Severity scale:  

Remove ICSPA virus

removal by Olivia Morelli - -   Also known as Ukash virus | Type: Ransomware

ICSPA virus (also known as International Cyber Security Protection Alliance virus) is a malicious infection that can easily get on your machine if it's poorly protected. When inside and active, this ransomware blocks the entire system down and then displays its fake alert that reports about various crimes and law violations. Please, don't fall for this scam because governmental organizations don't use such primitive methods when trying to make users pay the fines for them. It's clear that ICSPA virus is designed to steal the money from unaware PC users and it must be removed from the system without any delay. Of course, it won't be as easy as you may expect because this ransomware blocks legitimate applications, including anti-virus and anti-spyware programs. However, keep on reading and you'll see how you can overcome that.


ICSPA virus is distributed through the same methods as malware and spyware: it can be downloaded together with fake updates, media codecs, non-registered software, spam and through similar ways of distribution. Once it gets inside, this ransomware locks the desktop and disables computer's functions without any permission asked. Even more, it replaces PC's screen with an alert that pretends to be from International Cyber Security Protection Alliance and reports about various crimes, like the use of illegal software or distribution of malware. Please, keep in mind that all this activity is a huge scam that seeks to rip you off, and you should never pay a fine using Ukash or Paysafecard prepayment systems. Instead of that, you must remove ICSPA virus Trojan as soon as possible.


When trying to remove ICSPA virus, you may find that your are blocked. That's normal. In order to overcome this situation, your should use one of these methods:

Flash drive method:

1. Take another machine and use it to download Reimage Reimage Cleaner , SpyHunter 5Combo Cleaner or Malwarebytes.
2. Update the program and put into the USB drive or simple CD.
3. In the meanwhile, reboot your infected machine to Safe Mode with command prompt and stick USB drive in it.
4. Reboot computer infected with ICSPA virus once more and run a full system scan.

* Users infected with these ransomware threats are allowed to access other accounts on their Windows systems. If one of such accounts has administrator rights, you should be capable to launch anti-malware program.

* Try to deny the Flash to make your ransomware stop function as intended. In order to disable the Flash, go to Macromedia support and select 'Deny': After doing that, run a full system scan with anti-malware program.

* Manual ICSPA virus removal (special skills needed!):

  1. Reboot you infected PC to 'Safe mode with command prompt' to disable thisI virus (this should be working with all versions of this threat)
  2. Run Regedit
  3. Search for WinLogon Entries and write down all the files that are not explorer.exe or blank. Replace them with explorer.exe.
  4. Search the registry for these files you have written down and delete the registry keys referencing the files.
  5. Reboot and run a full system scan with updated Reimage Reimage Cleaner to remove remaining files.
do it now!
Reimage Happiness
Reimage Cleaner Happiness
Compatible with Microsoft Windows Supported versions Compatible with OS X Supported versions
What to do if failed?
If you failed to remove virus damage using Reimage Reimage Cleaner, submit a question to our support team and provide as much details as possible.
Reimage Reimage Cleaner has a free limited scanner. Reimage Reimage Cleaner offers more through scan when you purchase its full version. When free scanner detects issues, you can fix them using free manual repairs or you can decide to purchase the full version in order to fix them automatically.
Alternative Software
Different software has a different purpose. If you didn’t succeed in fixing corrupted files with Reimage, try running SpyHunter 5.
Alternative Software
Different software has a different purpose. If you didn’t succeed in fixing corrupted files with Reimage Cleaner, try running Combo Cleaner.
ICSPA virus snapshot
ICSPA virus snapshot

About the author

Olivia Morelli
Olivia Morelli - Ransomware analyst

If this free removal guide helped you and you are satisfied with our service, please consider making a donation to keep this service alive. Even a smallest amount will be appreciated.

Contact Olivia Morelli
About the company Esolutions

Removal guides in other languages

  1. david says:
    March 4th, 2013 at 7:07 pm

    These people actually have a (fake) website all about the ICSPA.Dont go here because McCaffee (our anti virus software l) dosent even know about heaven it… dont go there

  2. sam says:
    August 5th, 2015 at 9:13 am

    my HTC is locked up How can I fix it?

  3. david says:
    March 4th, 2013 at 7:08 pm

    ignore “heaven”

  4. jesse says:
    June 1st, 2014 at 4:35 pm

    How do you remove it on android?
    – email me soon please its locked down my tablet….

  5. j says:
    August 3rd, 2014 at 6:49 pm

    Did you get it removed?

  6. steve says:
    July 30th, 2014 at 2:40 am

    my android phone is locked from icspa virus please help asap

  7. j says:
    August 3rd, 2014 at 6:48 pm

    Did you get it removed?

  8. kyle says:
    August 13th, 2014 at 1:18 am

    my android phone is locked from this icspa virus can anyone tell me how to unlock it

  9. ivy says:
    August 22nd, 2014 at 12:28 pm

    It got my phone too. I need help

  10. ramesh kumar says:
    March 22nd, 2016 at 3:18 am

    my mobile is icspa lock pls help me

  11. andrew lilly says:
    June 29th, 2016 at 10:51 am

    my phone has the icspa virus got it in safe mode but comes with no location found so cant get into it properly. can you use your phone to make calls if it is in safe mode.

Your opinion regarding ICSPA virus