Ukash virus  

Ukash virus. How to remove? (Uninstall guide)

by ,   Also known as Police virus | Type: Ransomware

Ukash Virus is a dangerous group of ransomwares that must be ignored no matter how convincing they seem to be. Typically, this virus displays a huge alert looking like it was sent by an official institution, such as local police unit or association. This alert creates an image that specific institution, located in your country, is informed that you have been illegally watching copyrighted content, spread malware and did other stuff which is  named as 'illegal activity'. Besides, just like Police virus or FBI virus, it totally locks the system down so that you are not capable to connect to your browser and get on your desktop. As you can see, Ukash virus is a serious cyber threat that can't be eliminated without any help of an expert.


All ransomwares that belong to Ukash virus family are spread with a help of trojans that may come either with infected downloads or through spam emails and their attachments. Of course, user has no idea about Ukash virus and discovers it only when this virus locks his computer down. In addition, victim is welcomed by a huge message titled 'Attention! Illegal activity was revealed' and said that there are some serious law violations found. The main reason why scammers have created Ukash virus is the money which is asked from the user as a 'fine'. This fine should be paid through Ukash pre-paid system. However, you must be aware that there is no such official organization which would collect the fines through such system as Ukash. Besides, such institutions NEVER lock computers down and leave users without the Internet connection. 


If you have also be attacked by Ukash virus, follow these steps that will help you eliminate this threat from your computer:

1. Restart your computer to 'Safe Mode with Networking' with a help of F8 button;

2. Launch MSConfig and disable all startup entries rundll32 turning on any application from Application Data;

3. Restart the system once again

4. Scan your computer with SpyHunter or other anti-spyware program to remove infected files from the system.

UPDATE: You can also try the following methods to remove Ukash virus from your computer:

* Users infected with Ukash group of viruses are allowed to access other accounts on their Windows systems. If one of such accounts has administrator rights, you should be capable to launch anti-malware program.

*   Try to deny the Flash to make your ransomware stop function as intended. In order to disable the Flash, go to Macromedia support and select 'Deny': After doing that, run a full system scan with anti-malware program.

* Manual Ukash virus removal (special skills needed!):

  1. Reboot you infected PC to 'Safe mode with command prompt' to disable FBI virus (this should be working with all versions of this threat)
  2. Run Regedit
  3. Search for WinLogon Entries and write down all the files that are not explorer.exe or blank. Replace them with explorer.exe.
  4. Search the registry for these files you have written down and delete the registry keys referencing the files.
  5. Reboot and run a full system scan with updated SpyHunterSTOPzilla or Malwarebytes Anti Malware to remove remaining files.
It might be that we are affiliated with any of our recommended products. Full disclosure can be found in our Agreement of Use.
By downloading any of provided Anti-spyware software you agree with our Privacy Policy and Agreement of Use.
Do it now!
SpyHunter - remover Happiness
Compatible with Microsoft Windows
What to do if failed? If you failed to remove infection using Webroot SecureAnywhere AntiVirus SpyHunter, read here how to submit a support ticket or submit a question to our support team and provide as much details as possible.
SpyHunter is recommended to uninstall Ukash virus. Free scanner allows you to check whether your PC is infected or not. If you need to remove malware, you have to purchase the licensed version of SpyHunter malware removal tool.

More information about this program can be found in SpyHunter review.

If you decided to select another anti-spyware, uninstall SpyHunter from your computer.
more than 40.000.000 downloads!
Webroot SecureAnywhere AntiVirus is recommended remover to uninstall Ukash virus. You should confirm using free trial that it detects current version of parasite.
Not using OS X? Download a remover for Windows.
Alternate Software
We are testing STOPzilla's efficiency (2013-09-24 06:37)
Malwarebytes Anti Malware
We are testing Malwarebytes Anti Malware's efficiency (2013-09-24 06:37)
XoftSpySE Anti Spyware
We are testing XoftSpySE Anti Spyware's efficiency (2013-09-24 06:37)
Defender Pro Ultimate
Ukash virus screenshot
Ukash virus snapshot

Geolocation of Ukash virus

Map reveals the prevalence of Ukash virus. Countries and regions that have been affected the most are: Netherlands, Belgium, Denmark, United Kingdom and Portugal.

Removal guides in other languages

Information updated:

Comments on Ukash virus

How do you remove the virus from a mobile phone?
dave christie
none of the above methods worked for me. safe mode with command prompt is inaccessable because the ransomware screen blocks it out, its b*ggered. my only recouse is a new hard drive.
Sorry, this is a little outdated now - Ukash is preventing me from loading safe mode.

Factory format required!

Post a comment

Attention: Use this form only if you have additional information about a parasite, its removal instructions, additional resources or behavior. By clicking "post comment" button you agree not to post any copyrighted, unlawful, harmful, threatening, abusive, harassing, defamatory, vulgar, obscene, profane, hateful, racially, ethnically or otherwise objectionable material of any kind.

Home page Name


(All fields are required)
Like us on Facebook