How to remove Police Central e-crime Unit (Virus Removal)

As of June 2012 two separate variants of ransomware titled Police Central e-crime Unit ransomware 1. Win32/Weelsof and 2. Win32/Reveton have been infecting numerous computers disguised as police units such as the Specialist Crime Directorate or Metropolitan Police. The Police Central e-crime Unit ransomware locks computer systems, claims the operating system or internet browser is locked due to a violation of laws, which may include distributing and visiting illegal pornography, such as child pornography, and zoofila, among other false claims. The e-crime Unit virus then demands a fine of 100 Euro or $100 (or other) be paid by UKash, Paysafecard, or other currency services.

Police Central e-crime Unit ransomware symptoms

1. Win32/Weelsof

■ A fake alert from an online authority Metro Police  stating the infected computer has been violating the law which states “this computer was locked to stop your illegal activity.”

■ Fake violation claims include: Your IP address was used to visit websites containing pornography, child pornography, zoofila, and child abuse.

■ The infection claims “Your computer also contains video files with pornographic content, elements of violence, and child pornography. Spam-messages with terrorist motives were also sent from your computer.” (please be aware these are false claims)

■ A demand for a penalty fine is made by the infection in order for infected systems to become unlocked and accessible again. “To unlock the computer you must pay a fine of 100 E” by use of Ukash or Paysafecard services.

Metropolitan Police Police Central e-crime Unit Virus
The first variant belongs to the Win32/Weelsof malware family. Basically, it’s a Trojan that allows hackers to perform a number of actions on the infected computer. And they certain can launch such fake Police warnings as shown in the image below.

While Win32/Weelsof clearly targets the United Kingdom, the infection has spread to many other countries as well and is expected to progress, change, and adapt to other countries in the future.

2. Win32/Reveton

■ A fake alert from an online authority Specialist Crime Directorate stating the infected computer has been violating the law which states “Your computer is blocked due to at least one of the reasons specified below.”

■ You have been violating Copyright and Related Rights Law (Video, Music, Software) and illegally using or distributing copyrighted content, thus infringing Article 128 of the Criminal Code of Great Britain.

■ Article 128 of the Criminal Code provides for a fine of two to five hundred minimal wages or a deprivation of liberty for two to eight years.

■ You have been viewing or distributing prohibited Pornographic content (Child Porno/Zoofilia and etc). Thus violating article 202 of the Criminal Code of Great Britain.

■ Illegal access to computer data has been initiated from your PC, or you have been… (incomplete wording)

■ Article 208 of the Criminal Code provides for a fine up to E 100,000 and/or a deprivation of liberty for four to nine years.

■ Illegal access has been initiated from your PC without our knowledge or consent, your PC may be infected by malware, thus you are violating the law on Neglectful Use of Personal Computer. (No such law)

Specialist Crime Directorate Police Central e-crime Unit virus

The second variant of Police Central e-crime Unit (PCeU) ransomware belongs to the Win32/Reveton malware family. The fake waning is different than the Weelsof version and much more sophisticated, claiming to be from Specialist Crime Directorate rather than Metropolitan Police.

How to remove Police Central e-crime Unit (Removal Instructions)

1. We strongly recommend writing down the toll free number below in case you run into any issues or problems while following the instructions. Our techs will kindly assist you with any problems.

1-888-986-8411
if you need help give us a call

2. Download and install the free or full version of Malwarebytes Anti-Malware.

download buy now

3. Open Malwarebytes Anti-Malware.

malwarebytes

4. Click the large Scan Now button or visit the “Scan” tab to scan your computer for Police Central e-crime Unit malware and malicious files.

malwarebytes anti-malware

5. Once the scan is complete, click the Quarantine All button to remove the files and restart your computer.

If you are still having issues with malware it is recommended to download and install a second opinion scanner, such as HitmanPro by Surfright to eradicate existing malicious files.

User accounts

Ransomware usually infects 1 user account on Windows systems at a time. Here are some tips to remove ransomware by using different user accounts.

  1. Log into an account not affected by malware (with administrative rights) and perform a scan with reputable software to detect and remove malware.
  2. You can also delete the infected account.
  3. Other options include creating a new user account to remove malware if only 1 Window’s user account is present on the computer system.

Internet/network issues

Safe Mode With Networking can be used to access the Internet for updates, drivers, removal software, or other files if internet and network connectivity is compromised.

Sean Doyle

Sean is a distinguished tech author and entrepreneur with over 20 years of extensive experience in cybersecurity, privacy, malware, Google Analytics, online marketing, and various other tech domains. His expertise and contributions to the industry have been recognized in numerous esteemed publications. Sean is widely acclaimed for his sharp intellect and innovative insights, solidifying his reputation as a leading figure in the tech community. His work not only advances the field but also helps businesses and individuals navigate the complexities of the digital world.

162 Responses

  1. Anonymous says:

    My android tablet has this virus and i can’t access anything ….it just keeps showing the police screen…any ideas plz????

  2. Anonymous says:

    I can’t download the anti malware software onto my tablet, any ideas?

  3. Colin says:

    How can i clear of my android tablet this virus

  4. Andrew says:

    I always turn off my computer when this obviously bogus message comes up, then reboot, no problem. But why can’t the perpetrators be tracked down and stopped?

  5. Anonymous says:

    just uninstalled the browser and it worked

  6. Anonymous says:

    Starting in Safemode, and then doing a system restore did the trick! Cheers mate 🙂

  7. baiba says:

    how to remove metropolitan police virus from mac, please!!!!>>>?????

  8. Anthony says:

    Thanks! This advice proved useful in getting rid of this problem. The virus had disabled safe mode but safe mode with command prompt worked.

  9. Anonymous says:

    To reiterate everyone else – thank you so much, you’re a true gem.

  10. Anonymous says:

    Thanks for the advice dude. It worked and saved me a lot of money.

  11. Anonymous says:

    You are an amazing person, literally saves my life

  12. Jim says:

    Don’t usually comment on things like this but thank you for your expert advice!

    Tip for anyone also having this issue: Try logging onto a different user (if you can) I logged onto another downloaded the free malware and that killed the virus from their account. I had 160 virus files in total!!

    Using the free malware software was very quick and easy so I would recommend that as a good first option!

    Thank you Sean! Hero!

  13. Tony says:

    Thank you very much you save not just my computer but my kids homework.

  14. Anonymous says:

    thank you sooo much

  15. Louis says:

    Thanks I was scared shirtless when this thing came up cheers

  16. Ben says:

    Thank you soo much you saved my f****** a**, shat myself when the thing came up.

  17. Anonymous says:

    wow i was jus abouts to commit so many vegences n im not a bad guy she lookt older than 20

  18. Anonymous says:

    So far so good, a real thank you to you…. Helped a huge amount

  19. Greg says:

    Seriously dude I fucking love you so much you properly saved my skin on this one 😀

  20. john says:

    This one had me stumped for a good while. And a heads up to anyone else trying to download don’t mess with the zohan don’t do it

  21. anon says:

    thanks for that, I think my computer is ok… and I have learned a lesson, and that’s to wake the wife up, if you know what I mean.

  22. Andrew says:

    Your advice was priceless. Was expecting to at least have to take it to a local computer repairer but after following your simple instructions the virus was removed first time. It’s good to see that some websites can be trusted to give you helpful advice. Thank you.

  23. Ellis says:

    I just want to thank you so much Sean! I was scared I was going to have police round knocking for me

  24. Alan says:

    Police Central e-crime Unit ransomware virus

    If It Helps You, These Are The Names Of The Virus.

    139d2e78.dll & 139d2e78.exe

    They Were Found In ‘C’ Drive / My Documents In A Folder With Photo’s

    Naming Themselves As FM Radio As Where The Photos.
    When Clicked On Their Properties They Were Named As,

    Adobe Collaboration Synchroniser 10.0

    As It Uses Adobe Flash Player To Pop Up The Screen On Your Computer.

  25. John says:

    Thanks Sean, very much indeed – that did the trick. Nasty little fella that one.

  26. Anonymous says:

    Thank you so very much. I was close to paying £100 and scared of police knocking on my door.

  27. Luke says:

    Thank you is too little to say

  28. Anonymous says:

    Thankssss!!!!!!

  29. Anonymous says:

    i literally cannot thank you enough

  30. ALAN says:

    i think i love you Sean Doyle

  31. kyle says:

    thankyou so much

  32. shankar says:

    thanks a lotttttt………………

  33. Anonymous says:

    Thanks a million to Sean Doyle. Your knowledge and help is a great influence. Once again, thank you very very much.

  34. Anonymous says:

    Got caught out with this one !!!!
    Started in safe with networking
    Then used system restore
    Seems to be ok now !!!
    Cost me £100
    Must search the net next time !!!!
    Thanks for the help

  35. Anonymous says:

    CAn I just use Mcafee anti virus in safe mode

  36. Anonymous says:

    Many Many thanks. At last nearly paid the £100 !!!

  37. Anonymous says:

    Big Thanks Sean, I was so scared when the block poped up. I was in fact watching porn but not child porn, and thought that this accusation might have been accessed through other pop up windows. I did indeed buy UKash voucher of £100 entered it and the block went off after 25-30 minutes bringing my laptop back to normal, but never had I thought that it would be a virus as it looked so convincing and demanding

  38. Anonymous says:

    Thank you so much, great help

  39. Anonymous says:

    Awesome.fantastic thank you very much

  40. cookie says:

    this virus infected my laptop yesterday on my account,i simply then logged into my girlfriends account which wasnt blocked with the virus and deketed my account and set up a new one,my laptop is working fine but is this virus still on it???

  41. Anonymous says:

    Thanks great easy to follow steps, much appeciated.

  42. Anonymous says:

    thanks alot

  43. Anonymous says:

    thank you so much, fixed my computer!!!

  44. Anonymous says:

    thanks a million for the fantastic step by step help

  45. Anonymous says:

    Thanks!!! that was great! i called a tech center and they wanted me to pay £200 to solve the problem. Thought that was excessive so googled the virus an found this page. Everything is sorted now for free!!!

  46. Anonymous says:

    you r a life safer, thank you

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.