The metropolitan police virus has infected my computer, I ran virusscan on safe mode and it detected "Generic Exploit!prt" and "Exploit Blacole", but these are still preventing me from starting the computer normally. I cannot disable system restore on safe mode and that´s probably why the problems persist at startup. Will I get rid of them if I restore the system to the day before the infection, and won't I lose data? Is there any other solution? My system is windows 7.
Thanks in advance!
There is a Utube video HERE
Try malwarebytes as well after trying stinger
WWW.malwarebytes.org the free version not the registered 1.
and try stinger it is updated regularly
What i found worked for me ,
Tried malaware bytes didnt find anything,ive 2 accounts admin and a normal user account.
Better this way to use normal account stops hackers from fully accessing pc as it needs a password to get into any system files
So when i got this virus i knew it was'nt an embedded one.
Heres how i got rid of mine
Followed this guide first http://deletemalware.blogspot.co.uk/2011/06/remove-metropolitan-police-ransomware.html
Came up with explorer.exe no strange registry entry
I rebooted into safe mode with networking
windows,control panel,appearance and personalization,folder options,view
Scrolled down to the folder show hidden files and folders changed to show instead of hidden
Went back into my c drive users "account name" look for a now shown folder called app data
Double click on this then double click on roaming folder inside this folder will be lots of folders but at the bottom ( on mine) was an app called hj8 o10 (thought this was a bit strange deleted it but kept in recycle bin just incase)
Rebooted pc and I could access my Pc again seems the app was running before my desktop stopping my desktop from loading
Ive enclosed pic of my recycle bin to show you what to look for
Hope this helped sorry for long winded solution but wanted to break it down to make it easier to understand
This discussion has (belatedly) been moved into Top Threats. All useful solutions to removing this malware should be kept in the same discussion area for reference.