Infected with POLICJA!!! ransomware? Need to decrypt your files?
What is POLICJA!!! ransomware
POLICJA!!! Ransomware is a cryptovirus, in other words, an extortioner encrypting user files using AES algorithms. It attacks many user files (PDF files, office documents, archives, multimedia files and so on) and makes them unusable for further use, changing its extensions to .##___POLICJA!!!___TEN_PLIK_ZOSTA. First and foremost, it aims to Polish-speaking users, however, according to recent data, it infects computers around the world. After encryption, this creates a special note that pops up when you try to open encrypted files:
Here is the translated text of this note:
WARNING WARNING!!! Here is the provincial police headquarters, the cybersecurity department,
ALL PERSONAL FILES FROM THIS COMPUTER WERE BLOCKED AND PROTECTED,
TO VERIFY LEGALITY OF YOUR FILES !!!
Our system monitoring network security has once again detected the massive proliferation of malicious software or pornographic content involving minors !!!
In Polish law, these are severe crimes for which you are in danger of imprisonment up to 12 years !!! We are aware of the fact that personal files may be necessary for you at any time, which is why we give you a 100% guarantee of unlocking them, but only after paying a fine in BTC (BITCOIN) for the Foundation ** Polsat **!!!
If you do not make the payment within 3 days, all blocked files will be permanently deleted from the disk, Do not turn off the computer before making the payment, because then automatically 1000 files are permanently deleted !!!
It's time to decide... Please send at least $997 to the BTC wallet below:
[random characters]'
Extortionists try to intimidate the user and present what happened as a special operation of information security forces. Attackers have thought of everything, including the timer countdown. They demand payment of 997 dollars in the equivalent of a cryptocurrency, which is approximately 0.16 BTC. In case of non-payment, attackers threaten to destroy all user files. All this is a lie because scammers will send you nothing. We strongly recommend that you use our recommendations to decrypt your files and remove POLICJA!!! Ransomware.
Update: Use following service to identify the version and type of ransomware you were attacked by: ID Ransomware. Also check following website for possible decryptor: Emsisoft Decryptors.
How POLICJA!!! ransomware infected your PC
POLICJA!!! ransomware has many ways of penetrating computers, the main ones of which are unprotected user network settings. Also, most often, it takes the form of attachments and spreads through spam mailing. Many users open an infected email and it starts its malicious activity right away. Do not try to restore your files yourself, so you can make it worse. You need to use paid versions of antivirus and other programs and utilities that can really prevent the penetration of such viruses. If your PC has already been attacked, then use our guide to remove POLICJA!!!.
HitmanPro.Alert with CryptoGuard.
First of all, don’t panic. Follow these easy steps below.
1. Start your computer in Safe Mode with networking. To do that, restart your computer before your system starts hit F8 several times. This will stop system from loading and will show Advanced boot options screen. Choose Safe mode with networking option from the options list using up and down arrows on your keyboard and hit Enter.
2. Log in to the system infected with the POLICJA!!! ransomware virus. Launch your Internet browser and download a reliable anti-malware program and start a full system scan. Once the scan is complete, review scan results and remove all entries detected.
Recommended Solution:
Norton is a powerful removal tool. It can remove all instances of newest viruses, similar to POLICJA!!! ransomware – files, folders, registry keys.
*Trial version of Norton provides detection of computer viruses for FREE. To remove malware, you have to purchase the full version of Norton.
You may find more detailed information about antivirus products in our article – Top 5 Antivirus Software for Windows
Restore your files using shadow copies
- Download and run Stellar Data Recovery.
- Select type of files you want to restore and click Next.
- Select the drive and folder where your files are located and date that you want to restore them from and press Scan.
- Once the scanning process is done, click Recover to restore your files.
Step 2: Remove following files and folders of POLICJA!!! ransomware:
Related connections or other entries:
00:A0:C9:14:C8:29_pwned@gmail.com
1aa5cmqmvQq8YQTEqcTmW7dfBNuFwgdCD
Related files:
POLICJA!!!.exe
How to decrypt files infected by POLICJA!!! ransomware?
You can try to use manual methods to restore and decrypt your files.
Decrypt files manually
Restore the system using System Restore
Although latest versions of POLICJA!!! ransomware remove system restore files, this method may help you partially restore your files. Give it a try and use standard System Restore to revive your data.
- Initiate the search for ‘system restore‘
- Click on the result
- Choose the date before the infection appearance
- Follow the on-screen instructions
Roll the files back to the previous version
Previous versions can be copies of files and folders created by Windows Backup (if it is active) or copies of files and folders created by System Restore. You can use this feature to restore files and folders that you accidentally modified or deleted, or that were damaged. This feature is available in Windows 7 and later versions.
- Right-click the file and choose Properties
- Open the Previous Version tab
- Select the latest version and click Copy
- Click Restore
Protect your computer from ransomware
Most modern antiviruses can protect your PC from ransomware and crypto-trojans, but thousands of people still get infected. There are several programs that use different approach t protect from ransomware and lockers. One of the best is HitmanPro.Alert with CryptoGuard. You may already know HitmanPro as famous cloud-based anti-malware scanner. Check out ultimate active protection software from SurfRight.
Written by Rami Douafi