Dansk Rigspolitiet Virus
Written by Tomas Meskauskas on (updated)
What is Dansk Rigspolitiet?
The Dansk Rigspolitiet, Koncern IT message, "OBS! Computeren er blevet blokeret af sikkerhedsmæssige årsager anført nedenfor", blocks computer screens and demands payment of a DKK 1000 fine using PaySafeCard or Ukash for alleged law violations, such as watching child pornography, using pirated copies of music and video files, etc.
This is a scam. The message is not sent by Dansk Rigspolitiet, it is a ransomware virus developed by cyber criminals. The screen-blocking message makes fake accusations of law violations in order to trick unsuspecting PC users from Denmark into paying a bogus fine. Note that paying this fine is equivalent to sending your money to cyber criminals.
This message is not related to any legitimate authorities and is a consequence of a computer security infection. PC users from Denmark should be aware that no authorities or organizations, internationally, employ screen-blocking messages to collect fines for any law infringements.
This particular ransomware virus exploits the names of the Danish authorities "Politi" and "Dansk Rigspolitiet", however, other known variants of this scam target PC users from different countries and exploit the names of the Svensk National Bureau of Investigation, Poliisihallituksen, and many others.
Such localization of fake messages is possible since ransomware viruses have IP address detection capabilities. By using the IP address information, cyber criminals present victims from different countries with localized variants of their fake messages.
If your computer screen is blocked with a message supposedly sent by Dansk Rigspolitiet, and requesting payment of 1000 DKK in order to unblock your system, your computer is infected with a ransomware virus. Do not trust this message or pay the fine - it is a scam.
A variant of this ransomware virus, Dansk Politi "Computeren er låst af Politiet", originates from a family called Revoyem (DirtyDecrypt). Note that at time of writing, no known tools are available to decrypt files encrypted by this ransomware virus.
Update 2015/02/05 - Cyber criminals have updated the design of Dansk Rigspolitiet ransomware virus:
The Dansk Rigspolitiet ransomware virus originates from a family called Urausy. Cyber criminals responsible for creating this scam use Ukash or paysafecard pre-paid card services to collect the bogus fines. Furthermore, they implement a fake 48-hour countdown timer in order to create a sense or urgency.
The fake message states that unless the fine is paid within 48 hours, a criminal case will be opened. Common sources of ransomware viruses are infected email messages, malicious websites, and drive-by downloads.
To protect your computer from ransomware viruses, users should keep their operating system and installed programs (Flash, Java, etc.) up-to-date, since ransomware viruses are proliferated using 'exploit kits', which infiltrate users' computers via any security vulnerabilities detected within out-dated software.
To remain safe online, PC users should also use legitimate antivirus and anti-spyware programs. If your PC is already infected with Dansk Rigspolitiet ransomware, do not pay the fine - use this removal guide to eliminate the scam from your computer.
A fake message presented by the Dansk Rigspolitiet ransomware virus:
DANSK RIGSPOLITIET Koncern IT.
OBS! Computeren er blevet blokeret af sikkerhedsmæssige årsager anført nedenfor.
Du er anklaget for visning/lagring og/eller spredning af forbudte pornografi (børnepornografi/ dyresex/voldtægt osv). Du har overtrådt World Declaration om ikke-spredning af børnepornografi. Du er anklaget for at begå forbrydelsen omhandlet i artikelt61 i strafferet af Kongeriget Danmark.
Artikel 161 i strafferet af Kongeriget Danmark indeholder bestemmelser om straf for frihedsstraf fra 5 til 11 år.
Også, er du mistænkt for overtrædelse af "ophavsret og beslægtede rettigheder Lou" (downloading af piratkopieret musik, video) og anvendelse og/eller udbredelse af ophavsretligt beskyttet indhold. Således er du mistænkt for overtrædelse af artikel 148 i strafferet af Kongeriget Danmark.
Artikel 148 i strafferet af Kongeriget Danmark indeholder bestemmelser om straf for frihedsstraf fra 3 til 7 år eller 150-550 grundbeløb bøder. Det var fra din computer, at uautoriseret adgang til information om statens betydning og data lukket for offentlig adgang var blevet stjålet fra.
Uautoriseret adgang kunne have været arrangeret af dig selv om lejesoldat motiver. Eller uden din viden og samtykke, kunne din computer have været påvirket af malware. Derfor er du mistanket af uskyldigt overtrædelse af artikel 215 i strafferet af Kongeriget Danmark Flov om uagtsom og hensynsløs tilsidesættelse af computere og hjælpemidler") indtil undersøgelsen er holdt.
Artikel 215 i strafferet af Kongeriget Danmark indeholder bestemmelser om straf for frihedsstraf fra 5 til 8 år, og/eller op til DKK 1.500.000 danske kroner bøde.
Endvidere efter blev oplysninger om din personlige computer undersøgt. blev det konstateret, at din personlige computer havde været benyttet for bulk-spamming, enten arrangeret af dig selv om lejesoldat motiver, eller uden din viden og samtykke. hvis din computer kunne have været ramt af malware. Bulk-spamming er en måde at sprede malware over forbudte pornografi. Derfor er du mistanken af uskyldigt overtrædelse af artikel 301 i strafferet af Kongeriget Danmark ("Om bulk-spamming og malware (virus) spredning") indtil undersøgelsen er holdt.
Artikel 301 i strafferet af Kongeriget Danmark indeholder bestemmelser om straf for frihedsstraf op til 5 år og op til DKK 3.000.000 danske kroner bøde. Vær venligst opmærksom at både dine personlige identiteter og placering er godt identificeret, og straffesag kan åbnes i løbet af 96 timer som provision forbrydelser for ovenstående artikler. Straffesag kan sendes til retten.
I henhold til Ændringer til strafferet af Kongeriget Danmark dateret Juli 10, 2013, og i henhold til erklæringen om menneskerettigheder, kan din foragt for loven fortolkes som utilsigtede (hvis du begik ingen overtrædelse af loven før) og ingen arraignment vil følge. Men det er et spørgsmål om, hvorvidt du har betalt bøden til statskassen (til effekten af initiativer til beskyttelse af cyberspace).
Straffen sæt skal betales på 48 timer. På udløbet af 48 timer, vil der følge automatisk indsamling af data om dig og din forseelse, og straffesag vil blive åbnet imod dig. Mængden af bøden er DKK 1000 danske kroner. Du kan betale bøden med værdikuponer PaySafeCard eller Ukash. Så snart pengene ankommer til statskassen konto, vil din computer blive frigivet i løbet af 24 timer.
Derefter i 7 dage sigt, bør du afhjælpe overtrædelserne som er forbundet med computeren. Ellers vil din computer blive blokeret igen og straffesag mod dig vil blive indledt (med ingen mulighed for at betale bøden).
Vær venligst opmærksom, at du skal kun indtaste verificerede koder af værdikuponer og afstå fra caching af værdikuponer allerede brugt til bøde betaling. Hvis forkerete koder blev indtastet, eller hvis forsøg blev gjort for at annullere værdikuponer efter transaktionen, vil du blive sigtet for bedrageri (artikel 377 i strafferet af Kongeriget Danmark; 1 til 3 års fængsel), og straffesag vil blive åbnet.
Instant automatic malware removal:
Manual threat removal might be a lengthy and complicated process that requires advanced IT skills. Combo Cleaner is a professional automatic malware removal tool that is recommended to get rid of malware. Download it by clicking the button below:
▼ DOWNLOAD Combo Cleaner
By downloading any software listed on this website you agree to our Privacy Policy and Terms of Use. To use full-featured product, you have to purchase a license for Combo Cleaner. 7 days free trial available. Combo Cleaner is owned and operated by Rcs Lt, the parent company of PCRisk.com read more.
Quick menu:
- What is Dansk Rigspolitiet?
- STEP 1. "Dansk Rigspolitiet" virus removal using safe mode with networking.
- STEP 2. "Dansk Rigspolitiet" ransomware removal using System Restore.
Dansk Rigspolitiet ransomware virus removal:
Step 1
Windows XP and Windows 7 users: Start your computer in Safe Mode. Click Start, click Shut Down, click Restart, click OK. During your computer starting process press the F8 key on your keyboard multiple times until you see the Windows Advanced Option menu, then select Safe Mode with Networking from the list.
Video showing how to start Windows 7 in "Safe Mode with Networking":
Windows 8 users: Go to the Windows 8 Start Screen, type Advanced, in the search results select Settings. Click on Advanced Startup options, in the opened "General PC Settings" window select Advanced Startup. Click on the "Restart now" button. Your computer will now restart into "Advanced Startup options menu".
Click on the "Troubleshoot" button, then click on "Advanced options" button. In the advanced option screen click on "Startup settings". Click on the "Restart" button. Your PC will restart into the Startup Settings screen. Press "5" to boot in Safe Mode with Networking.
Video showing how to start Windows 8 in "Safe Mode with Networking":
Step 2
Log in to the account infected with the Dansk Rigspolitiet ransomware virus. Start your Internet browser and download a legitimate anti-spyware program. Update the anti-spyware software and start a full system scan. Remove all entries detected.
If you cannot start your computer in Safe Mode with Networking, try performing a System Restore.
Video showing how to remove ransomware virus using "Safe Mode with Command Prompt" and "System Restore":
1. During your computer starting process, press the F8 key on your keyboard multiple times until the Windows Advanced Options menu appears, and then select Safe Mode with Command Prompt from the list and press ENTER.
2. When Command Prompt Mode loads, enter the following line: cd restore and press ENTER.
3. Next, type this line: rstrui.exe and press ENTER.
4. In the opened window click "Next".
5. Select one of the available Restore Points and click "Next" (this will restore your computer system to an earlier time and date, prior to the ransomware virus infiltrating your PC).
6. In the opened window click "Yes".
7. After restoring your computer to a previous date, download and scan your PC with recommended malware removal software to eliminate any remnants of the Dansk Rigspolitiet ransomware virus.
If you cannot start your computer in Safe Mode with Networking (or with Command Prompt), boot your computer using a rescue disk. Some variants of ransomware disable Safe Mode making its removal complicated. For this step, you require access to another computer.
After removing the Dansk Rigspolitiet ransomware virus from your PC, restart your computer and scan it with legitimate antispyware software to remove any possible remnants of this security infection.
Other tools known to remove the Dansk Rigspolitiet ransomware virus:
▼ Show Discussion