Strathclyde Police Ukash Virus

Strathclyde Police Ukash Virus Description

ScreenshotThe Strathclyde Police Ukash Virus is a typical form of the ransomware malware scam. These kinds of scams are designed to lock your Windows operating system, preventing your access to your own desktop. Then they will only return control once you pay a certain amount. The Strathclyde Police Ukash Virus is one of the many versions of the Metropolitan Police Alert, a kind of WinLocker that is designed to target computer users in the European Union and the United Kingdom.

Strathclyde Police Ukash virus shows the following message:

ATTENTION! ILLEGAL ACTIVITY WAS REVEALED!

Your operational system is locked as a result of Great Britain law violation!
The following violations were revealed: your IP address was detected on illegal pornographic sites including child pornography, zoophilia and violent scenes with children! Pornographic video with elements of violence and child pornography were revealed on your PC!
Illegal SPAM of terrorist orientation is also mailed from your PC. This lockout is intended to eliminate possible distribution of the above materials from your PC in the Internet.

If your computer system is displaying a malicious message from the Strathclyde Police that is not allowing you to use your computer normally, you have become infected with this malware threat. ESG security researchers strongly recommend that you ignore all claims in the Strathclyde Police Ukash Virus' message and that you instead start up your computer in Safe Mode to regain access to your desktop. Once you have done this, the Strathclyde Police Ukash Virus can be removed with a reliable anti-malware application that is fully up to date.

Understanding the Strathclyde Police Ukash Virus Scam

As was mentioned before, 2011 was a year in which multiple versions of the Strathclyde Police Ukash Virus were released. There are versions of the Strathclyde Police Ukash Virus in Italian, French, Spanish, Dutch and German, as well as other European languages. They are designed to target the population of specific countries in the European Union by claiming to come from that particular country's main police agency. According to ESG security researchers most iterations of the Strathclyde Police Ukash Virus have the following characteristics in common:

  1. All versions of the Strathclyde Police Ukash Virus will display the official logos of different police agencies in order to attempt to look authentic.
  2. All versions of the Strathclyde Police Ukash Virus will claim that your computer has been involved in illegal activities such as child pornography – never mind that it does not make sense that a one hundred Euro fine would be able to take care of charges as serious as these!
  3. All versions of the Strathclyde Police Ukash Virus demand that you pay a fine that is usually one hundred or fifty of the targeted country's currency. This payment must be done using the UKASH money transfer service.
  4. The code of the various versions of the Strathclyde Police Ukash Virus indicates that this malware infection is Ukrainian in origin, although law enforcement has not been able to apprehend the criminals behind this malware infection as of the writing of this article.

Do You Suspect Your PC May Be Infected with Strathclyde Police Ukash Virus & Other Threats? Scan Your PC with SpyHunter

SpyHunter is a powerful malware remediation and protection tool designed to help provide PC users with in-depth system security analysis, detection and removal of a wide range of threats like Strathclyde Police Ukash Virus as well as a one-on-one tech support service. Download SpyHunter's FREE Malware Remover
Note: SpyHunter's scanner is only for malware detection. If SpyHunter detects malware on your PC, you will need to purchase SpyHunter's malware removal tool to remove the malware threats. Read more on SpyHunter. Free Remover allows you to run a one-off scan and receive, subject to a 48-hour waiting period, one remediation and removal. Free Remover subject to promotional details and Special Promotion Terms. To understand our policies, please also review our EULA, Privacy Policy and Threat Assessment Criteria. If you no longer wish to have SpyHunter installed on your computer, follow these steps to uninstall SpyHunter.

Security Doesn't Let You Download SpyHunter or Access the Internet?

Solutions: Your computer may have malware hiding in memory that prevents any program, including SpyHunter, from executing on your computer. Follow to download SpyHunter and gain access to the Internet:
  • Use an alternative browser. Malware may disable your browser. If you're using IE, for example, and having problems downloading SpyHunter, you should open Firefox, Chrome or Safari browser instead.
  • Use a removable media. Download SpyHunter on another clean computer, burn it to a USB flash drive, DVD/CD, or any preferred removable media, then install it on your infected computer and run SpyHunter's malware scanner.
  • Start Windows in Safe Mode. If you can not access your Window's desktop, reboot your computer in "Safe Mode with Networking" and install SpyHunter in Safe Mode.
  • IE Users: Disable proxy server for Internet Explorer to browse the web with Internet Explorer or update your anti-spyware program. Malware modifies your Windows settings to use a proxy server to prevent you from browsing the web with IE.
If you still can't install SpyHunter? View other possible causes of installation issues.

Technical Information

File System Details

Strathclyde Police Ukash Virus creates the following file(s):
# File Name
1 %WINDOWS%\system32\[RANDOM CHARACTERS].exe

Registry Details

Strathclyde Police Ukash Virus creates the following registry entry or registry entries:
HKEY..\..\..\..{RegistryKeys}
CurrentVersion\Winlogon\"Shell" =
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\taskmgr.exe "Debugger"
"[SET OF RANDOM CHARACTERS].exe"

Site Disclaimer

Enigmasoftware.com is not associated, affiliated, sponsored or owned by the malware creators or distributors mentioned on this article. This article should NOT be mistaken or confused in being associated in any way with the promotion or endorsement of malware. Our intent is to provide information that will educate computer users on how to detect, and ultimately remove, malware from their PC with the help of SpyHunter and/or manual removal instructions provided on this article.

This article is provided "as is" and to be used for educational information purposes only. By following any instructions on this article, you agree to be bound by the disclaimer. We make no guarantees that this article will help you completely remove the malware threats on your PC. Spyware changes regularly; therefore, it is difficult to fully clean an infected machine through manual means.

One Comment

  • cell:

    Hi, I just discovered your blog via yahoo. Your post is truly pertinent to my life right now, and I'm really delighted I found your website.

Leave a Reply

Please DO NOT use this comment system for support or billing questions. For SpyHunter technical support requests, please contact our technical support team directly by opening a customer support ticket via your SpyHunter. For billing issues, please refer to our "Billing Questions or Problems?" page. For general inquiries (complaints, legal, press, marketing, copyright), visit our "Inquiries and Feedback" page.