Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
[RESOLVED] Police e-crime virus removal
Topic Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Plusnet Community
- :
- Forum
- :
- Other forums
- :
- Tech Help - Software/Hardware etc
- :
- Re: Police e-crime virus removal
[RESOLVED] Police e-crime virus removal
06-11-2012 9:04 AM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
One of the XP accounts on my PC appears to be infected with the Police e-crime virus. On logging into the account what appears to be a pdf appears in full screen, and the PC is then locked. Cntr-Alt-Del doesn't work, the only way out is a hard reset by holding in the power button.
Two other XP accounts on the same PC are unaffected (so far), one of which has administrator privileges. Running a scan with AVG Free 2012 from this account initially found the infection and removed it to the virus vault, but the infected account remained infected, and subsequent scans did not find an infection.
Has anyone any experience of this virus and knows how to remove it?
Two other XP accounts on the same PC are unaffected (so far), one of which has administrator privileges. Running a scan with AVG Free 2012 from this account initially found the infection and removed it to the virus vault, but the infected account remained infected, and subsequent scans did not find an infection.
Has anyone any experience of this virus and knows how to remove it?
My other car isn't a Ferrari
6 REPLIES 6
Re: Police e-crime virus removal
06-11-2012 10:19 AM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
A bit long-winded but try this....
http://botcrawl.com/how-to-remove-the-police-central-e-crime-unit-ransomware-virus-metropolitan-poli...
http://botcrawl.com/how-to-remove-the-police-central-e-crime-unit-ransomware-virus-metropolitan-poli...
Re: Police e-crime virus removal
07-11-2012 8:09 PM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
malware bytes clears it. http://www.malwarebytes.org/
load malwarebytes onto a clean drive (USB data stick), reboot 'safe with networking', run malwarebytes.
Neighbour's son was infected with it recently.
load malwarebytes onto a clean drive (USB data stick), reboot 'safe with networking', run malwarebytes.
Neighbour's son was infected with it recently.
Re: Police e-crime virus removal
07-11-2012 9:12 PM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
Typically this type of virus works using a sort of pester-power on steroids - so much activity that nothing else cannot get a look-in or is deliberately suppressed. I generally boot into Safe Mode then use a start-up modifier program like Autoruns http://technet.microsoft.com/en-gb/sysinternals/bb963902.aspx to turn-off the virus. With a bit of practice it is easy to identify the virus in the long list because it is not digitally signed and not in a normal location for a program file. Once you have stopped the virus from starting automatically you can use the security software of your choice to remove the actual file and associated settings. Malwarebytes is indeed a good choice
Re: Police e-crime virus removal
08-11-2012 10:23 AM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
Thanks for the advice.
Progress so far.
AVG scans still report no current infection since the initial scan which detected and quarantined the virus. However, the affected XP account cannot be accessed without the virus screen warning displaying and freezing the PC. It also appears to be preventing a system restore to any restore point. Quite a nasty little beggar, although more of an inconvenience atm rather than a threat.
The next step is to see if malwarebytes cures the infection, but if AVG no longer detects it and the virus only affects one account, I don't have much confidence of success. Here's hoping.
If not successful I might try deleting the account and re-instating it
Progress so far.
AVG scans still report no current infection since the initial scan which detected and quarantined the virus. However, the affected XP account cannot be accessed without the virus screen warning displaying and freezing the PC. It also appears to be preventing a system restore to any restore point. Quite a nasty little beggar, although more of an inconvenience atm rather than a threat.
The next step is to see if malwarebytes cures the infection, but if AVG no longer detects it and the virus only affects one account, I don't have much confidence of success. Here's hoping.
If not successful I might try deleting the account and re-instating it
My other car isn't a Ferrari
Re: Police e-crime virus removal
08-11-2012 10:40 AM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
If you care to follow my strategy and use Autoruns (which will run happily in Safe Mode) look for a program that is launched from a location within the folders belonging to the affected user account. It's very rare for a legitimate program to do that (although Google Chrome is an exception that proves the rule).
Re: Police e-crime virus removal
12-11-2012 9:44 AM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
Problem now resolved :). Malwarebytes detected, quarantined and deleted 4 files which AVG (free version) failed to detect.
My other car isn't a Ferrari
Topic Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Plusnet Community
- :
- Forum
- :
- Other forums
- :
- Tech Help - Software/Hardware etc
- :
- Re: Police e-crime virus removal