Video Screencast Help

My computer got hacked by police virus fine. Metropolitan police virus (how did I get rid of it)?

Created: 07 Jul 2012 | 14 comments

This virus creates a file called 0_0u_l.exe

simple delete this file from your local roaming profile (Win 7)

delete all registry entries associated with this file name.

Reboot

 

 

Comments 14 CommentsJump to latest comment

Thomas K's picture

If possible, I recommend submitting this file to Symantec Security Response so that signatures can be created to protect others from this threat.

http://www.symantec.com/security_response/submitsa...

Thanks,

Thomas

SteveM65's picture

Hi, 

Not sure if I should post a new thread here because I have the same problem as NTLKev. Ransomware, not a virus actually. We are completely locked out of one of our computers. It wouldn't be a huge problem if we could just reformat it but we can't lose files stored on the infected machine. I've followed like 4 or 5 different removal guides to no avail. The fake warning message looks rather professional, scroll down to the second image here. That's exactly what we see right now. 

Now, I don't want to use NPE. The last time I used this tool, I had to reformat my PC. It really messed up my computer I don't what that happening again. Any suggestions?

Steve

kuta hotels's picture

i have same problem, are already use the SERT tool, is the data are lose or not, any advise please

With thanks and best regards,

made Jaya - www.kutahotelsbali.com

 

Mick2009's picture

I believe your data should be fine after this threat is removed by SERT or the NBRT.

With thanks and best regards,

Mick

Mick2009's picture

Excellent- many thanks for taking the time to update this thread. 

Prevention is much easir than a cure for many threats.  Now that this one is cleaned, you may wish to review the following recommendations from Symantec Security Response to ensure your defenses are suited to protect against future attacks.

http://www.symantec.com/theme.jsp?themeid=stopping_malware&depthpath=0

With thanks and best regards,

Mick

Mick2009's picture

This new Security Response whitepaper about Ransomware will be of interest to followers of this thread:

Ransomware: A Growing Menace
https://www-secure.symantec.com/connect/blogs/ransomware-growing-menace

With thanks and best regards,

Mick

Mick2009's picture

This new Security Response blog post also adds some extra developments/details- be informed!

Ransomware: Extorting Money by Panic and Pressure
https://www-secure.symantec.com/connect/blogs/ransomware-extorting-money-panic-and-pressure

With thanks and best regards,

Mick

may55's picture

a) if ur able to enter into safe mode with networking then you may just follow up some oline threads

b) if ur not able to enter into safe mode with networking, then get into safe mode with command prompt, type 'explore', hit Enter key, you'll see desktop, but deosn't mean the virus is gone

c) not able to use any safe mode, tap F8(other systems may use F12,F9 or ESC) constantly to get 'repair your PC' option. after you finish the repair, select command prompt, then type 'explore'

d) if you get BSOD, get help from 24/7 online computer help center

 

Want more detailed steps, you may look up some blog articles from PC problem fix, removecomputermalware.blogspot, PC savior and others alike

Ambesh_444's picture

Hello,

Agreed with mick, Please check with Mick thread.

 

Thank& Regards,

Ambesh

"Your satisfaction is very important to us. If you find above information helpful or it has resolved your issue. Please don't forget to mark the thread as solved."