Popular Virus Removal Tool

Thursday, March 7, 2013

Help: Police Cybercrime Investigation Department Metropolitan Virus

Multiple version of Cybercrime Investigation Virus



Police cybercrime lock down virus seems to plague many people in the world. There are 3 commonly seen version of the metropolitan virus. They are:




Polizei cybercrime investigation department virus plagues people in Quebec, Canada
infects:


Actually, they are all in one. But why they appear differently?

Cybercrime ukash virus is Trojan supportive which makes it smart and flexible. When detect vulnerability on a machine, the lock down virus will get in after it has collected your IP address and translated the fake content into corresponding language and currency.


What Happen after Contracted with Police Cybercrime Investigation Virus 



Cybercrime investigation metropolitan virus also acts differently. Here are two reports from its victims:

‘- My machine got infected this morning by some virus or trojan that makes my windows locked on a screen called "Police Cybercrime Investigation Department".
I am now using safe mode with networking to be able to run windows. Otherwise, I cant do anything in normal mode.’


‘- Today on my laptop, a screen titled, "polizei cybercrime investigation department" popped up, took my picture and accused me watching child pornography. The site warned if I did not pay the fine of $100.00 within 72 hours I would be facing jail time or $100, 000 of fines. It has effectively locked me out of my computer. I have tried accessing safe mode, as well as safe mode with networking. When I do this it starts up in the selected mode, only to shut down and restart in normal mode, which is a white screen, then turns into the same notice I started above.’

As stated above by Spyhunter, the cybercrime metropolitan virus is supported by Trojan. Commands are sent through a backdoor chiseled by the Trojan. Commands can be different, there’s not a fixed infiltration set from the remote server. That’s why some people are able to use certain form of safe mode, some are totally doomed with none functionality responsive. Herein, Tee Support agents conclude encounters when get infected with investigation police virus:
  1. Restore points are swept clean;
  2. F8 key won’t bring you to ‘Windows Advanced Options’;
  3. Blue/white screen occurs when getting in safe mode with networking/safe mode with command prompt;
  4. Repair refuses to complete.
Though computer disaster caused by cybercrime investigation department virus can be diversified, the ultimate goal comes to one – make excessive profit both by threatening PC users to hand in stipulated money and loading down tracking cookies through the backdoor.


Residual Damages after Unlocking PC from Cybercrime Metropolitan Virus



  1. Lagging PC performance;
  2. Random redirect issue will not disappear;
  3. Endless pop-up commercials;
  4. Some programs will not respond;
  5. Some of the system services are disabled.



How to Remove Police Cybercrime Investigation Department Metropolitan Easily?

Plan A: Remove Police Cybercrime Investigation Department Metropolitan Manually

SITUATION 1: able to enter into safe mode with networking
Step1:Reboot your computer and log into Safe Mode with Networking.

As the computer is booting but before Windows launches, tap the "F8 key" continuously which should bring up the "Windows Advanced Options Menu" as shown below. Use your arrow keys to highlight "Safe Mode with Networking" option and press Enter key.

 

Step2: Launch msconfig. and disable startup items rundll32 

 Click "start" —> put msconfig. in "search box" —> press Enter —> disable rundll32

 

   

Step3: Reboot your system one more time and enter into Safe Mode with Networking.




Step4: Run regedit. Search for Winlogon.

Click "start" —> put regedit in "search box" —> press Enter —> press and hold Ctrl+F to search for Winlogon


 
Step5:There will be a key labeled Shell in the right pane. It should reference Explorer.exe or be blank. If not, right click it and replace it with explorer.exe.

Note: if you cannot load explorer.exe, and cannot see Windows Task Manager or desktop, follow the steps below:

1. start explorer.exe

a) Press "Alt+Ctrl+Del".
b) Click "Task manager"
c) Click "New Task".

 

 d) Type "explorer.exe" and press "Ok"




Now explorer.exe will load and you can see your Desktop and all your files .

Step6: Save changes, reboot to safe mode with networking.
Step7: Run msconfig and disable all unnecessary startup entries.

a) Related files and folders

%AppData%\Protector-[rnd].exe
C:\Windows\System32\winlogon.exe
C:\Windows\System32\wininit.exe
C:\Windows\SysWOW64\wininit.exe
C:\Windows\explorer.exe
C:\Windows\SysWOW64\explorer.exe
C:\Windows\System32\svchost.exe
C:\Windows\SysWOW64\svchost.exe
C:\Windows\System32\services.exe
C:\Windows\System32\User32.dll
C:\Windows\SysWOW64\User32.dll

b) Associated registry entries

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ashDisp.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\divx.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mostat.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\platin.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\tapinstall.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\zapsetup3001.exe
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ Default Value restored successfully.
HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\policies\Explorer\Run\\35369 Value not found.


Good for you: Wanna make the removal of Police Cybercrime Investigation Department Metropolitan easier? Dare to try something new? Spyhunter can not only remove Police Cybercrime Investigation Department Metropolitan completely for you but also protect your computer from additional malware like trojan, spyware and ransomware. Download and install Spyunter right away!



Plan B: Remove Police Cybercrime Investigation Department Metropolitan automatically (with SpyHunter)


Step A. Download removal tool SpyHunter

1) Click here or the icon below to download Free SpyHunter automatically.


2) Follow the instructions to install SpyHunter
  spyhunter run

spyhunter setup

spyhunter setup

Step B. Run SpyHunter to block Police Cybercrime Investigation Department Metropolitan

Run SpyHunter and click "Malware Scan" button to scan your computer, after detect this unwanted program, clean up relevant files and entries completely.

 spyhunter3 scan

Step C. Restart your computer to take effect.

Note

Are you thinking about making the Police Cybercrime Investigation Department Metropolitan removal 1 stone 2 birds happen? There is actually one antivirus program can help you. Download and install Spyhunter to remove Police Cybercrime Investigation Department Metropolitan and protect your computer in the futher!