FacebookTwitterLinkedIn

Metropolitan Police ransomware

Also Known As: Metropolitan Police virus
Type: Ransomware
Damage level: Severe

Tomas Meskauskas Written by on (updated)

Metropolitan Police Virus "Your Personal Computer has been blocked" removal guide

This message, purportedly sent by the Metropolitan Police, demands payment of a 100 Pound fine for allegedly watching pornography involving minors. This is a scam, a ransomware virus created by cyber criminals whose intention is to scare unsuspecting PC users from the UK into paying a bogus fine.

In fact, paying this fine is equivalent to sending your money to cyber criminals. Neither the Metropolitan Police nor any other international authority or organization use screen blocking messages to collect fines for any law violations.

Metropolitan Police Virus

This particular ransomware virus infection originates from a family called Revoyem and currently targets PC users from the UK and Germany. These deceptive messages are localised so that computer users from Germany observe them as if sent by Bundeskriminalamt.

The Metropolitan Police ransomware virus displays a number of photos of supposedly-recorded instances of users' watching pornography involving minors. This is merely a scam and PC users should not fall for the trickery displayed by this ransomware.

If you see a message such as this on your computer desktop, your PC is infected with a ransomware virus and you should ignore it. The correct way to deal with this infection is to eliminate it from your operating system.

The Metropolitan Police name is exploited by cyber criminals in order to make their deceptive message appear authentic. The most common source of ransomware viruses of this type are 'exploit kits', which are able to infect the operating system by exploiting detected security vulnerabilities.

Exploit kits are often proliferated using email messages, malicious websites, and drive-by downloads. When infected with the Metropolitan Police ransomware virus, PC users should not pay any fines using the Ukash or PaySafeCard pre-paid card services.

If you do, you will send your money to cyber criminals responsible for creating this scam, and there is no guarantee that your computer will be unlocked.

Note that the statement, "Attempt to unblock computer by any other means will lead to formatting of the hard drive except for the evidence of criminal activity", is false. If you see this message on your computer screen, use the removal guide provided to eliminate this scam.

A fake message displayed by the Metropolitan Police virus:

Metropolitan Police.
Your Personal Computer has been blocked.
The work of your computer has been suspended on the grounds of unauthorized cyberactivity
All the illegal actions that you performed on this computer were recorded and classified in the Police Database. This also includes photos and videos that were taken by your camera for further identification. You've been charged with viewing pornography that involves minors.

Carefully review the following violations please:
Article - 174. Copyright
Imprisonment for the term of up to 2-5 years (Using or sharing copyrighted materials).
Fine amount varies from 14,000 Pounds to 23,000 Pounds.
Article - 183. Pornography
Imprisonment for the term of up to 2-3 years (Usage or distribution of pornographic materials).
Fine amount varies from 18,000 Pounds to 25,000 Pounds.
Article - 184. Pornography involving children (under 18 years)
Imprisonment for the term of up to 10-15 years (Usage or distribution of pornographic materials).
Fine amount varies from 24,000 Pounds up to 40,000 Pounds.

According to the Government decision as of December 04, 2012, all of the violations described above can be considered of criminal character.
The amount of the fine constitutes 100 Pounds. The payment should be made within the next 48 hours after your computer has been blocked. In case the fine is not paid, you will became the subject of a criminal prosecution with no right to pay the fine. The personal Computer you are using will be confiscated by the Cyber Crime Agency. The criminal case you fall under will be considered for the items stated above. You will have to pay the fine in the amount of 16,000 Pounds with further imprisonment.
In case the fine is paid within the period of time indicated, your computer will be unlocked.

Attempt to unblock computer by any other means will lead to formatting of the hard drive except for the evidence of criminal activity. A fists-time violation might not lead to imprisonment, in case of a first-time violation you have to pay the fine in accordance with the Law of Loyalty of the People as of December 04, 2012.
You are obliged to pay the fee of 100 Pounds to unblock your computer and avoid all the other legal procedures (Ukash or PaySafeCard).

Metropolitan Police virus removal:

Step 1

Start your computer in Safe Mode. Click Start, click Shut Down, click Restart, click OK. During your computer starting process press the F8 key on your keyboard multiple times until you see the Windows Advanced Option menu, then select Safe Mode with Networking from the list.

Safe Mode with Networking

Video showing how to start Windows 7 in "Safe Mode with Networking":

Step 2

Log in to the account infected with Metropolitan Police virus. Start your Internet browser and download a legitimate anti-spyware program. Update the anti-spyware software and start a full system scan. Remove all entries detected.


If you cannot start your computer in Safe Mode with Networking, try performing a System Restore.

Video showing how to remove ransomware virus using "Safe Mode with Command Prompt" and "System Restore":

1. During your computer starting process, press the F8 key on your keyboard multiple times until the Windows Advanced Options menu appears, and then select Safe Mode with Command Prompt from the list and press ENTER.

Boot your computer in Safe Mode with Command Prompt

2. When Command Prompt Mode loads, enter the following line: cd restore and press ENTER.

system restore using command prompt type cd restore

3. Next, type this line: rstrui.exe and press ENTER.

system restore using command prompt rstrui.exe

4. In the opened window click "Next".

restore system files and settings

5. Select one of the available Restore Points and click "Next" (this will restore your computer system to an earlier time and date, prior to the ransomware infiltrating your PC).

select a restore point

6. In the opened window click "Yes".

run system restore

7. After restoring your computer to a previous date, download and scan your PC with recommended malware removal software to eliminate any remnants of Metropolitan Police virus.

If you cannot start your computer in Safe Mode with Networking (or with Command Prompt), boot your computer using a rescue disk. Some variants of ransomware disable Safe Mode, making its removal more difficult. For this step, you require access to another computer.

After removing Metropolitan Police virus from your PC, restart your computer and scan it with legitimate antispyware software to remove any possible remnants of this security infection.

Other tools known to remove the Metropolitan Police (Your personal computer has been blocked) virus:

▼ Show Discussion

About the author:

Tomas Meskauskas

Tomas Meskauskas - expert security researcher, professional malware analyst.

I am passionate about computer security and technology. I have an experience of over 10 years working in various companies related to computer technical issue solving and Internet security. I have been working as an author and editor for pcrisk.com since 2010. Follow me on Twitter and LinkedIn to stay informed about the latest online security threats. Contact Tomas Meskauskas.

PCrisk security portal is brought by a company RCS LT. Joined forces of security researchers help educate computer users about the latest online security threats. More information about the company RCS LT.

Our malware removal guides are free. However, if you want to support us you can send us a donation.

About PCrisk

PCrisk is a cyber security portal, informing Internet users about the latest digital threats. Our content is provided by security experts and professional malware researchers. Read more about us.

How to prevent against infection
New Removal Guides
Malware activity

Global malware activity level today:

Medium threat activity

Increased attack rate of infections detected within the last 24 hours.

Top Removal Guides
QR Code
Metropolitan Police virus QR code
Scan this QR code to have an easy access removal guide of Metropolitan Police virus on your mobile device.
We Recommend:

Get rid of Windows malware infections today:

▼ REMOVE IT NOW
Download Combo Cleaner

Platform: Windows

Editors' Rating for Combo Cleaner:
Editors ratingOutstanding!

[Back to Top]

To use full-featured product, you have to purchase a license for Combo Cleaner. 7 days free trial available. Combo Cleaner is owned and operated by Rcs Lt, the parent company of PCRisk.com read more.