Severity scale:  
  (99/100)

Homeland Security virus. How to remove? (Uninstall guide)

removal by Jake Doevan - -   Also known as Ukash virus, Police virus | Type: Ransomware

Homeland Security virus (can also be called as U.S. Department of Homeland Security virus) is dangerous ransomware, which belongs to cyber criminals. They have already became famous for their extremely dangerous Ukash parasites, such as FBI virus, FBI Cybercrime Division virus, FBI Moneypak virus and many other ones. While it may seem that they all attack USA, you should be aware that there are hundreds of similar threats that are spread in Europe and other regions.

So, when having Homeland Security virus on your computer, you should never think that its owner is a real U.S. Department. In reality, this program is used as a tool to extort the money from unaware PC users, That's why it is designed to block the whole system down as soon as it gets inside it and additionally show a misleading alert asking o pay the fine for malicious user's activities on the Internet. U.S. Department of Homeland Security virus will report about downloading and distributing pirated content, spreading spam, visiting malicious websites and similar activities. No matter that it looks trustworthy, you should never pay this fine of 300 dollars because this won't unblock your computer. You have to remove Homeland Security virus for that.

HOW CAN I GET INFECTED Homeland Security virus?

Just like its forerunners, Homeland Security virus is distributed by Trojan.LockScreen. This dangerous infections uses security vulnerabilities for getting inside undetected. Additionally, it blocks the whole system down and downloads those files that are needed for this ransomware. Once it is done, U.S. Department of Homeland Security virus gets ability to start its dirty campaign against the user. It replaces the desktop with a huge notification, which reports about various law violations detected. If you think that rebooting to Safe Mode/Safe Mode with Networking will help you to unblock your machine, you shouldn't because this ransomware doesn't allow these things. It only shows its fake alert on the desktop:

U.S. Department of Homeland Security
National Cyber Security Division
This computer has been blocked
THE WORK OF YOUR COMPUTER HAS BEEN SUSPENDED ON THE GROUNDS OF THE VIOLATION OF THE LAW OF THE UNITED STATES OF AMERICA.
(…)
Article 184. Pornography involving childrenImprisonment for the term of up to 10-15 years(The use or distribution of pornography material)
Artticle 171. CopyrightImprisonment for the term of up to 2-5 years. (The use or sharing copyrighted files)
Article 113. The use of unlicensed softwareImprisonment for the term of up to 2 years (The use of unlicensed software)
(…)
To unlock the computer you are obliged to pay a fine of $300. You must pay the fine through MoneyPAK.
You have 48 hours to pay the fine. If the fine has not been paid, you will become the subject of criminal prosecution without the right to pay the fine.
The Department for the Fight Against Cyberactivity will confiscate your computer and take You to Court.

Please, stay away from this scam because you will lose your money and won't have your computer unblocked! For that, you have to ignore a misleading alert that belongs to Homeland Security virus and remove this scam ASAP.

HOW TO REMOVE Homeland Security virus?

When infected with Ukash parasites, the main task you have to do is to unblock the system. For that, we recommend trying to set the PC's date to the previous one If this hasn't been helpful with you, use these steps:

Flash drive method:

1. Take another machine and use it to download Reimage, Malwarebytes or other reputable anti-malware program.
2. Update the program and put into the USB drive or simple CD.
3. In the meanwhile, reboot your infected machine to Safe Mode with command prompt and stick USB drive in it.
4. Reboot computer infected with Homeland Security virus once more and run a full system scan.

* Users infected with these ransomware threats are allowed to access other accounts on their Windows systems. If one of such accounts has administrator rights, you should be capable to launch anti-malware program.

* Try to deny the Flash to make your ransomware stop function as intended. In order to disable the Flash, go to Macromedia support and select 'Deny': http://www.macromedia.com/support/documentation/en/flashplayer/help/help09.html. After doing that, run a full system scan with anti-malware program.

* Manual Homeland Security virus removal (special skills needed!):

  1. Reboot you infected PC to 'Safe mode with command prompt' to disable thisI virus (this should be working with all versions of this threat)
  2. Run Regedit
  3. Search for WinLogon Entries and write down all the files that are not explorer.exe or blank. Replace them with explorer.exe.
  4. Search the registry for these files you have written down and delete the registry keys referencing the files.
  5. Reboot and run a full system scan with updated Reimage to remove remaining files. We also recommend Malwarebytes and Plumbytes Anti-MalwareNorton Internet Security.

Besides, you can also follow this removal video, which explains how to remove Ukash viruses:

Offer
We might be affiliated with any product we recommend on the site. Full disclosure in our Agreement of Use. By Downloading any provided Anti-spyware software you agree to our privacy policy and agreement of use.
do it now!
Download
Reimage (remover) Happiness
Guarantee
Download
Reimage (remover) Happiness
Guarantee
Compatible with Microsoft Windows Supported versions Compatible with OS X Supported versions
What to do if failed?
If you failed to remove virus damage using Reimage, submit a question to our support team and provide as much details as possible.
Reimage is recommended to remove virus damage. Free scanner allows you to check whether your PC is infected or not. If you need to remove malware, you have to purchase the licensed version of Reimage malware removal tool.

Note: Manual assistance required means that one or all of removers were unable to remove parasite without some manual intervention, please read manual removal instructions below.

More information about this program can be found in Reimage review.

If you decided to select another anti-spyware, uninstall Reimage from your computer.
Press mentions on Reimage
Alternate Software
Malwarebytes
Alternate Software
Malwarebytes
Homeland Security virus snapshot
Homeland Security virus snapshot

Homeland Security virus manual removal:

Kill processes:
ilqoxken.exe

[random characters].exe

Delete files:
[random].exe

About the author

Jake Doevan
Jake Doevan - Computer technology expert

If this free removal guide helped you and you are satisfied with our service, please consider making a donation to keep this service alive. Even a smallest amount will be appreciated.

Contact Jake Doevan
About the company Esolutions

Removal guides in other languages