Secretaría de Seguridad Pública virus is one more ransomware program that misuses a name of police in order to convince computer users they have violated the law and get money from them. Basically, it accuses a victim with using and distributing of copyrighted or pornographic content. The program attacks computers located in Mexico and asks to pay 2000 Mexican Pesos for these violations. Here is how the message looks like:
Secretaría de Seguridad Pública (SSP)
Procuraduría General de la República (PGR)
Agencia Federal de Investigación (AFI)
ATENCIÓN! Su ordenador personal ha sido bloqueado por razones de seguridad vistos los motivos abajo detallados.
Usted está acusado de mirarloonservar y/o divulgar los materiales pornográficas del contenido prohibido (Pornografia infantiUloofilia/Violación etc.). Usted ha infringido la Oedaración mundial
de la lucha contra la divulgación de la pornografia infantil y está acusado de cometer el crimen en razón al Artíailo 161 del Código Penal del Estados Unidos Mexicanos.
El articulo 161 del Código Penal del Estados Unidos Mexicanos prevé a titulo de punición la encarcelación por el plazo desde 5 hasta 11 años.
Además, usted es sospechoso de la violación de la ‘Ley de los derechos de autor y adyacentes’ (descarga de música pirata, video, soporte logico sin licencia) y uso y/o divulgación
del contenido defendido por el derecho de autor. con eso usted es sospechoso de la infracción del Articulo 148 del Código Penal del Estados Unidos Mexicanos.
El artículo 148 del Código Penal del Estados Unidos Mexicanos prevé a titulo de punición una multa por la cantidad desde 150 hasta 550 valores básicos o encaroelación por el plazo desde 3 hasta 7
años.
Do not trust this warning as you will pay to the cyber criminals and not to the actual police. No official institutions would ever collect the fines this way. Secretaría de Seguridad Pública virus message should not be taken for the official warning under any circumstances. As you see the program asks you to make a payment using Ukash or Paysafecard payment systems. These systems require prepaid cards in order to make transactions. Police would never use such methods.
We highly recommend removing Secretaría de Seguridad Pública virus from your system as soon as you detect it on your computer. As the program completely blocks infected computer and does not allow running any of the programs and not even task Manager, the removal can be quite complicated. Below we provide several methods how to get rid of Secretaría de Seguridad Pública virus. Choose the one that suits your situations.
If your computer has more than one user account and not all of them are locked, scan whole PC with anti-malware programs, e.g. Malwarebytes or spyhunter, by logging to the account that is not blocked. Another option is to use system restore. If none of these methods worked for you, do the following:
- Restart your computer;
- Press F8 while it is still restarting;
- Choose between safe modes in following order: Safe mode, Safe mode with command prompt
Then follow the guides below:
If your computer runs in Safe mode or Safe mode with networking
- Launch MSConfig.
- Disable startup items rundll32 turning on any application from Application Data;. Note, that these are typical locations for Secretaría de Seguridad Pública virus but some others might be used.
- Restart the system once again.
- Scan with https://www.2-viruses.com/downloads/spyhunter-i.exe to identify Secretaría de Seguridad Pública virus files and delete it.
Here is a video showing how to complete the steps:
If your computer runs in Safe mode with command prompt
- Run Regedit.
- Search for WinLogon Entries. Write down all files it references that are not explorer.exe or blank. Replace them with explorer.exe
- Search registry for Secretaría de Seguridad Pública virus files and delete the registry keys referencing the files
- Try to reboot and scan with Malwarebytes or Spyhunter.
- If this fails, try doing system restore from safe mode with command prompt (rstrui.exe)
If none of safe modes could be launched
Some versions of Secretaría de Seguridad Pública virus disable all safe modes, but give a short gap that you can use to run anti-malware programs:
- Reboot normally.
- Start->Run.
- Enter: http://2-viruses.com/downloads/spyhunter-i.exe . If malware is loaded, just press alt+tab once and keep entering the string blindly. Press Enter.
- Press Alt+tab and then R couple times. Secretaría de Seguridad Pública virus process should be killed.
Here is a video detailing this approach:
Hitman Pro USB disk
If you did not succeed using any of the methods above, try scanning PC with a bootable USB or DVD disk. These should be able to remove all versions of Secretaría de Seguridad Pública virus, but will not work if your hard drive is encrypted.
For that, we recommend using Hitman Pro Kickstarter USB.
- Download Hitman Pro on uninfected PC.
- Run Hitman and ask to create Kickstarter USB (option on initial screen)
- When USB ready, reboot infected PC with USB attached and press DEL
- Choose USB as primary boot device.
- Boot normally.
- Run Hitman Pro and https://www.2-viruses.com/downloads/spyhunter-i.exe . One of these programs should detect and remove malware from your PC.
Automatic Malware removal tools
(Win)
Note: Spyhunter trial provides detection of parasites and assists in their removal for free. limited trial available, Terms of use, Privacy Policy, Uninstall Instructions,
(Mac)
Note: Combo Cleaner trial provides detection of parasites and assists in their removal for free. limited trial available, Terms of use, Privacy Policy, Uninstall Instructions, Refund Policy ,
I was success controlling the block issue by deleting the following two files Start sequence. No issues after 3 days:
– 81jwwlfv
– rodod928