Remove Guardia Civil virus
Removal instructions

Severity scale:  
Guardia Civil virus is also known as Ukash virus, Police virus | Type: Ransomware | Tags: Ukash

Guardia Civil virus is a seriously dangerous ransomware, which is designed for tricking PC users who live in Spain. It can be defined by its fake warning message, which starts with words 'Su ordenador ha sido bloqueada debido a la sospecha de descarga y distribución de contenido ilegal', that mean 'Your computer has been locked for downloading and distributing illegal content'. Of course, this message is fake and it is used for the only aim – hackers expect that it will help them to collect 100 euro from each of the victims. That's why we highly recommend ignoring all huge messages that may appear on your computer's desktop out of nowhere. No matter that they may look like they belong to some govenrmental authority, in reality such warnings belong to hackers. For unlocking your computer, you have to remove Guardia Civil virus from the system.

HOW CAN I GET INFECTED WITH Guardia Civil virus?

Guardia Civil virus is usually spread by trojan horse, which infiltrates computers without any sign. You can prevent its infiltration by following safe browsing practices what means you have to avoid illegal websites, stop using copyrighted content and also ignore all emails that were sent to you by unknown sources. This trojan takes a really important part in the distribution of Guardia Civil virus. It not only downloads its files onto the system but also blocks computer in order to prevent the removal of this ransomware. As soon as this procedure is finished, Guardia Civil virus shows its fake alert:

Guardia Civil
Su ordenador ha sido bloqueada debido a la sospecha de descarga y distribución de contenido ilegal. 
El contenido ilegal mencionado (610 Mb de archivos de vídeo) ha sido clasificado automáticamente como pornografía infantil. 
Dichas acciones violan total o parcialmente las siguiente leyes españolas: Libro II; Título VIII; Capítulo VII La pornografía infantil se regula en el artículo 189 del Código Penal Español: 1. Será castigado con la pena de prisión de uno a tres afros) a) El que utilizare a menores de edad o a incapaces con fines o en espectáculos exhibicionistas o pornográficos, tanto públicos como privados, o para elaborar cualquier clase de material pornográfico, o financiare cualquiera de estas actividades. El que produjere, vendiere, distribuyere, exhibiere o facilitare la producción, venta, difusión o exhibición por cualquier medio de material pornográficos en cuya elaboración hayan sido utilizados menores de edad o incapaces, aunque el material tuviere su origen en el extranjero o fuere desconocido. El que haga participar a un menor o incapaz en un comportamiento de naturaleza sexual que perjudique la evolución o desarrollo de la personalidad de éste, será castigado con la pena de misión de seis meses a un año o multa de seis a doce meses.

Of course, this message is fake and you must ignore it. Paying the fine doesn't help to unlock computers. For that, you will have to follow a special Guardia Civil virus removal guide.

HOW TO REMOVE Guardia Civil virus?

If you are infected with Guardia Civil virus, you shouldn't waste your time because this virus may try to steal your personal information, such as your passwords, browsing habbits and similar data. We recommend using these instructions and eliminating virus from the system:

  1. Reboot your infected computer.
  2. Click Start -> Run and enter (if your are blocked by ransomware, press alt+tab and continue entering this address)
  3. A warning that belongs to ransomware may show up again. In this case, press Alt+Tab and "R" as much as needed. 
  4. Install anti-malware and run a full system scan to remove malicious files from the system.

Manual Guardia Civil virus removal:

  1. Reboot you infected PC to 'Safe mode with command prompt' to disable thisI virus (this should be working with all versions of this threat)
  2. Run Regedit
  3. Search for WinLogon Entries and write down all the files that are not explorer.exe or blank. Replace them with explorer.exe.
  4. Search the registry for these files you have written down and delete the registry keys referencing the files.
  5. Reboot and run a full system scan with updated SpyHunterSTOPzilla or other reputable anti-spyware to remove remaining files.

Flash drive method:

1. Take another machine and use it to download SpyHunter or other reputable anti-malware program.
2. Update the program and put into the USB drive or simple CD.
3. In the meanwhile, reboot your infected machine to Safe Mode with command prompt and stick USB drive in it.
4. Reboot computer infected with Guardia Civil virus once more and run a full system scan.

* Users infected with these ransomware threats are allowed to access other accounts on their Windows systems. If one of such accounts has administrator rights, you should be capable to launch anti-malware program.

*   Try to deny the Flash to make your ransomware stop function as intended. In order to disable the Flash, go to Macromedia support and select 'Deny': After doing that, run a full system scan with anti-malware program.

Automatic Guardia Civil virus removal:

It might be that we are affiliated with any of our recommended products. Full disclosure can be found in our Agreement of Use.
By downloading any of provided Anti-spyware software to remove Guardia Civil virus you agree with our Privacy Policy and Agreement of Use.
remover for Guardia Civil virus
Compatible with OS X
Webroot SecureAnywhere AntiVirus is recommended remover to uninstall Guardia Civil virus. You should confirm using free trial that it detects current version of parasite.
Not using OS X? Download a remover for Windows.
Do it now!
remover for Guardia Civil virus Happiness
Compatible with Microsoft
SpyHunter is recommended remover to uninstall Guardia Civil virus. You should confirm using free trial that it detects current version of parasite.
more than 40.000.000 downloads!
What to do if you failed to remove the infection?
If you failed to remove Guardia Civil virus using Webroot SecureAnywhere AntiVirus SpyHunter, read here how to submit a support ticket or submit a question to our support team and provide as much details as possible.

Alternate Software

We are testing STOPzilla's efficiency at removing Guardia Civil virus (2013-10-23 02:31:08)
Malwarebytes Anti Malware
We are testing Malwarebytes Anti Malware's efficiency at removing Guardia Civil virus (2013-10-23 02:31:08)
XoftSpySE Anti Spyware
We are testing XoftSpySE Anti Spyware's efficiency at removing Guardia Civil virus (2013-10-23 02:31:08)
Defender Pro Ultimate
We are testing Defender Pro Ultimate's efficiency at removing Guardia Civil virus (2013-10-23 02:31:08)
Virus Removal Phone Support
Help Line to remove Guardia Civil virus

Guardia Civil virus manual removal

Kill processes:
Delete files:

Geolocation of Guardia Civil virus

Map reveals the prevalence of Guardia Civil virus. Countries and regions that have been affected the most are: Spain.

Removal guides in other languages

Information added: 10/23/13 02:39; information updated: 10/23/13 02:39

Additional resources

Attention: If you know know a reputable website reated to security threats, please add a link here: add url

Post a comment

Attention: Use this form only if you have additional information about Guardia Civil virus parasite, its removal instructions, additional resources or behavior. By clicking "post comment" button you agree not to post any copyrighted, unlawful, harmful, threatening, abusive, harassing, defamatory, vulgar, obscene, profane, hateful, racially, ethnically or otherwise objectionable material of any kind.

Home page Name


(All fields are required)
Like us on Facebook
Recent Malware
Read on mobile
Press Mentions
I failed to remove Guardia Civil virus using SpyHunter.


add text box
rss feed
help other
Spreading the knowledge: It is very hard to fight against computer parasites on the Internet alone. If you have a website, we would be more than happy if you would like to cooperate and help us spread the information about latest threats. Remember, knowledge is the most powerful weapon. Help your visitors protect their computers!