Strathclyde Police Virus
Also Known As: Strachclyde Police Ransomware, Type: Ransomware, Distribution: Moderate
Damage level: Severe
Written by Tomas Meskauskas on
Strathclyde Police virus - how to remove it and unlock your PC?
What is Strathclyde Police?
Strathclyde Police computer screen locker is a ransomware PC infection created by Cyber criminals. Like its previous versions, this screen locker is developed with the sole purpose of tricking unsuspecting PC users into paying a bogus fine for watching pornography, etc. Do not pay this fine, it is a scam. If you pay this fine you will send your money to Cyber criminals and your computer will remain blocked. Internet criminals who designed this scam have slightly changed the design and deceptive message.
Whilst most other ransomware infections threaten a Criminal Code 'deprivation of liberty' for the supposed law infringement, the Strathclyde Police ransomware states that if you ignore the message, the supposedly illegal material, plus all information stored on your PC, could be removed. Do not trust this message, it is a scam. No authority, including the Strathclyde Police, collect fines using screen lockers. It is relatively easy to identify that this message is fake, since by reading the deceptive text, there are many grammar and style mistakes.
Strathclyde Police ransomware is distributed using Trojans and drive-by downloads. Cyber criminals use malicious websites to proliferate their screen lockers. If your PC is infected with this type of ransomware, you will be unable to access your desktop, and the best way of dealing with the message is to eliminate it from your computer. Follow the steps in this removal guide to remove the Strathclyde Police scam from your PC.
A fake message shown by the Strathclyde Police ransomware:
Strathclyde Police. Metropolitan Police. New Scotland Yard.
Attention!!! The process of illegal activity is detected. According to UK law and Metropolitan Police Service and Strathclyde Police investigation your computer is locked! The following violation is detected: your IP-address ... Forbidden websites containing pornography, child pornography, Sodomy and called violence against children on, violent material toward people were visited from this IP-address!
Moreover and e-mail spam was sent you're your computer, e-mails containing terrorist materials. This locking serves to stop your illegal activity.
To release a lock your computer you should pay the fine in amount of 100 pounds. In the case of ignoring the payment, the program will remove illegal materials while keeping your personal information is not guaranteed.
You could pay the forfeit in two ways:
1. Paying through Ukash
2. Paying through paysafecard
- What is Strathclyde Police?
- STEP 1. "Strathclyde Police" virus removal using safe mode with networking.
- STEP 2. "Strathclyde Police" ransomware removal using safe mode with command prompt.
Strathclyde Police virus removal:
Start your computer in Safe Mode. Click Start, click Shut Down, click Restart, click OK. During your computer starting process press the F8 key on your keyboard multiple times until you see the Windows Advanced Option menu, then select Safe Mode with Networking from the list.
Video showing how to start Windows 7 in "Safe Mode with Networking":
Log in to the account infected with Strathclyde Police ransomware. Start your Internet browser and download a legitimate anti-spyware program. Update the anti-spyware software and start a full system scan. Remove all entries detected.
After completing these steps, your computer should be clean. Reboot your computer in Normal Mode.
Alternative Strathclyde Police ransomware removal guide:
If this ransomware blocks your screen when you start your computer in Safe Mode with Networking, try starting your PC in Safe Mode with Command Prompt.
1. During your computer starting process, press the F8 key on your keyboard multiple times until the Windows Advanced Options menu appears, and then select Safe Mode with Command Prompt from the list and press ENTER.
2. In the opened Command Prompt, type explorer and press Enter. This command will open the Explorer window - do not close it and continue to the next step.
3. In the Command Prompt, type regedit and press Enter. This will open the Registry Editor window.
4. In the Registry Editor window, navigate to HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\
5. In the right side of the window, locate "Shell" and right click on it. Click on Modify. The default value in the Data column is Explorer.exe - if you see something else displayed in this window, remove it and type Explorer.exe (take a note of whatever else was displayed in the Data column - this is the path of the rogue execution file). Use this information to navigate to the rogue executable and remove it.
6. Restart your computer, download and install legitimate anti-spyware software and perform a full system scan to eliminate any remnants of Strathclyde Police ransomware.
If you cannot start your computer in Safe Mode with Networking (or with Command Prompt), boot your computer using a rescue disk. Some variants of ransomware disable Safe Mode, making its removal more complicated. For this step, you need access to another computer. After removing Strathclyde Police ransomware from your PC, restart your computer and scan it with legitimate antispyware software to remove any possible remnants of this security infection.
Anti-spyware programs known to detect and remove Strathclyde Police ransomware: