FacebookTwitterLinkedIn

Policia Federal Argentina Virus

Also Known As: PFA Ransomware
Type: Ransomware
Damage level: Severe

Tomas Meskauskas Written by on (updated)

What is Policia Federal Argentina?

The Policia Federal Argentina message blocks computer users' desktops, demanding payment of a 200 ARS fine. This is a ransomware virus and should not be trusted - a scam developed by cyber criminals. The main goal of PFA ransomware is to extort money from unsuspecting PC users.

There are several ransomware families targeting computer users from Argentina including Raxm and Urausy (screenshots below). No genuine international authorities collect fines for any law violations by locking PC users' screens - this message is a cleverly-designed scam, which exploits the names of local authorities.

Note that ransomware infections are often localized and capable of changing the user interface according to the location of the computer that they infiltrate.

For example, a ransomware virus infiltrating a PC located in the USA adapts the fake message to deliver it in English as if sent by the FBI Cyber Division or simply, the FBI. PC users from Argentina should realize that messages of this type from the PFA are scams, and that paying any fine is equivalent to sending 200 ARS to cyber criminals.

Policia Federal Argentina Ukash virus Ministerio de seguidad PFA scam

Policia Federal Argentina has no connection with these messages. If you see such a message on your screen, your PC is infected with a ransomware virus. Commonly, this malware infects users' computers by detecting and exploiting security vulnerabilities via Trojans and drive-by downloads.

To protect systems from these malicious messages, use legitimate antivirus and anti-spyware software and ensure that you download software updates and video codecs from legitimate sources only. Do not use Ukash or PaySafeCard to pay this fake fine - use the removal guide provided to eliminate this scam from your computer.

Ukash (Smart Voucher Limited) is a legitimate company and not related to ransomware viruses - cyber criminals use this service to extort money from unsuspecting PC users.

A fake message displayed by the Policia Federal Argentina Ukash virus:

Policia Federal Argentina

¡ATENCIÓN! Su OP (ordenador) está bloqueado debido a al menos una de las razones especificadas siguientes. Usted ha violado derecho de autor y los derechos conexos (vídeo, música, software) y ha utilizado de una manera ilegal con la distribución de contenido los derechos de autor, infringiendo asi el artículo 128 del Criminal Codo de la República de Argentina.
El articulo 128 del Criminal Code prevé una multa 200 a 500 de los salarios mínimos o la privación de la libertad de 208  años.
Usted ha visto o distribuido el contenido prohibido pornográfico (pomo infantil/Zoofilia y etc), violando asi el articulo 202 del Criminal Codo de la República de Argentina. El articulo 202 del Criminal Codo prevé la privación de la libertad de 4 a 12 años.
El acceso ilegal al contenido prohibido se ha iniciado desde su OP (ordenador), o usted habla sido...
El artículo 208 del Criminal Codo prevé una multa hasta ARS 5300,000 (Peso) y/o la privación de la libertad de 4 a 9 años.
El acceso ilegal se ha iniciado desde su OP (ordenador) sin su conocimiento o consentimiento, su OP puede ser infectado por malware, por eso usted está violando la ley sobre el «Uso negligente de un OP (ordenador) personal>. El artículo 210 del Criminal Codo prevé una multa de ARS 56,000 (Peso) a ARS 524,000 (Peso).
La distribución de spam o una otra publicidad ilicita se ha efectuado desde su OP (ordenador) como una actividad con fines de lucro o sin su conocimiento, su OP (ordenador) puede ser infectado por malware.
El articulo 212 del Criminal Code prevé una multa hasta ARS 5750,000 (Peso) y una privación de la libertad hasta 6 años. En caso de que esta actividad se ha realizado sin su conocimiento, usted se cae en el mencionado artículo 210 del Criminal Codo de la República de Argentina.
Su personalidad y la dirección están siendo identificadas, un caso criminal va a ser lanzado en su contra en conformidad con uno o varios artículos mencionados dentro de las próximas 72 horas.
En conformidad con la enmienda al Criminal Code de la República de Argentina del 04 de Febrero 2013, esta infracción de la ley (si no se repite - la primera vez) puede ser considerada como condicional en caso de que usted paga la multa al Estado.
Las multas deben solamente ser pagadas durante 72 horas después de la infracción. Tan pronto como 72 horas transcurren, su posibilidad de pagar la multa será expirada, asi, un proceso penal será automáticamente iniciado en su contra durante las próximas 72 horas! El importe de ta multa es de ARS $200 (Peso) o USD $50 (US Dólar). Usted puede pagar- esta multa por PaySafeCard o Ukash.
Cuando usted paga la multa, su OP (ordenador) será debloqueado durante de 1 a 72 horas después de que el dinero arriba en la cuenta del Estado.

Instant automatic malware removal: Manual threat removal might be a lengthy and complicated process that requires advanced IT skills. Combo Cleaner is a professional automatic malware removal tool that is recommended to get rid of malware. Download it by clicking the button below:
 ▼ DOWNLOAD Combo Cleaner By downloading any software listed on this website you agree to our Privacy Policy and Terms of Use. To use full-featured product, you have to purchase a license for Combo Cleaner. 7 days free trial available. Combo Cleaner is owned and operated by Rcs Lt, the parent company of PCRisk.com read more.

Quick menu:

Policia Federal Argentina Ukash virus removal:

Step 1

Start your computer in Safe Mode. Click Start, click Shut Down, click Restart, click OK. During your computer starting process press the F8 key on your keyboard multiple times until you see the Windows Advanced Option menu, then select Safe Mode with Networking from the list.

Safe Mode with Networking

Video showing how to start Windows 7 in "Safe Mode with Networking":

Step 2

Log in to the account infected with Policia Federal Argentina Ukash virus. Start your Internet browser and download a legitimate anti-spyware program. Update the anti-spyware software and start a full system scan. Remove all entries detected.


If you cannot start your computer in Safe Mode with Networking, try performing a system restore.

Video showing how to remove ransomware virus using "Safe Mode with Command Prompt" and "System Restore":

1. During your computer starting process, press the F8 key on your keyboard multiple times until the Windows Advanced Options menu appears, and then select Safe Mode with Command Prompt from the list and press ENTER.

Boot your computer in Safe Mode with Command Prompt

2. When Command Prompt Mode loads, enter the following line: cd restore and press ENTER.

system restore using command prompt type cd restore

3. Next, type this line: rstrui.exe and press ENTER.

system restore using command prompt rstrui.exe

4. In the opened window click "Next".

restore system files and settings

5. Select one of the available restore points and click "Next" (this will restore your computer system to an earlier time and date, prior to the ransomware infiltrating your PC).

select a restore point

6. In the opened window click "Yes".

run system restore

7. After restoring your computer to a previous date, download and scan your PC with recommended malware removal software to eliminate any remnants of Policia Federal Argentina Ukash virus.

Other tools known to remove the Policia Federal Argentina Ukash virus:

▼ Show Discussion

About the author:

Tomas Meskauskas

Tomas Meskauskas - expert security researcher, professional malware analyst.

I am passionate about computer security and technology. I have an experience of over 10 years working in various companies related to computer technical issue solving and Internet security. I have been working as an author and editor for pcrisk.com since 2010. Follow me on Twitter and LinkedIn to stay informed about the latest online security threats. Contact Tomas Meskauskas.

PCrisk security portal is brought by a company RCS LT. Joined forces of security researchers help educate computer users about the latest online security threats. More information about the company RCS LT.

Our malware removal guides are free. However, if you want to support us you can send us a donation.

About PCrisk

PCrisk is a cyber security portal, informing Internet users about the latest digital threats. Our content is provided by security experts and professional malware researchers. Read more about us.

How to prevent against infection
New Removal Guides
Malware activity

Global malware activity level today:

Medium threat activity

Increased attack rate of infections detected within the last 24 hours.

Top Removal Guides
QR Code
PFA Ransomware QR code
Scan this QR code to have an easy access removal guide of PFA Ransomware on your mobile device.
We Recommend:

Get rid of Windows malware infections today:

▼ REMOVE IT NOW
Download Combo Cleaner

Platform: Windows

Editors' Rating for Combo Cleaner:
Editors ratingOutstanding!

[Back to Top]

To use full-featured product, you have to purchase a license for Combo Cleaner. 7 days free trial available. Combo Cleaner is owned and operated by Rcs Lt, the parent company of PCRisk.com read more.