Metropolitan Police virus (also called as Strathclyde Police Virus) is a ransomware infection from Ukash group of viruses. This group is famous (in the negative way, of course) for its technique used for trying to steal the money from PC users. Basically, it needs only to infect computer with a Trojan horse, which additionally blocks the system and replaces victim's desktop with a misleading notification. In every case, Ukash threats present themselves as governmental institutions and report that victim is noticed violating various laws, like watching copyrighted content or distributing pornography. Finally, in order to remove the lock, user is asked to pay a ransom using one of legitimate prepayment systems. Please, never do that!
Similarly to PCeU virus or PRS for Music Metropolitan Police virus, Metropolitan Police virus attacks people who live in UK. It also locks computer’s system and then asks to pay the fine of 100£ using Ukash or PaySafeCard prepayment system. While it claims that this will unblock it, in reality this doesn’t help to recover Internet connection and get ability to use your files again. You must remove Strathclyde Police Virus or Metropolitan Police virus from the system to start using your PC again.
HOW CAN I GET INFECTED WITH Metropolitan Police virus/Strathclyde Police Virus?
Strathclyde Police Virus/Metropolitan Police virus is distributed via spam emails, fake video/audio codecs, freeware, shareware and similar downloads. As we have already mentioned, it is distributed by Trojans that additionally block the system and disconnect user from the Internet connection. Basically, you can do only one thing when Metropolitan Police virus is on your computer – you can look at its misleading notification, which reports about those law violations. Here’s what it claims:
Under the laws of the United Kingdom and investigation of Metropolitan Police Service and Strathclyde Police Your computer is locked to prevent illegal activity in the network.
From this IP-address it was visited sites containing banned scenes of violence against people, as well as viewing banned in United Kingdom child pornography materials. We discouverd video files that contain elements of violence were found on your computer.
Unsolicited Bulk Messages was send from your computer’s IP address and it was recorded by SpamHaus this month.
The computer has been locked to prevent your illegal activities on the Internet.
Keep in mind that Metropolitan Police virus is a huge scam, which has nothing in common with the British Metropolitan Police or Strathclyde Police. Additionally, this notification is bogus and you should never believe that paying 100 pounds will remove the lock from your computer’s system. You need to remove Metropolitan Police virus as soon as possible.
HOW CAN I REMOVE Metropolitan Police virus/Strathclyde Police virus?
If you are one of those unlucky people who got infected with this threat, you should firstly unlock the system and then use Reimage, Malwarebytes or other reputable anti-malware to remove Metropolitan Police virus for good. In order to unlock your PC follow one of these options:
* Try to use the system restore to restore to an earlier date and launch anti-malware program to remove infected files from the system.
Flash drive method:
1. Take another machine and use it to download Reimage or other reputable anti-malware program.
2. Update the program and put into the USB drive or simple CD.
3. In the meanwhile, reboot your infected machine to Safe Mode with command prompt and stick USB drive in it.
4. Reboot computer infected with Metropolitan Police virus once more and run a full system scan.
* Users infected with these ransomware threats are allowed to access other accounts on their Windows systems. If one of such accounts has administrator rights, you should be capable to launch anti-malware program.
* Try to deny the Flash to make your ransomware stop function as intended. In order to disable the Flash, go to Macromedia support and select 'Deny': http://www.macromedia.com/support/documentation/en/flashplayer/help/help09.html. After doing that, run a full system scan with anti-malware program.
* Manual Metropolitan Police virus removal (special skills needed!):
- Reboot you infected PC to 'Safe mode with command prompt' to disable Metropolitan Police virus (this should be working with all versions of this threat)
- Run Regedit
- Search for WinLogon Entries and write down all the files that are not explorer.exe or blank. Replace them with explorer.exe.
- Search the registry for these files you have written down and delete the registry keys referencing the files.
- Reboot and run a full system scan with updated Reimage to remove remaining files.