Ukash virus. How to remove? (Uninstall guide)

Ukash virus is also known as Police virus | Type: Ransomware | Tags: Ukash
Severity scale:  

Ukash Virus is a dangerous group of ransomwares that must be ignored no matter how convincing they seem to be. Typically, this virus displays a huge alert looking like it was sent by an official institution, such as local police unit or association. This alert creates an image that specific institution, located in your country, is informed that you have been illegally watching copyrighted content, spread malware and did other stuff which is  named as 'illegal activity'. Besides, just like Police virus or FBI virus, it totally locks the system down so that you are not capable to connect to your browser and get on your desktop. As you can see, Ukash virus is a serious cyber threat that can't be eliminated without any help of an expert.


All ransomwares that belong to Ukash virus family are spread with a help of trojans that may come either with infected downloads or through spam emails and their attachments. Of course, user has no idea about Ukash virus and discovers it only when this virus locks his computer down. In addition, victim is welcomed by a huge message titled 'Attention! Illegal activity was revealed' and said that there are some serious law violations found. The main reason why scammers have created Ukash virus is the money which is asked from the user as a 'fine'. This fine should be paid through Ukash pre-paid system. However, you must be aware that there is no such official organization which would collect the fines through such system as Ukash. Besides, such institutions NEVER lock computers down and leave users without the Internet connection. 


If you have also be attacked by Ukash virus, follow these steps that will help you eliminate this threat from your computer:

1. Restart your computer to 'Safe Mode with Networking' with a help of F8 button;

2. Launch MSConfig and disable all startup entries rundll32 turning on any application from Application Data;

3. Restart the system once again

4. Scan your computer with SpyHunter or other anti-spyware program to remove infected files from the system.

UPDATE: You can also try the following methods to remove Ukash virus from your computer:

* Users infected with Ukash group of viruses are allowed to access other accounts on their Windows systems. If one of such accounts has administrator rights, you should be capable to launch anti-malware program.

*   Try to deny the Flash to make your ransomware stop function as intended. In order to disable the Flash, go to Macromedia support and select 'Deny': After doing that, run a full system scan with anti-malware program.

* Manual Ukash virus removal (special skills needed!):

  1. Reboot you infected PC to 'Safe mode with command prompt' to disable FBI virus (this should be working with all versions of this threat)
  2. Run Regedit
  3. Search for WinLogon Entries and write down all the files that are not explorer.exe or blank. Replace them with explorer.exe.
  4. Search the registry for these files you have written down and delete the registry keys referencing the files.
  5. Reboot and run a full system scan with updated SpyHunterSTOPzilla or Malwarebytes Anti Malware to remove remaining files.

Automatic Ukash virus removal:

It might be that we are affiliated with any of our recommended products. Full disclosure can be found in our Agreement of Use.
By downloading any of provided Anti-spyware software to remove Ukash virus you agree with our Privacy Policy and Agreement of Use.
remover for Ukash virus
Compatible with OS X
Webroot SecureAnywhere AntiVirus is recommended remover to uninstall Ukash virus. You should confirm using free trial that it detects current version of parasite.
Not using OS X? Download a remover for Windows.
Do it now!
remover for Ukash virus Happiness
Compatible with Microsoft
SpyHunter is recommended remover to uninstall Ukash virus. You should confirm using free trial that it detects current version of parasite.
more than 40.000.000 downloads!
What to do if you failed to remove the infection?
If you failed to remove Ukash virus using Webroot SecureAnywhere AntiVirus SpyHunter, read here how to submit a support ticket or submit a question to our support team and provide as much details as possible.
Alternate Software
We are testing STOPzilla's efficiency at removing Ukash virus (2012-07-26 06:23:43)
Malwarebytes Anti Malware
We are testing Malwarebytes Anti Malware's efficiency at removing Ukash virus (2012-07-26 06:23:43)
XoftSpySE Anti Spyware
We are testing XoftSpySE Anti Spyware's efficiency at removing Ukash virus (2012-07-26 06:23:43)
Zemana Antimalware
Virus Removal Phone Support
Help Line to remove Ukash virus
Ukash virus screenshot
Ukash virus snapshot

Geolocation of Ukash virus

Map reveals the prevalence of Ukash virus. Countries and regions that have been affected the most are: Netherlands, Belgium, Denmark, United Kingdom and Portugal.

Removal guides in other languages

Information added: 09/24/13 06:37; information updated: 09/24/13 06:37

Additional resources

Attention: If you know know a reputable website reated to security threats, please add a link here: add url

Comments on Ukash virus

How do you remove the virus from a mobile phone?
dave christie
none of the above methods worked for me. safe mode with command prompt is inaccessable because the ransomware screen blocks it out, its b*ggered. my only recouse is a new hard drive.
Sorry, this is a little outdated now - Ukash is preventing me from loading safe mode.

Factory format required!

Post a comment

Attention: Use this form only if you have additional information about Ukash virus parasite, its removal instructions, additional resources or behavior. By clicking "post comment" button you agree not to post any copyrighted, unlawful, harmful, threatening, abusive, harassing, defamatory, vulgar, obscene, profane, hateful, racially, ethnically or otherwise objectionable material of any kind.

Home page Name


(All fields are required)
Like us on Facebook
Recent Malware
Read on mobile
Press Mentions
I failed to remove Ukash virus using SpyHunter.


add text box
rss feed
help other
Spreading the knowledge: It is very hard to fight against computer parasites on the Internet alone. If you have a website, we would be more than happy if you would like to cooperate and help us spread the information about latest threats. Remember, knowledge is the most powerful weapon. Help your visitors protect their computers!