> VilmaTech Blog > Remove Jandarma Genel Komutanlığı Virus (Android Malware Removal Tutorial)

Remove Jandarma Genel Komutanlığı Virus (Android Malware Removal Tutorial)

Jandarma Genel Komutanlığı virus Android malware is classified as a quite malicious ransomware coming from the piece of Trojan Urausy, which is engaged in attacking computers and forcing victimized users who those are mainly located in Turkey into paying. Jandarma Genel Komutanlığı virus performs the common nasty trick like other ransomware Dansk Rigspolitiet virus does. Jandarma Genel Komutanlığı virus Android lock disguises its local high authoritative institutions under the name of Directorate General of Turkish National Police to gain victimized users trust and make them believed it to be true. And the ransomware locks target computer and accuses its owner of violating copy-right and illegally using storing pornography or distributing copyrighted content. It then claims that according to the law you have to pay a fine of 100 EURO to avert from criminal case. Numerous computer users are scared about all of these alert messages and they have prepared to pay just taking in consideration of avoiding going to jail after the next 72 hours. In fact, Jandarma Genel Komutanlığı virus is a ramsomware, designed by cybercriminal to blackmail users’ money. And you surely won’t have anything with criminal case. Don’t be trapped into the nasty trick played by such Jandarma Genel Komutanlığı Android malware.

live chat

Abstract Overview Seen on Jandarma Genel Komutanlığı Virus Locked Screen

First emphasized alert part- Headline: Jandarma Genel Komutanlığı virus locks the infected computer when Windows starts and layouts its headline on the full locked screen with Turkish. You can see the case sensitive alert messages “JANDAMA GENEL KOMUTANLIGI,” “Biligism Teknolojilert Inceleme Laboratuvar Amirliğı” and Derictorate General of Turkish National Police” on the top line of the virus screen. It mainly aims to threaten the target computer users at first sight and point out that your computer has been locked due to your unlawful online activities. It let them be aware of the non-existent PC infectious.

Second part- Related law article contents: From this part the Jandarma Genel Komutanlığı virus layouts a series of law articles to threaten its victimized computer users and let them believe that the scam virus is distributed by high-authority department thereby urging into paying quickly. Therefore, aided with those fabricated alerts many computer users have been taken in by the vividly designed deceptive articles. As seen details as below:

live chat

Third party-Guides on payment: The Jandarma Genel Komutanlığı virus clearly demands the payment should be in form of Ukash. To make victimized computer users quickly accomplish the payment the virus screen also shows some details on how to pay the demanding fine by Ukash. And it emphasizes the point again that a criminal case will against you once the fine isn’t received in time. We have to admit that many computer victims have gone mad about this for they are really at nail-biting. Well, now you should have a clear idea that Jandarma Genel Komutanlığı virus is not related to any law institution but a ransomware. The only purpose of it is to steal money from Turkish computer users. Do not trust this warning if you have received it on your computer. What positive thing you have to is to remove the malicious ransomware from the infected computer ASAP.

Jandarma Genel Komutanlığı Ransomware Removal Guides

To enable programs terminated by the Jandarma Genel Komutanlığı virus, you need to reboot the infected computer with safe mode with networking so that you can proceed the virus removal process. Here is how to reboot computers with Windows 7 (Windows XP, Windows Vista) or Windows 8 into safe mode with networking:

First step:

1): For Windows 7, Windows XP, Windows Vista, you can press the single function key F8 on the first line of the keyboard.

Note: You need to hit the power button to start the infected computer but before it launches on, you need to press F8 key constantly after skipping the first interface. Windows Advanced Options menu will show you Safe mode with Networking, highlight it by pressing up-down key and hit enter key. As seen the below picture:

2): For Windows 8, you need start the infected computer until you see the locked screen. Press Ctrl+ Alt+ Del combination key to reveal the Switch User interface. And then hold down the “Shift” key on the keyboard and meanwhile click on “Shut down” button once on the bottom right corner of the page. Later after that, there will be three options there: Sleep, Shut down and Restart. You need lick on Restart option.

3): The next window says ‘Choose an Option’ screen,” then you need select “Troubleshoot”-> click on ‘Advanced Options’ -> choose ‘startup settings.’

4): After clicking on Startup Settings, you need choose ‘Restart’ then Windows will automatically display Safe mode options. By pressing F5/5 key to highlight Safe Mode with networking option, hit enter key as well.

Second step:

End Jandarma Genel Komutanlığı virus malicious process. Press Ctrl+ Shift+ Esc or Ctrl+ Alt+ Del keys, in the Windows Task Manager window select on Process tab. Scroll down and locate to suspicious file (random.exe), then click on End process.

Third step:

Remove Jandarma Genel Komutanlığı virus files and registry entries.

1): Show hidden files to fast locate the scam files:

A: Click on Start button

B: Click on Control Panel

C: In control panel page, click on Appearance and Personalization link.

D: Double click on Files and Folder Option.

E: Select View tab. Check “Show hidden files, folders and drives.”

F: Uncheck “Hide protected operating system files (Recommended).

G: Then click ok to finish the changes.

H: After finishing showing hidden files, open Local system disk, delete Jandarma Genel Komutanlığı virus files.

%UserProfile%\Application Data\msconfig.dat
%UserProfile%\Application Data\msconfig.ini

2): Delete the ransomware registry entries

Press Windows and R key, type regedit in Run window. Click Ok.

Find the below registry entries from Registry Editor page and delete them.


HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\”Shell” = “explorer.exe.

Fourth step:

Restart the infected computer with regular mode to effect the removal.

Note: The Jandarma Genel Komutanlığı virus changes every time that you have to detect all virus variant files and delete all of them to make sure the complete removal.


Once your computer is infected with Jandarma Genel Komutanlığı virus Android lock, your computer or Android system can be locked just when system starts. Even more, some blue screen errors show up and state that your computer has corruptive damages. Besides that, apart from program disabled and some essential files have been encrypted, you still be at the high-risk confidential theft like online banking data and information about Credit Card you ever used to make online transactions. Since the Jandarma Genel Komutanlığı virus Android malware makers also called cybercriminals have ability to access in the infected computer and theft confidential information with ease. Thus, don’t belittle the damages made by the scam virus, its dangers are far beyond our imagination. If you have tried all steps above but still failed to remove Jandarma Genel Komutanlığı virus  Android lock completely, you can contact with VilmaTech Online Support fore more suggestions according to your situation.

live chat

Comments are closed.

Latest Posts