of ransomware disable Safe Mode, making its removal difficult. For this step, you require access to another computer.

After removing the Abu Dhabi Police GHQ virus from your PC, restart your computer and scan it with legitimate antispyware software to remove any possible remnants of this security infection.

Other tools known to remove the Abu Dhabi Police GHQ virus:

▼ Show Discussion

About the author:

Tomas Meskauskas

Tomas Meskauskas - expert security researcher, professional malware analyst.

I am passionate about computer security and technology. I have an experience of over 10 years working in various companies related to computer technical issue solving and Internet security. I have been working as an author and editor for pcrisk.com since 2010. Follow me on Twitter and LinkedIn to stay informed about the latest online security threats. Contact Tomas Meskauskas.

PCrisk security portal is brought by a company RCS LT. Joined forces of security researchers help educate computer users about the latest online security threats. More information about the company RCS LT.

Our malware removal guides are free. However, if you want to support us you can send us a donation.

About PCrisk

PCrisk is a cyber security portal, informing Internet users about the latest digital threats. Our content is provided by security experts and professional malware researchers. Read more about us.

How to prevent against infection
New Removal Guides
Malware activity

Global malware activity level today:

Medium threat activity

Increased attack rate of infections detected within the last 24 hours.

Top Removal Guides
QR Code
Abu Dhabi Police Ransomware QR code
Scan this QR code to have an easy access removal guide of Abu Dhabi Police Ransomware on your mobile device.
We Recommend:

Get rid of Windows malware infections today:

▼ REMOVE IT NOW
Download Combo Cleaner

Platform: Windows

Editors' Rating for Combo Cleaner:
Editors ratingOutstanding!

[Back to Top]

To use full-featured product, you have to purchase a license for Combo Cleaner. 7 days free trial available. Combo Cleaner is owned and operated by Rcs Lt, the parent company of PCRisk.com read more.