Title: Guardia Civil virus
Type: Ransomware
Also known as: Ukash virus, Police virus

Remove Guardia Civil virus
Removal instructions

 
Severity scale:Guardia Civil virus severity is 98  (98 / 100)
 

Guardia Civil virus is a seriously dangerous ransomware, which is designed for tricking PC users who live in Spain. It can be defined by its fake warning message, which starts with words 'Su ordenador ha sido bloqueada debido a la sospecha de descarga y distribución de contenido ilegal', that mean 'Your computer has been locked for downloading and distributing illegal content'. Of course, this message is fake and it is used for the only aim – hackers expect that it will help them to collect 100 euro from each of the victims. That's why we highly recommend ignoring all huge messages that may appear on your computer's desktop out of nowhere. No matter that they may look like they belong to some govenrmental authority, in reality such warnings belong to hackers. For unlocking your computer, you have to remove Guardia Civil virus from the system.

HOW CAN I GET INFECTED WITH Guardia Civil virus?

Guardia Civil virus is usually spread by trojan horse, which infiltrates computers without any sign. You can prevent its infiltration by following safe browsing practices what means you have to avoid illegal websites, stop using copyrighted content and also ignore all emails that were sent to you by unknown sources. This trojan takes a really important part in the distribution of Guardia Civil virus. It not only downloads its files onto the system but also blocks computer in order to prevent the removal of this ransomware. As soon as this procedure is finished, Guardia Civil virus shows its fake alert:

Guardia Civil
Su ordenador ha sido bloqueada debido a la sospecha de descarga y distribución de contenido ilegal. 
El contenido ilegal mencionado (610 Mb de archivos de vídeo) ha sido clasificado automáticamente como pornografía infantil. 
Dichas acciones violan total o parcialmente las siguiente leyes españolas: Libro II; Título VIII; Capítulo VII La pornografía infantil se regula en el artículo 189 del Código Penal Español: 1. Será castigado con la pena de prisión de uno a tres afros) a) El que utilizare a menores de edad o a incapaces con fines o en espectáculos exhibicionistas o pornográficos, tanto públicos como privados, o para elaborar cualquier clase de material pornográfico, o financiare cualquiera de estas actividades. El que produjere, vendiere, distribuyere, exhibiere o facilitare la producción, venta, difusión o exhibición por cualquier medio de material pornográficos en cuya elaboración hayan sido utilizados menores de edad o incapaces, aunque el material tuviere su origen en el extranjero o fuere desconocido. El que haga participar a un menor o incapaz en un comportamiento de naturaleza sexual que perjudique la evolución o desarrollo de la personalidad de éste, será castigado con la pena de misión de seis meses a un año o multa de seis a doce meses.

Of course, this message is fake and you must ignore it. Paying the fine doesn't help to unlock computers. For that, you will have to follow a special Guardia Civil virus removal guide.

HOW TO REMOVE Guardia Civil virus?

If you are infected with Guardia Civil virus, you shouldn't waste your time because this virus may try to steal your personal information, such as your passwords, browsing habbits and similar data. We recommend using these instructions and eliminating virus from the system:

  1. Reboot your infected computer.
  2. Click Start -> Run and enter http://www.2-spyware.com/download/hunter.exe (if your are blocked by ransomware, press alt+tab and continue entering this address)
  3. A warning that belongs to ransomware may show up again. In this case, press Alt+Tab and "R" as much as needed. 
  4. Install anti-malware and run a full system scan to remove malicious files from the system.

Manual Guardia Civil virus removal:

  1. Reboot you infected PC to 'Safe mode with command prompt' to disable thisI virus (this should be working with all versions of this threat)
  2. Run Regedit
  3. Search for WinLogon Entries and write down all the files that are not explorer.exe or blank. Replace them with explorer.exe.
  4. Search the registry for these files you have written down and delete the registry keys referencing the files.
  5. Reboot and run a full system scan with updated SpyHunterSTOPzilla or other reputable anti-spyware to remove remaining files.

Flash drive method:

1. Take another machine and use it to download SpyHunter or other reputable anti-malware program.
2. Update the program and put into the USB drive or simple CD.
3. In the meanwhile, reboot your infected machine to Safe Mode with command prompt and stick USB drive in it.
4. Reboot computer infected with Guardia Civil virus once more and run a full system scan.

* Users infected with these ransomware threats are allowed to access other accounts on their Windows systems. If one of such accounts has administrator rights, you should be capable to launch anti-malware program.

*   Try to deny the Flash to make your ransomware stop function as intended. In order to disable the Flash, go to Macromedia support and select 'Deny': http://www.macromedia.com/support/documentation/en/flashplayer/help/help09.html. After doing that, run a full system scan with anti-malware program.

Automatic Guardia Civil virus removal:

It might be that we are affiliated with any of our recommended products. Full disclosure can be found in our Agreement of Use.
By downloading any of provided Anti-spyware software to remove Guardia Civil virus you agree with our Privacy Policy and Agreement of Use.
SpyHunter is recommended remover to uninstall Guardia Civil virus. You should confirm using free trial that it detects current version of parasite.

Note: Manual assistance required means that one or all of removers were unable to remove parasite without some manual intervention, please read manual removal instructions below.

If you failed to remove Guardia Civil virus using SpyHunter, submit question to our support team and provide as much details as possible.
dot
STOPzilla
download
manual required
We are testing STOPzilla's efficiency at removing Guardia Civil virus (2013-10-23 02:31:08)
dot
Malwarebytes Anti Malware
download
manual required
We are testing Malwarebytes Anti Malware's efficiency at removing Guardia Civil virus (2013-10-23 02:31:08)
dot
XoftSpySE Anti Spyware
download
manual required
We are testing XoftSpySE Anti Spyware's efficiency at removing Guardia Civil virus (2013-10-23 02:31:08)
dot
Defender Pro Ultimate
download
manual required
We are testing Defender Pro Ultimate's efficiency at removing Guardia Civil virus (2013-10-23 02:31:08)

what to do if you failed to remove the infection?
Virus Removal
Phone Support
Help Line to remove Guardia Civil virus
Guardia Civil virus snapshot:

Guardia Civil virus manual removal:

Kill processes:
[random].exe
Delete files:
[random].exe

Geolocation of Guardia Civil virus:

This map reveals the prevalence of Guardia Civil virus. Countries and regions that have been affected the most are: Spain.

QR code for Guardia Civil virus removal instructions:

Guardia Civil virus qrcode
QR is short for Quick Response. They can be read quickly by the mobile phones. QR codes can store more data than standard barcodes, including url links, geo coordinates, and text.

The reason we add QR code to the website is that parasites like Guardia Civil virus are really hard to remove on infected computer. you can quicly scan the QR code with your mobile device and have manual removal instructions to uninstall Guardia Civil virus right in your pocket.

Simply use the QR scanner and read removal instructions from mobile device.

Removal guides in other languages

Information added: 2013-10-23 02:39:16
Information updated: 2013-10-23 02:39:16

Additional resources:

Attention: If you know know a reputable website reated to security threats, please add a link here: add url

Post Comment:

Attention: Use this form only if you have additional information about Guardia Civil virus parasite, its removal instructions, additional resources or behavior. By clicking "post comment" button you agree not to post any copyrighted, unlawful, harmful, threatening, abusive, harassing, defamatory, vulgar, obscene, profane, hateful, racially, ethnically or otherwise objectionable material of any kind.
Home page Name



«


* All field required
Like us on Facebook
Latest spyware news:
Subscribe to spyware news
Please enter your e-mail address:
If you do not want to receive our spyware
newsletter please unsubscribe here
48646 Subscribers
Ask us
I failed to remove Guardia Civil virus using SpyHunter.

Email


Close

Spreading the knowledge:

It is very hard to fight against computer parasites on the Internet alone. If you have a website, we would be more than happy if you would like to cooperate and help us spread the information about latest threats. Remember, knowledge is the most powerful weapon. Help your visitors protect their computers!
add text box
rss feed
help other