VilmaTech Articles Step by Step Guides to Help You Keep Your Devices in Good Shapes > VilmaTech Blog

Remove Australian Federal Police Virus Effectively

What a weird sense could be if receive a warning information to tell you that “Your PC is Blocked”. Does this strange message ring any bells for you? Yes, that is the exact fake message delivered by the recently appeared Australian Federal Police virus. The idiomatic trick of this shameless ransomware is pretending to be coming from the federal police so that to increase its own authority and reliability which can be persuasive and mandatory for the vast number of the Internet users. Being all dressed up with the official police logo and the national flag design, the cunning Australian Federal Police virus forcibly locked the user’s computer screen, accusing them of breaking the “Copyright and Relayed Rights Law” in a formal tone, and requesting for a 100 dollar fine within 72 hours, otherwise, will be seriously punished by law.

It is definitely an insult for being stained with illegally using or distributing copyrighted content. But for the majority of Internet users, they are not only angry about it but also afraid of being associated with the law and causing trouble. Under this contradictory psychological struggle, many users will finally choose to faithfully obey Australian Federal Police’s order and pay the money with UKash on time, which is helpless because the nightmare is not over yet. Even after the fine was already been paid, the computer screen is still locked out of the system and all the applications. Only God knows what’s this all about.

Actually, the Australian Federal Police warning is a genuine scam from the beginning to end. The result is all the same whether user pay the fine or not. Once the Australian Federal Police virus infected to the targeted system, it will have the ability to access the computer with no limit at all. Under this circumstance, hackers will make a good use of the chance to break into the vulnerable system to steal or destroy user’s confidential data. No matter how many ways user have tried, there is still no way to get rid of the locked-up. Meanwhile, the fake message makes users so scared, so they paid the money with the UKash scam , which will be all owned by cyber criminals. Therefore, the only way to save yourself from this tragic mess is to Remove Australian Federal Police virus from now on.
live chat

Firstly, do the removal of Australian Federal Police virus under a Safe Mode with Networking.

In most cases, whenever having computer problems, using the Safe Mode with Networking to repair the system is a good choice. Compared with the ordinary Safe Mode, it has the extra function to connect the network safely. Have to know it is important and necessary while fixing the computer system. Without the Safe Mode with Networking, malicious programs may secretly invade into the compromised system easily during the process of repair.

*Windows XP/7

1.Restart the computer and keep pressing the F8 key before Windows is loaded.

2.Use the down key to select Safe Mode with Networking in the Windows Advanced Option.

*Windows 8

Start your computer then open the Run, type the “msconfig” in the research box then press OK to continue.
1.In the showing window, select the Boot tab, and locate on the one item, then check the Network option and finish the configuration, then press OK.
2.Reboot your computer, then it will automatically enter the Safe Mode with Networking.

Secondly, disable all the processes associated with the Australian Federal Police virus.

1. Open the Task Manager.

*By Ctrl+Alt+Del / Ctrl+Shift+Esc keys

Most of the users prefer to use the Ctrl+Alt+Del keys or Ctrl+Shift+Esc keys on the keyboard to open the Task Manager, it is very simple and it is easy to implement.

*By taskmgr command

Some users are familiar with the computer, so they prefer to use a professional way to open the Task Manager. Since Run command can open programs quickly, so we can use it to open the Task Manager as well.
Instructions: click the Start button then the All program folder, Click on the Run command under the Accessories folder then type “taskmgr” in the search box then press Enter.

2. Find and select all the related processes of Australian Federal Police virus, then delete them one by one.

Thirdly, show Australian Federal Police virus related hidden files and delete them.

In order to confuse user, Australian Federal Police virus got its important files hidden somewhere in the system, so that it can’t be found easily and gets more time to destroy the system. So it is necessary to show those malicious files of Australian Federal Police virus first.

Windows XP/7

1.Click on the Start button to open the Control Panel.
2.Find and click on the Appearance and Themes(Appearance and Personalization in Windows 7) link.
3.Double-click on Folder option and go to the View tab.
4.Check “Show hidden files, folders and drives” option and uncheck the “Hide protected operating system files(Recommended)”.

5.Click OK to save the changes.

Windows 8

1.In the Start screen, select the Windows Explorer app.

2.In the showing window, click on the View tab.
3.Put a check mark in the two check boxes of File name extensions and Hidden items.

4.Close the current window to apply the changes.

Then, all the hidden files of the Australian Federal Police virus will shows up in the system, you can search for the following directories and delete them immediately.
%Appdata%/random letters

Fourthly, Delete malicious registry entries of Australian Federal Police virus.

System registry controls all the important activities of the whole operating system, it is a complex combination of system files. Considering its impact on the computer, it is highly recommended to backup the entire registry before any modification. For manual operation of the registry files is quite dangerous, the system could easily be collapse if accidentally modify or delete some specific data, that would cause you bad influence and loss. In this case, you can use the registry backup to recover all the keys and values.

Back up the entire registry step by step.

1.Click Start and launch the Run command, type “regedit” in it and hit the Enter key.
* for Windows 8, Press Q key to open Windows Charms Bar, then type “regedit” in the Apps search Bar.

2.On the left side of the Registry Editor, highlight the My Computer, then go to the menu bar, select the File then choose Export.

3.Pick a new location for saving the registry backup.
4.Enter a name for the backup in the File name text file.
5.Click the Save button to finish it.

Having a backup of the registry as insurance, you can follow the below instructions and begin to delete all the registry entries of Australian Federal Police virus now.

Windows XP/7

1.Click Start then the Run, then type “regedit” in the search box and click OK.

*FTI: for Windows 7 cam also type “regedit” in the search box.

2.Find and delete the exact registry entries of Australian Federal Police virus.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AAWTray.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AAWTray.exe\Debugger
3.Restart the computer.

Windows 8

1. Find the Search option.

*For Windows 8 desktop

1.point the cursor at the lower right corner of the screen.
2.Then click the “Search” option as soon as it pops up on the left-side of the screen.

*For the Metro UI Start Screen

1. point the cursor at the lower left corner of the screen and click the right mouse button. Now select the “Search” option on the context menu.
2. When you perform either of the above actions, Windows 8 will load the “Apps” screen. Type “regedit” into the search bar located on the right side of the “Apps” screen.
3. Click the “regedit” search result on the left side of the “Apps” screen. If you see a UAC dialog box, click “Yes” to open the Windows 8 Registry Editor.

Restore the system and back to the original state before Australian Federal Police virus appearing.

To restore the system can bring the system back in its original state with neither reinstalling the operating system nor destroying data. It is one of the effective way to restore the registry, local configuration files, Windows management tools database, etc. which is also an effective way to remove Australian Federal Police virus.
1.Restart the computer and press the F8 key to enter the Windows Advenced Options menu.
2. Use the keyboard to select the Safe Mode with Command Prompt, then press Enter.
3. Right click on My Computer, click on All Programs, in the Accessories.category, find the System Restore.
*Uncheck the select the option “Turn off system restore on all drives”.
*Click OK to save the changes.
4. In the System Restore, select “Create a restore point” option.
*Find a restore point named “Before installing the software” in the computer.
*Follow the wizard till it finished.
5. Select “Restore My Computer to an earlier time”, then open up a “Select a restore point” box, choose a date as the restore point and confirm it.
6. Then it will automatically restore your computer system. When it finished, you will get a noticed message.

Having suffered a great deal from Australian Federal Police virus, users should know that a fall into a pit, a gain in your wit. All because of the authoritative appearance of the Australian Federal Police virus, users will be messed up and falling for the cunning trap, naturally. So if be encountered with a similar situation like a Australian Federal Police warning the next time, please be calm for a minute and do not take any move before figuring out what was going on. You’d better search for it online, finding out whether it is true or not. You can also make a phone call to contact with the local police agency to clear it out. Just Remember, do not obey any order from unknown agency, especially when it comes to money, which could be a scam nine times out of ten.
Of course, we should behave ourselves and never use or spread any copyrighted content, and never watch any material involving with pornographic and violence, because it is not only immoral but also illegal, we should resolutely resist it.

The deformations of the ransomware are various. Unfortunately, most of the users don’t have a clue about Australian Federal Police virus, until they see the media reporting about it which it’s already too late to save the loss. This kind of crime comes with high risks, but it does not mean that its aggressivity will get lower. On the contrary, it might become more sophisticated and improve itself in a very short period of time. What’s worse, many user choose to keep silent about it and give up on resistance, especially when they were forced to pay the fake fine, which is more contributed to the nasty virus’s power and prestige.

Just like the most security threats, although Australian Federal Police virus can also implement the infection through some traditional channel, such as E-mail attachments, but the most of the attacks are from the browser. In order to prevent infection by the virus effectively, we should never download any software form unknown sources, and build a habit to use the anti-virus software to scan the whole system as many times as possible. And for those executable files should definitely be checked before running in the the computer. We should back up the important data regularly in case being destroyed by evil hackers. Meanwhile, pay attention to the computer’s anomalies, such as slowdowns, strange notice appearing, memory reducing,etc. In a word, everything you do is to minimize the harm as possible as it can.
live chat

Read more

Published on October 17, 2013

Latest Posts