Webpage blocked by RCMP virus? Have you suffered from the Royal Canadian Mounted Police virus currently? This is a horrible virus that can not only attack Windows computer, but also can infect Mac OS X and hijack your browsers(IE, Firefox, Safari). Follow the manual guide to unlock computer from RCMP virus ukash scam screen now.
Royal Canadian Mounted Police Virus, short for RCMP virus, is a scam that locks your computer system and will not let the users do anything until they pay a certain amount of dollars. As the symbol of the Government of Canada, Ukash RCMP virus computer blocked virus is required to pay money via Ukash. Similar to West Yorkshire virus or Canadian Security Intelligence Service Virus (CSIS Ukash Virus), Royal Canadian Mounted Police scam is distributed along with Trojans virus via visiting infected webpages, downloading unknown software and reading junk e-mails. They target one special country of each and in this case, Canada is under targeting. And this kind of spywares always has the ability to avoid the detection of antivirus software. As long as your computer system has been infected with this virus, fake registry entries and files would be added so that it can take an overall control of the system for the convenience of its further intentions. The next thing you are going to see is a lot of popping up fake security notices, saying that you are viewing illegal websites mostly about pornography which you are not, and for that reason the fake Royal Canadian Mounted Police virus will lock your computer to prevent you from continuously visiting the illegal pages. As a punishment, you will have to spend $250 via Ukash on the unlock code. But don’t trust any of that! Its detestable intention is to steal your money without fixing your problems.
From the above images, we can see the Royal Canadian Mounted Police virus ransomware attacks Windows computer by blocking their access from the desktop. Cyber criminals try their best in attempt to disguise themselves as the real RCMP to invade target PCs by giving a fake warning to lock down their computer. Then they requests a fine from $100 CAD or $250 CAD through Ukash to release the PC. You should never believe in fake RCMP message.
The same virus makers by Royal Canadian Mounted Police virus are so greedy. Now they turn their eye on the increasing Apple markets and create a new version RCMP Mac OS X virus, mainly to attack computer users who use an Apple machine like Macbook Pro or Macbook Air etc and want to get money from them. They put the virus all over the Internet and if a user mistakenly clicks on a spam link from malicious website, their Mac machine can easily be infected by RCMP browser locked virus. Once infected, users are no longer able to use their browser to surf Internet. All it shows on the browser is the RCMP scam page telling that all activities of this computer have been recorded or all your files are encrypted. Then it demands $250 fine through Ukash to unlock the browser. Unlike the traditional Ransomware, this virus won’t take over all your screen but just blocks your browser because it always utilizes java script to hijack internet browsers such as Safari and Chrome on Mac OS X. From that time, you cannot exit out or minimize the browser. When you attempt to do that, RCMP browser virus may give you another pop-up screen filled up with advertisement and stop you from closing it. Please bear in mind this fake RCMP alert is fake. You won’t get any trouble from the real police, thus paying the fine using Ukash vouchers is not the solution to unlock your computer. Users should get rid of RCMP browser locked scam manually.
a. It will change automatically the registry settings and other important files. Any delay in removal may even lead to system crash;
b. The icons in START menu are going to be disappeared and right click of the mouse would not work anymore;
c. It will also slow down the speed, change the home pages and redirect the searching results;
d. Since Trojans come along with it, private information like credit card numbers and passwords could be stolen;
e. It is hidden deep in the system files and can make other useless files of its own;
f. Other viruses and malicious malware could be installed in the computer without permission.
Royal Canadian Mounted Police ransomware has blocked the legitimate antivirus programs from detecting viruses, so it is impossible to let antivirus programs do the entire removal job. And since a small mistake could lead to unexpected damages to your computer system, you may want to backup the system before taking any actions. Following are several guiding tips for you to remove it manually by yourself:
1. Restart the computer and constantly press F8. When a screen looking similar like the one below appears, use the arrow keys to select “Safe Mode with Networking” and press E/ENTER;
2. Press and hold the WINDOWS icon on the keyboard and then press the R letter, the Run Box will appear;
3. Enter all the data and files mentioned below in the Run Box and then delete them all:
%Documents and Settings%\[user name]\desktop\[ Royal Canadian Mounted Police Virus (RCMP)].exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\”Shell”=”[SET OF RANDOM CHARACTERS].exe”
HKEY_LOCAL_MACHINE\Software\Microsoft\Shared Tools\MsConfig\startupfolder\[random names]
HKEY_LOCAL_MACHINE\Software\Microsoft\Shared Tools\MsCongif\startupreg\[random names]
Do not trust what the Royal Canadian Mounted Police Virus page tells you, it is totally a scam. The virus page shows up the whole screen, and will not allow you to do anything to close this window, even in safe mode. Some victims will follow the page to pay, and the blocked page is gone, but it is temporary, the computer will be blocked in some days and ask for more money. To avoid being infected by this scam, the best way is to be cautious about unknown links on the Internet; virus can automatically intrude into your computer after visiting some malicious website. Also, taking an eye on the ‘free’ software is necessary, because virus can hide itself in some free programs.
Published by Andrew Gonzalez, last updated on December 5, 2013 4:06 am | Fake Antivirus Removal Tips