Remove FormalPolice.org virus (Removal Guide)

Photo of author

Written by: Stelian Pilici

Published on:

FormalPolice.org is a malicious domain which locks Internet Explorer, Firefox and Google Chrome, then asks their owners to pay fines for allegedly violating several laws through their online activity. FormalPolice.org is basically just  a web page containing a malicious javascript that does not allow you to close the browser window or switch to a different web page.
[Image: FormalPolice.org virus]
The FormalPolice.org virus will display a bogus notification that pretends to be from your local law enforcement agency (Examples: FBI, Department of Justice, Royal Canadian Mounted Police, Australian Federal Police, Police Central e-crime Unit) and states that your computer has been blocked due to it being involved with the distribution of pornographic material, spam and copyrighted content.
It goes on to say that you need to pay a ransom of 300$ in order to get access to your files and computer again. In order to pay this ransom you need purchase a MoneyPak voucher and submit it in the web browser. The malware’s authors prefer these payment services because transactions made through them cannot be reversed and are hard to trace.
Furthermore, to make this alert seem more authentic, FormalPolice.org also has the ability to access your installed webcam, so that the bogus alert shows what is happening in the room.

If your computer is infected with the FormalPolice.org browser hijacker, this infection will display a localized webpage that covers the entire web browser of the infected computer and demands payment for the supposed possession of illicit material. The message displayed by this ransomware infection can be localized depending on the user’s location, with text written in the appropriate language.
[Image: FormalPolice.org browser virus]
The text of the popup that is displayed when you try to close the browser window is:
[Image: FormalPolice.org browser blocked virus]

Are you sure you want to leave this page?
Message from webpage:
YOUR BROWSER HAS BEEN BLOCKED UP FOR SAFETY REASONS.
ALL PC DATA WILL BE DETAINED.
ALL YOUR FILES ARE ENCRYPTED.

YOUR BROWSER HAS BEEN BLOCKED UP. Leave this page or Stay on this page.

Cyber criminals often updated the design of this lock screen, however you should always keep in mind that no law enforcement agency (eg: FBI, Department of Justice, Royal Canadian Mounted Police or Police Central e-crime Unit) will never lock down your computer or monitor your online activities.

The FormalPolice.org lock screen is a scam, and you should ignore any alerts that this malicious software might generate. Under no circumstance should you send a MoneyPak, Ukash or Paysafecard voucher to these cyber criminals, and if you have, you can  should request a refund, stating that you are the victim of a computer virus and scam.

How to remove the FormalPolice.org virus (Removal Guide)

This page is a comprehensive guide, which will remove the FormalPolice.org infection from a Windows computer and an Apple Mac OS X machine. Please perform all the steps in the correct order. If you have any questions or doubt at any point, STOP and ask for our assistance.

How to Remove FormalPolice.org virus from a Windows PC

STEP 1: Remove FormalPolice.org browser hijacker from Internet Explorer, Firefox and Chrome
STEP 2: Remove FormalPolice.org virus with Malwarebytes Anti-Malware Free
STEP 3: Double-check for the FormalPolice.org infection with HitmanPro

STEP 1: Remove FormalPolice.org browser hijacker from Internet Explorer, Firefox and Chrome

  1. Open Task Manager by right-clicking the taskbar, and then clicking Start Task Manager. Alternatively to start the Windows Task Mager, you can press Ctrl+Alt+Del and click on Task Manager or simply press on Ctrl+Shift+Esc.
    [Image: Start Windows Task Manager]
  2. Click the Processes tab to see a list of all the processes that are currently running under your user account and a description of each process.
    [Image: Select the Process tab]
    To view all of the processes currently running on the computer, click Show processes from all users.
  3. Scroll through the list till you see your web browser’s process and left-click on it once so it becomes highlighted. Once you have selected the browser’s process, click on the End Process button as show in the picture below.
    If you are using this browser: End this process:
    Internet Explorer iexplore.exe
    Chrome chrome.exe
    Safari Safari.exe
    SeaMonkey seamonkey.exe
    Opera opera.exe
    Firefox firefox.exe

    [Image: Search for iexplorer.exe, firefox.exe or chrome.exe]

  4. When you click on the End Process button, Task Manager will ask you to confirm if you are sure you want to terminate it as shown in the image below.
    [Image: Kill the malicious process in Windows PC]
    At this point you should press the Yes button in order to kill the process.
  5. Your browser window should now be closed. The next time you open your browser, do not allow the browser to open the last opened page.

STEP 2: Remove FormalPolice.org virus with Malwarebytes Anti-Malware Free

Malwarebytes Anti-Malware Free utilizes Malwarebytes powerful technology to detect and remove all traces of malware including worms, trojans, rootkits, rogues, dialers, spyware and more.

  1. You can download Malwarebytes Anti-Malware Free from the below link, then double-click on the icon named mbam-setup.exe to install this program.
    MALWAREBYTES ANTI-MALWARE DOWNLOAD LINK(This link will open a download page in a new window from where you can download Malwarebytes Anti-Malware Free)
  2. When the installation begins, keep following the prompts in order to continue with the setup process, then at the last screen click on the Finish button.
    [Image: Malwarebytes Anti-Malware final installation screen]
  3. On the Scanner tab, select Perform quick scan, and then click on the Scan button to start searching for FormalPolice.org malicious files.
    [Image: Malwarebytes Anti-Malware Quick Scan]
  4. Malwarebytes’ Anti-Malware will now start scanning your computer for FormalPolice.org virus as shown below.
    [Image: Malwarebytes Anti-Malware scanning for FormalPolice.org ransomware
  5. When the Malwarebytes Anti-Malware scan has finished, click on the Show Results button.
    [Image: Malwarebytes Anti-Malware scan results]
  6. You will now be presented with a screen showing you the computer infections that Malwarebytes Anti-Malware has detected. Make sure that everything is Checked (ticked), then click on the Remove Selected button.
    [Image: Malwarebytes Anti-Malwar removing FormalPolice.org virus]

STEP 3: Double-check for the FormalPolice.org infection with HitmanPro

HitmanPro is a second opinion scanner, designed to rescue your computer from malware (viruses, trojans, rootkits, etc.) that have infected your computer despite all the security measures you have taken (such as anti virus software, firewalls, etc.).

  1. You can download HitmanPro from the below link:
    HITMANPRO DOWNLOAD LINK (This link will open a web page from where you can download HitmanPro)
  2. Double-click on the file named HitmanPro.exe (for 32-bit versions of Windows) or HitmanPro_x64.exe (for 64-bit versions of Windows). When the program starts you will be presented with the start screen as shown below.
    HitmanPro scanner Click on the Next button, to install HitmanPro on your computer.
    HitmanPro installation
  3. HitmanPro will now begin to scan your computer for FormalPolice.org malicious files.
    HitmanPro detecting for FormalPolice.org virus
  4. When it has finished it will display a list of all the malware that the program found as shown in the image below. Click on the Next button, to remove the FormalPolice.org virus.
    HitmanPro scan results
  5. Click on the Activate free license button to begin the free 30 days trial, and remove all the malicious files from your computer.
    [Image: HitmanPro 30 days activation button]

Your computer should now be free of FormalPolice.org infection. If your current anti-virus solution let this infection through, you may want to consider purchasing the PRO version of Malwarebytes Anti-Malware to protect against these types of threats in the future, and perform regular computer scans with HitmanPro.

How to Remove FormalPolice.org virus from an Apple Mac OS X

For years, Windows users have been plagued by ransomware demanding several hundred dollars to unlock their computers.
The bad guys know there is a growing market of Apple consumers who, for the most part, feel pretty safe about browsing the Internet on a Mac without the need for any security product.
Cyber-criminals, well known for not re-inventing the wheel, have ‘ported’ the latest ransomware to OS X, not by using some complicated exploit but rather leveraging the browser and its ‘restore from crash’ feature. The FormalPolice.org ransomware page is being pushed onto unsuspecting users browsing regular sites but in particular when searching for popular keywords.
To remove FormalPolice.org from your Apple MAC OS X browser you can follow any of below options.

OPTION 1: Remove FormalPolice.org malicious web page from Apple Mac OS X by resetting Safari to its default settings
OPTION 2: Remove FormalPolice.org browser hijacker Apple Mac OS X virus using Force Quit for your browser

OPTION 1: Remove FormalPolice.org malicious web page from Apple Mac OS X by resetting Safari to its default settings

To remove the FormalPolice.org browser hijacker from Safari, we will need to reset your browser to its default settings.

  1. Click on the Safari menu and then choose Reset Safari
    [Image: Select Reset Safari from the menu]
  2. In the new windows, make sure all items are marked and click on the Reset button.
    [Image: Reset Safari to default settings]

You can also watch this video on how to reset Safari to its default settings:

OPTION 2: Remove FormalPolice.org browser hijacker Apple Mac OS X virus using Force Quit for your browser

  1. Press Command + Option + Escape simultaneously. This will open the open the Force Quit Applications window.
    [Image: Press Command + Option + Escape to start Force Quit menu]
  2. Select Safari, Chrome, Firefox or any other browser in which your are seeing the FormalPolice.org ransomware notification.
    [Image: Select Firefox, Chrome or Safari from Force Quit menu]
  3. Click the button that says “Force Quit“. This will forcefully end your browser program, thus removing the FormalPolice.org browser hijacker.
    [Image: Click on the Force Quit button to remove FormalPolice.org virus]
    If you cannot switch from the unresponsive app, press Command + Option + Shift + Esc for three seconds to force it to quit. This key combination tells OS X to force quit the frontmost app.

You can also watch this video on how to Force Quit a program on an Apple Mac OS X:

If you are still experiencing problems while trying to remove FormalPolice.org virus from your Windows or Apple MAC OS X machine, please start a new thread in our Malware Removal Assistance forum.

How to Stay Safe Online

Here are 10 basic security tips to help you avoid malware and protect your device:

  1. Use a good antivirus and keep it up-to-date.

    Shield Guide

    It's essential to use a good quality antivirus and keep it up-to-date to stay ahead of the latest cyber threats. We are huge fans of Malwarebytes Premium and use it on all of our devices, including Windows and Mac computers as well as our mobile devices. Malwarebytes sits beside your traditional antivirus, filling in any gaps in its defenses, and providing extra protection against sneakier security threats.

  2. Keep software and operating systems up-to-date.

    updates-guide

    Keep your operating system and apps up to date. Whenever an update is released for your device, download and install it right away. These updates often include security fixes, vulnerability patches, and other necessary maintenance.

  3. Be careful when installing programs and apps.

    install guide

    Pay close attention to installation screens and license agreements when installing software. Custom or advanced installation options will often disclose any third-party software that is also being installed. Take great care in every stage of the process and make sure you know what it is you're agreeing to before you click "Next."

  4. Install an ad blocker.

    Ad Blocker

    Use a browser-based content blocker, like AdGuard. Content blockers help stop malicious ads, Trojans, phishing, and other undesirable content that an antivirus product alone may not stop.

  5. Be careful what you download.

    Trojan Horse

    A top goal of cybercriminals is to trick you into downloading malware—programs or apps that carry malware or try to steal information. This malware can be disguised as an app: anything from a popular game to something that checks traffic or the weather.

  6. Be alert for people trying to trick you.

    warning sign

    Whether it's your email, phone, messenger, or other applications, always be alert and on guard for someone trying to trick you into clicking on links or replying to messages. Remember that it's easy to spoof phone numbers, so a familiar name or number doesn't make messages more trustworthy.

  7. Back up your data.

    backup sign

    Back up your data frequently and check that your backup data can be restored. You can do this manually on an external HDD/USB stick, or automatically using backup software. This is also the best way to counter ransomware. Never connect the backup drive to a computer if you suspect that the computer is infected with malware.

  8. Choose strong passwords.

    lock sign

    Use strong and unique passwords for each of your accounts. Avoid using personal information or easily guessable words in your passwords. Enable two-factor authentication (2FA) on your accounts whenever possible.

  9. Be careful where you click.

    cursor sign

    Be cautious when clicking on links or downloading attachments from unknown sources. These could potentially contain malware or phishing scams.

  10. Don't use pirated software.

    Shady Guide

    Avoid using Peer-to-Peer (P2P) file-sharing programs, keygens, cracks, and other pirated software that can often compromise your data, privacy, or both.

To avoid potential dangers on the internet, it's important to follow these 10 basic safety rules. By doing so, you can protect yourself from many of the unpleasant surprises that can arise when using the web.

Previous

Remove Nominalpolice.com virus (Removal Guide)

Next

Remove “Warnung! Zugang von Ihrem Browser wurde vorlaufig” virus