Agencia Federal de Investigación virus (can also be called as Secretaría de Seguridad Pública virus) is a dangerous cyber infection, which tries to make its victims believe that they have a deal with the Mexican governmental organization. Once this virus infiltrates PC, it locks it down and shows an alert that asks to pay the fine of MXN $2000. Besides, it reports about various crimes that have been supposedly violated by the user. While this warning may seem legitimate and trustworthy, it is nothing else but a misleading way used to swindle the money from cyber criminals. It has been used for almost two years, so you should know what you have to do when such threat infiltrates you computer. If you are blocked by Agencia Federal de Investigación virus, ignore its alert and remove malicious files that belong to this ransomware.
HOW CAN I GET INFECTED WITH Agencia Federal de Investigación virus?
Agencia Federal de Investigación virus is distributed by trojan horse, which blocks down PC as soon as it infiltrates it. In addition, it modifies the system for making Agencia Federal de Investigación virus become active every time PC is rebooted. So, all victims of this ransomware find themselves blocked and made to look at the fake notification, which claims:
Su ordenador personal ha sido bloqueado por razones de seguridad vistos los motivos abajo detallados.
Usted está acusado de mirarloonservar y/o divulgar los materiales pornográficas del contenido prohibido (Pornografia infantiUloofilia/Violación etc.). Usted ha infringido la Oedaración mundialde la lucha contra la divulgación de la pornografia infantil y está acusado de cometer el crimen en razón al Artíailo 161 del Código Penal del Estados Unidos Mexicanos.
El monto de su multa es de MXN 52000 Pesos Mexicanos.La multa puede ser pagada con Ukash o PaySafeCard vouchers.
Please, ignore all these statements that you have been associated to child pornography, distribution of copyrighted content and similar activities. We highly recommend removing Agencia Federal de Investigación virus ASAP.
HOW TO REMOVE Agencia Federal de Investigación virus?
If your PC is blocked by Agencia Federal de Investigación virus, you should follow these steps and unblock it:
* Flash drive method:
1. Take another machine and use it to download Reimage other reputable anti-malware program, such as Malwarebytes MalwarebytesCombo Cleaner or Plumbytes Anti-MalwareMalwarebytes Malwarebytes.
2. Update the program and put into the USB drive or simple CD.
3. In the meanwhile, reboot your infected machine to Safe Mode with command prompt and stick USB drive in it.
4. Reboot computer infected with Agencia Federal de Investigación virus once more and run a full system scan.
* Users infected with Agencia Federal de Investigación virus are allowed to access other accounts on their Windows systems. If one of such accounts has administrator rights, you should be capable to launch anti-malware program.
* Try to deny the Flash to make your ransomware stop function as intended. In order to disable the Flash, go to Macromedia support and select 'Deny': http://www.macromedia.com/support/documentation/en/flashplayer/help/help09.html. After doing that, run a full system scan with anti-malware program.
* Manual Agencia Federal de Investigación virus removal:
- Reboot you infected PC to 'Safe mode with command prompt' to disable Ukash virus (this should be working with all versions of this threat)
- Run Regedit
- Search for WinLogon Entries and write down all the files that are not explorer.exe or blank. Replace them with explorer.exe.
- Search the registry for these files you have written down and delete the registry keys referencing the files.
- Reboot and run a full system scan with updated Reimage to remove remaining virus files. You can also try scanning the system with Malwarebytes MalwarebytesCombo Cleaner or Plumbytes Anti-MalwareMalwarebytes Malwarebytes