My Bitdefender
  • 0 Shopping Cart


Bitdefender Tech Assist

Makes things work smoothly. Tech Assist saves you time and energy
and lets you enjoy your computer to the max.

How to remove the “Police-themed” Ransomware

Author: Ioana Bistriceanu



The “Police-themed” ransomware has started making a lot of victims among computer users. When you are infected with this virus, the screen will display a “warning message” about illegal activities that have been undertaken on your computer. The message is of course fake and only shows you that the PC is infected.

How did it get on your system?

Most likely it happened when you accessed a website containing malicious scripts. These can be hidden under the form of:

  • A browser plug-in or extension (typically a toolbar)
  • A multimedia codec required to play a certain video clip
  • Software shared on peer-to-peer networks
  • A free online malware scanning service

The infection will take over the computer within moments. At the next restart, you will notice you are unable to access Windows unless you pay a “ransom”.

There are 2 ways to remove the virus: Use Safe Mode with Networking and disinfect your computer with the Bitdefender Ransomware Removal tool.

  1. Restart the computer in Safe Mode with Networking. If don't know how, please go to the instructions below this video and read the chapter How to restart the computer in Safe Mode with Networkng,
  2. Open your favorite internet browser.
  3. Navigate to the this webpage and download the Bitdefender Ransomware Removal tool:
  4. http://download.bitdefender.com/removal_tools/BDRemoval_Trojan_Ransom_IcePol.exe
  5. Save the file called BDRemoval_Trojan_Ransom_IcePol.exe, to a location of your choice, then run the file by right clicking on it and selecting “Run as administrator”.
  6. Once the Removal Tool opens up click the Start Scan button.
  7. It will start a scanning process which might take a several moments. Once it is complete Bitdefender will display a message informing you that the removal process is complete. When you close this small window the main interface of the removal tool will show how many items were scanned, which items were infected and have been cleaned.

After you complete this process, restart the computer and let it boot up normally. At this point the ransomware infection should be removed and you will be able to regain full control of your computer.

Simply log into your normal user account and run a System Scan with Bitdefender, to ensure that there are no other infected files left on the computer.

These steps apply for infections that will allow you to access the system in Safe Mode with Networking. In case the infection locks the screen in Safe Mode with Networking, you will need to use the second removal method.

Download the Bitdefender Removal Tool onto another computer, then transfer it and run it on the infected system in Safe Mode with Command Prompt. In case you need help for this, please read the chapter Restart the system in Safe Mode with Command Prompt in the instructions posted below this video.

In this diagnostic mode of Windows, the Windows Explorer will not load and it will only display the Command Prompt Window as shown below:

In Command Prompt, after the line C:\Windows\system32>, type explorer.exe and then press Enter to start Windows Explorer.

Please note that in diagnosting mode the system will have limited functionality, and the internet connection won't work.

This is why you will need to access the link for the Bitdefender Ransomware Removal tool from a different computer, and then transfer it to a removable device, for instance a USB memory device.

In order to download the Bitdefender Removal Tool and transfer it to a USB memory device, follow the next steps:

  1. Connect the USB device to a clean computer.
  2. Open your favorite internet browser
  3. Navigate to the following webpage and download the Bitdefender Ransomware Removal tool:
  4. http://download.bitdefender.com/removal_tools/BDRemoval_Trojan_Ransom_IcePol.exe
  5. Save the file named BDRemoval_Trojan_Ransom_IcePol.exe to a location of your choice.
  6. After the download is complete locate the file, right click on it and select Copy.
  7. Browse to the USB device, open it, right click inside the window and select Paste. The file will now be pasted inside the USB device.
  8. To safely remove the USB device from your system, right click on the device shown in Computer/MyComputer and select Eject.

At this point the Bitdefender Ransomware Removal tool is stored on the USB device. Connect the USB device to the infected computer that is in Safe Mode with Command Prompt, then browse to the drive location in Computer/MyComputer. Double click on it to open it and locate the Bitdefender Removal tool.

To start the removal process, follow the next steps:

  1. Run the Bitdefender Removal Tool by right clicking on it and selecting “Run as administrator”.
  2. Once the Removal Tool opens up click the Start Scan button.
  3. It will start a scanning process, which might take a several moments. Once it is complete Bitdefender will display a message informing you that the removal process is complete. When you close the small window, the removal tool lets you know how many items have been scanned, which were the infected items detected and cleaned.

The removal tool will complete the scanning process and remove the infection automatically. Once it finsishes the ransomware infection should be completely removed.

Restart your computer normally and let it boot up in Normal Mode. You should be able to access your user account and access the desktop properly.

In order to ensure that the system is 100% clean, start a System Scan with Bitdefender and allow it the necessary time to fully complete and remove any other potential infections.

We have presented for you 2 methods that will help you remove “Police-themed” ransomware infections. But there are cases when the infection will lock the screen in both Safe Mode with Networking and Safe Mode with Command Prompt. These are new versions of the infection that usually come together with other forms of malware, sometimes much more aggressive.

If this is the case, we strongly recommend that you contact specialized assistance such as your local computer shop or a Tech Assist expert.

When your PC is acting up, call Bitdefender Tech Assist. We are a team of computer experts, always available to give full personal attention to your PC needs. Tech Assist is available 24/7. Just select the service that fits your needs, and our tech geniuses will do all the work via an ultra-secure remote connection. We save you time and energy so you can focus on what's really important for you.


How to restart the system in Safe Mode with Networking using Windows XP, Vista, Windows 7:

  1. Restart the computer;
  2. Press the F8 key several times before Microsoft Windows begins to load; tap the F8 key in 1 second intervals until a text menu will be displayed (the Advanced boot options);
  3. Use the arrows from the keyboard to scroll to "Safe Mode with Networking” and press the Enter key to select it. An example on how Advanced Boot Options with Safe Mode with Networking Selected is displayed below:
  4. Once you have selected Safe Mode with Networking and pressed Enter the computer will boot up into the diagnostic mode.

How to restart the system in Advanced Options - Safe Mode with Networking using Windows 8

  1. Press the Windows key from your keyboard + the C key
  2. A new menu will be displayed in the right part of the screen and from that menu click Settings.
  3. Click Power, hold down Shift on your keyboard and click Restart.
  4. Click Troubleshoot.
  5. Click Advanced options.
  6. Click Startup Settings.
  7. Click Restart.
  8. Press 5 on your keyboard to Enable Safe Mode with Networking. Windows will now start in Safe Mode with Networking.

For more details on how to restart your computer in Safe Mode with Networking for Windows 8, please follow the link below:

http://windows.microsoft.com/en-us/windows-8/windows-startup-settings-including-safe-mode

How to restart the system in Safe Mode with Command Prompt

  1. Restart the computer;
  2. Press the F8 key several times before Microsoft Windows begins to load; tap the F8 key in 1 second intervals until a text menu will be displayed(the Advanced boot options);
  3. Use the arrows from the keyboard to scroll to "Safe Mode with Command Prompt” and press the Enter key to select it. An example on how Advanced Boot Options with Safe Mode with Command Prompt Selected is displayed below:
  4. Once you have selected Safe Mode with Command Prompt and pressed Enter the computer will boot up into the diagnostic mode.