YooCare.com > YooCare Blog > Remove Royal Canadian Mounted Police Virus (Ukash Scam)

Remove Royal Canadian Mounted Police Virus (Ukash Scam)

Yesterday I got RCMP Virus (Royal Canadian Mounted Police Ukash Scam) locked my computer and I have no idea how to get rid of it. When I was on Facebook, a window popped up on my screen saying YOUR COMPUTER HAS BEEN LOCKED telling me that all activities of this computer have been recorded, all my files have been encrypted. It’s telling me that i’ve violated at least one of the following and then it lists three different laws. It tells me that to unlock my computer and avoid other legal consequences, i’m obligated to pay a release fee of $100 CAD. It tells me to buy a Ukash card from a convenience store and that I only have 48 hours to pay it. The warning looks very official and it says that its from the RCMP. Could it be real? If not, how can I get a virus like that? I searched online and found that many people had the same issue. It said I have to restart to safe mode. But once I do that, computer restarts automatically. I’m not an expert on computers. How to unlock computer from Royal Canadian Mounted Police virus? Is there any RCMP Virus remover?

What Is Royal Canadian Mounted Police Virus (Ukash Scam) – How to Remove This Fake Warning From Your Computer?

Royal Canadian Mounted Police Virus, short for RCMP virus, is a scam that locks your computer system and will not let the users do anything until they pay a certain amount of dollars. As the symbol of the Government of Canada, Ukash RCMP virus computer blocked virus is required to pay money via Ukash. Similar to West Yorkshire virus or Canadian Security Intelligence Service Virus (CSIS Ukash Virus), Royal Canadian Mounted Police scam is distributed along with Trojans virus via visiting infected webpages, downloading unknown software and reading junk e-mails. They target one special country of each and in this case, Canada is under targeting. And this kind of spywares always has the ability to avoid the detection of antivirus software. As long as your computer system has been infected with this virus, fake registry entries and files would be added so that it can take an overall control of the system for the convenience of its further intentions. The next thing you are going to see is a lot of popping up fake security notices, saying that you are viewing illegal websites mostly about pornography which you are not, and for that reason the fake Royal Canadian Mounted Police virus will lock your computer to prevent you from continuously visiting the illegal pages. As a punishment, you will have to spend $250 via Ukash on the unlock code. But don’t trust any of that! Its detestable intention is to steal your money without fixing your problems.

Royal Canadian Mounted Police (RCMP) Ukash Virus ScreenShot On Windows OS

New Version Of Royal Canadian Mounted Police Scam

Urausy-Royal Canadian Mounted Police Virus

From the above images, we can see the Royal Canadian Mounted Police virus ransomware attacks Windows computer by blocking their access from the desktop. Cyber criminals try their best in attempt to disguise themselves as the real RCMP to invade target PCs by giving a fake warning to lock down their computers. Then they request a fine from $100 CAD  or $250 CAD through Ukash to release the PC. You should never believe in fake RCMP message.

Your Browser Has Been Locked By Royal Canadian Mounted Police Scam Targeting On Mac OS X:

RCMP-,MAC-A

Fake RCMP Mac OS  X Virus Takes Over Your Browser Like This Page:

RCMP-MAC-B

The same virus makers by Royal Canadian Mounted Police virus are so greedy. Now they turn their eye on the increasing Apple markets and create a new version RCMP Mac OS X virus, mainly to attack computer users who use an Apple machine like Macbook Pro or Macbook Air etc and want to get money from them. They put the virus all over the Internet and if a user mistakenly clicks on a spam link from malicious website, their Mac machine can easily be infected by RCMP browser locked virus. Once infected, users are no longer able to use their browser to surf Internet. All it shows on the browser is the RCMP scam page telling that all activities of this computer have been recorded or all your files are encrypted. Then it demands $250 fine through Ukash to unlock the browser. Unlike the traditional Ransomware, this virus won’t take over all your screen but just blocks your browser because it always utilizes java script to hijack internet browsers such as Safari and Chrome on Mac OS X. From that time, you cannot exit out or minimize the browser. When you attempt to do that, RCMP browser virus may give you another pop-up screen filled up with advertisement and stop you from closing it. Please bear in mind this fake RCMP alert is fake. You won’t get any trouble from the real police, thus paying the fine using Ukash vouchers is not the solution to unlock your computer. Users should get rid of RCMP browser locked scam manually.

What are the dangerous symptoms of Royal Canadian Mounted Police malware?

a. It will change automatically the registry settings and other important files. Any delay in removal may even lead to system crash;

b. The icons in START menu are going to be disappeared and right click of the mouse would not work anymore;

c. It will also slow down the speed, change the home pages and redirect the searching results;

d. Since Trojans come along with it, private information like credit card numbers and passwords could be stolen;

e. It is hidden deep in the system files and can make other useless files of its own;

f. Other viruses and malicious malware could be installed in the computer without permission.

How to get rid of the nasty RCMP virus manually and effectively?

Royal Canadian Mounted Police ransomware has blocked the legitimate antivirus programs from detecting viruses, so it is impossible to let antivirus programs do the entire removal job. And since a small mistake could lead to unexpected damages to your computer system, you may want to backup the system before taking any actions. Following are several guiding tips for you to remove it manually by yourself:

1. Restart the computer and constantly press F8. When a screen looking similar like the one below appears, use the arrow keys to select “Safe Mode with Networking” and press E/ENTER;

2. Press and hold the WINDOWS icon on the keyboard and then press the R letter, the Run Box will appear;

3. Enter all the data and files mentioned below in the Run Box and then delete them all:

%system%\[random characters].dll
%Documents and Settings%\[user name]\desktop\[ Royal Canadian Mounted Police Virus (RCMP)].exe
C:\users\stuart\appData\Local\Temp\[random names].exe

HKEY_CLASSES_ROOT\CLSID\[random numbers]
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\”Shell”=”[SET OF RANDOM CHARACTERS].exe”
HKEY_LOCAL_MACHINE\Software\Microsoft\Shared Tools\MsConfig\startupfolder\[random names]
HKEY_LOCAL_MACHINE\Software\Microsoft\Shared Tools\MsCongif\startupreg\[random names]

Similar Video guide on how to kill processes and modify registry entry

Do not trust what the Royal Canadian Mounted Police Virus page tells you, it is totally a scam. The virus page shows up the whole screen, and will not allow you to do anything to close this window, even in safe mode. Some victims will follow the page to pay, and the blocked page is gone, but it is temporary, the computer will be blocked in some days and ask for more money. It will be a hard time if computer get locked by the RCMP virus. Also cyber criminals now keep an eye on the growing Apple market and they design another RCMP virus scam used to attack Apple / Mac OS X users all around the world. When this Ransomware is on the Apple computer, it won’t act like the one on Windows computer by locking the whole computer, it just blocks your online usage by hijacking your browser. However, it is enough to scare people to death and cause many inconvenience. It can completely block your browser and prevent you from getting online. As soon as you open Google Chrome, Firefox or Safari, a page comes up automatically saying that “All activities of this computer have been recorded. All your files are encrypted. Your browser has been blocked due to at least one of the reasons specified below. ” Then it provides a solution to unlock your browser which is to pay $150 CAD or $250 fine via Ukash. People who suffer from this scam will find it hard to exit this locked page because force quit doesn’t nothing help. Although everything seems to be authentic, you should not pay anything for this scam.As mentioned above, people should realize that RCMP Virus is nothing but a computer virus that can either lock your computer or the web browsers. Even though you don’t want to get the computer ruined or lose your precious data, paying the fine as it requests is not an option to solve your problem. To completely get rid of Royal Canadian Mounted Police Virus (Ukash Scam), manual removal is needed because all the virus files and registry entries have to be deleted permanently which can make sure this virus won’t come back again.

Note: If you are not computer geek and failed to remove the virus, to avoid messing up your computer, please contact YooCare professionals to remove the virus safely and completely.

Apr28

Published by Andrew Gonzalez, last updated on March 10, 2014 3:13 am | Fake Antivirus Removal Tips

16 Responses to “Remove Royal Canadian Mounted Police Virus (Ukash Scam)”

  1. [...] a very slow system performance and poor Internet connection. Moreover, potential threats such as RCMP malware and ice cyber crimes center virus are brought by the Trojan infection to your computer such as [...]

  2. [...] is categorized as a malicious browser hijacker redirect which always comes with lots of bundled malware, malicious spyware (FBI Online Agent virus), adware parasites to seriously harm a PC system [...]

  3. [...] is safe. But I hope you can pay attention to this virus from this moment because this virus is spreading in an amazing speed. Since this virus first appear, many computer experts have started to observe [...]

  4. [...] computer together with many potential computer threats such as FBI cybercrime division virus or RCMP virus. In order to invade the affected computer deeply, the Trojan disables executable programs to [...]

  5. [...] program that tricks your into purchasing its products. The interface of the fake program is just similar to legitimate anti-virus software, and it pretends to scan your computer thoroughly. After the [...]

  6. [...] the web, a popup will suddenly appear on your browser which is called Text-Enhance and underlines various words on a given web page. By showing various ads, this malware aims to lure users into clicking [...]

  7. [...] website or download something from Internet, because this virus can start to download virus such as RCMP malware,  FBI Online Agent virus etc. and other Trojans from the infected website, and then you will find [...]

  8. [...] It can compromise your system and may introduce additional infections like RCMP malware or Interpol [...]

  9. [...] that the hackers can earn money from the pay-per-click technique. Some of those weird websites may contain dangerous Trojans and spyware. The virus is able to attack all kinds of browsers including Firefox, [...]

  10. [...] These changes will block your antivirus program, preventing users from deleting itself. It will also display various security notifications on your system when you try to run any programs. It list many bogus [...]

  11. [...] sites. At first sight, it may seem to be a legitimate security program, but, in reality, it’s a fraudulent and useless security tool with the aim of stealing your money. When it is running, it will offer [...]

  12. [...] for a fine to unlock PC. It is believed to be a newly released virus which is quite similar to the Royal Canadian Mounted Police virus and Canadian Police Cybercrime Investigation Department virus. Even though it’s just [...]

  13. [...] will pop up making you impossible to ignore them and keep annoyed by them. Through this forcible showing up of fake warnings, this scam program is trying to deceive you so that it can achieve its evil [...]

  14. [...] by cyber criminals to trick you into purchasing its full version. Initially, the fake program displays fake security warnings on your screen claiming that your computer carries lots of dangerous items, [...]

  15. [...] New Version of Police Cybercrime Investigation Department Virus Pay 100 CAD Fine [...]

  16. [...] of illegal advertisements, even Trojan, rootkit or other malware virus including the well-known RCMP malware. Sometimes the antivirus software cannot identify the computer threat accurately and timely or [...]

Leave a Reply


1 × = five

Problems with your computer?