Hey all.

Unfortunately I have managed to pick up a virus on my computer. It is the Metropolitan police e-crime unit virus, a ransomware which has locked my computer unless I run it in safe mode which I am currently doing.

In order to try to rid my self of this demon I have followed insstructions from the internet however I can only go so far. The infected item, frustratingly, is windows explorer. The instructions I have followed is to start with safe and command prompt, force rename explorer so that I can use it, then download and replace explorer with a new non-infected version. However when I come to replace it I am told I cannot. I give the neccessary permissions as the computer administrator but then it blocks me from doing so anyway.

My question therefore is whether it is safe or even possible for me to use command prompt to force delete explorer and then re-install it from a USB drive onto which I can download a clean version.

Thankyou for any help with this matter, I am becoming a big red frustrated angry ball of rage! 

Mass

Yes the pop-up takes over the screen and locks the computer. In the pop-up which claims to the the police they ask for a £100 fine to be paid to unlock it. I have seen online that it is not true and do not intend to pay a penny.

I have AVG free which cannot seem to find a virus, even when scanning the item I am told to be infected. I also have malwarebytes, however it is out of date now, not updated in over a year as I have not used it over AVG and other AVs since then. However upon trying to download mcafee it tell me that there is a conflict with MWB, but when trying to uninstall MWB im told that the unistall information is missing so I cant delete it.

I downloaded trojan killer which seemed to find it, however only the free trial but to kill it I have to buy the product. Therefore I wonder if it actually has found the files where AVG couldnt or if this is an advertising technique and will therefore fail when I buy it.

Not hugely but I've done a few bits and bobs so I should be able to pick it up.

I was following the instructions from here
http://www.deletevirus.net/police-central-e-crime-unit-virus/
which instructed me to a similar area of the registry to what you suggested.

I am struggling to find another item which I could delete which would be easier as they tell me to replace explorer with a clean version that I am unable to do.

Im unable to disable it at the moment though. This is where i get stuck.

Do you have a clean backup of your operating system?  If not, I HIGHLY recommend you create one.  I have not one, but three backups of my operating system.  This was expensive in the hardware department, but well worth it.

Three  1TB MyBook drives from Western Digital make up my backup protocol.

Alpha:  Backup of OS just after full install and update of Windows.  AV and maintenance programs installed.  That's it.  This drive is only pulled out if I want a "clean" install of Windows 7 Ultimate.

Beta:  Backup of OS, OS updated, all programs installed and OS tweaks performed.  Music, movies, game stuff included on this drive.

Charlie:  Same as Beta.

Beta and Charlie get swapped out monthly.  If something goes wrong I only lose that month's progress.

These backups are in addition to my an on-board 1TB drive used as a running drive for music, movies and such.  My OS runs on a 120GB Sata SSD drive with FSX on another.

I know this is a bunch of different drives and cost a lot, but it works for me.  Saved me a time or two over the last couple of years.

Short of my insanity, two WD MyBooks should do.  You need at LEAST two backups and rotate them so as to not lose both at the same time.  Store backup drives in a firebox along with important papers.

Hope this helps.

The Bad Unkie Has Contributed.  Some.

I would recommend it.  Then put it away for future need.  Go back over my post and see how I've taken into account most contingencies.  My protocol works for me, your mileage may vary.

Remember.  BackUp Or Die!

The Bad Unkie Strikes Back!