Hello, my new laptop just gets locked by CIA Special Agent 767 saying ‘files on this computer (documents, photos, videos) have been encypter using an extremely secure and unbreakable algorithm. This means that the files are now useless unless they are decrypted using a key ’. And it ask me $100 USD to purchase a license or key to decrypt my files, in 5 days, the price will be up to $250 even $500. What can I do? I have no money. And what is this CIA thing? Is it real warning from CIA?

Brief Introduction of CIA Special Agent 767 Virus

CIA Special Agent 767 virus is actually a kind of ransomware to scam people out of money. In reality, this ransomware is also a kind of aggressive and harmful Trojan horse to attack and block Windows computer. cyber criminals specifically design this virus and bundle it with different free software installing package or add it into hacked websites to spread online worldwide to target Windows PC to collect more illegal money from victims. Cyber criminals use US CIA badge or logo to trick people into thinking this warning notification is from real CIA Agency. So this virus looks more genuine and many victims will soon rush to pay that $100 USD. However, those entire warning alert is caused by scareware, ransomware or spyware platform to scare people. What victims should do is to remove the Trojan horse together with scareware, malware or spyware completely to unlock your PC screen. CIA Special Agent 767 virus has a strong ability to encrypt your files on computer and if you can’t delete this virus soon, many damages will be done in system.

CIA Special Agent 767 virus will not only lock PC screen to block your access your computer but also keep creating damages to system. It attack Windows Firewall and exploit more vulnerabilities to make system security worse. Programs will be disables, pictures, documents, videos, music or files will be severely corrupted  by this CIA Special Agent 767 virus and can’t open or read even though you have purchase the bitcoin to decrypt. Other malware, Trojan horse, worm, rogue program or spyware will be brought into system without your permission as the security state of system is becoming more and more vulnerable. Eventually our antivirus program will not work normally. Registry will generate different strange entries, vicious files. Start-up items are added with this virus’s executable files, and then once you boot up your computer, this virus locker screen will soon show up to block you to do anything on computer. CIA Special Agent 767 virus clutters system and give wrong command order to instruct system running, so error codes happen frequently. Browser settings are modified, browser redirect occurs often and crazy popups keep showing on every corner of page you visit. Anyway, you should figure out an effective way to completely remove this virus as soon as possible to save your files and your PC.

Some Traits about CIA Special Agent 767 Virus

-Can slow down the performance of the computer, or even blue screen.

-Can create many junk files which occupy a lot of space in hard drive.

-Can download other malicious programs into computer, which make further damage.

-Can redirect you to pages you don’t want all the time no matter what you are doing.

-Take a long time to turn on or shut down your computer

-Your sensitive information can be stolen by hacker who can access to your computer with the help of this Trojan.

-May pretend as an anti-virus program and cheat you that computer is in dangerous, and ask you to pay to remove the threats.

Warm prompt: It’s complicated for people who are not computer savvy or not familiar with the virus to remove the CIA Special Agent 767 Virus. You can contact YooCare/YooSecurity PC professional online service for help:

Screenshot of CIA Special Agent 767 Virus Locker Screen


Removal Guide for PCs with Windows OS

There is a removal guide of Trojan provided here; however, expertise is required during the process of removal, please make sure you are capable to do it by yourself.

>>>>>> Press Ctrl+Shift+Esc keys simultaneously to get the Task Manager to stop the active processes of CIA Special Agent 767 Virus. To do this, you will need to click the “Processes” tag at the top then find out suspicious processes and right click on them and select “End Process”.

Task manager


>>>>>> Click “Start” menu at the lower left corner and type “regedit” in the search programs and files box and press Enter key. Then you will open the “Registry Editor”.

start menu


>>>>>> You will need to find out the suspicious registry files related to this CIA Special Agent 767 Virus in the Registry Editor, They are usually located in: HKEY_LOCAL_MACHINE > SOFTWARE. You need to distinguish them from their “Name” and “Data” at the right column. All of them will be randomly distributed. If you are not good at this, ask for an expert for help.

registry editor

>>>>>> After you find out the suspicious registry files, you need to find out where the .exe files of the Trojan Virus locates. Usually, they will be in the operating system drive. To open it, you will need to click Start menu > Computer & My computer. Generally speaking, the Operating System drive is Local Disk (C:).

Hard diskdrives

>>>>>> Basically speaking, all the related files of CIA Special Agent 767 Virus will be located in Windows > System32. Find out all the files of the Trojan virus and delete them. Make sure that all the files you deleted are viruses, but not the files of the operating system. Any mistakes will cause data loss even system crash.

System 32

Video of Key Steps on How to Modify or Change Windows Registry:


If you see CIA Special Agent 767 locker screen blocking your PC, you should notice that there is some aggressive and harmful Trojan virus, malware and ransomware getting on your PC system. What you should do urgently is to clean out this virus quickly. As this CIA Special Agent 767 virus corrupts and encrypts files, documents, videos, and music even disables system important program. Even though you can decrypt your files on infected computer, files may be seriously damaged by this virus and can’t be recovered eventually. Web browser is spied on by some Trojan horse and your personal info like credit card details, login password, banking account number and password or email will be collected by scam virus and transferred to remote cyber hackers.  Cyber hackers even can control your PC via some kind of dangerous Trojan and get what they want from your PC. So some important data kept in disk would be at a high risk of being leaked out or used illegally in public. This virus is a very big threat to computer security and personal information safety.

Warm prompt: If you are not computer savvy or not familiar with the virus to remove this Trojan Virus. You can contact YooCare/YooSecurity PC professional online service for help:

Published by Tony Shepherd & last updated on December 19, 2016 4:38 am

Leave a Reply