Professional Documents
Culture Documents
RCMP virus
What Is Ukash?
Ukash is an e-commerce form of currency that allows Internet users to exchange money for Ukash code that can be used to make purchase online. It has developed to a secure payment method that delivers voucher with unique 19-digit code, value, currency and expiry date.
Thus has gained good reputation and become popular, it is even available from ATMS. However, it has been utilized for fraudulent activities. Being a prepaid payment method where vouchers are guaranteed and payment assured, theres no charge-backs or repudiation, which results in the tragedy that victims cannot retrieve the money back in the case of a fraudulent purchase, though Ukash claims to be regulated by the Financial Contact Authority and subject to ongoing and highly strict fraud monitoring.
chances to spread their crafts by exploiting vulnerability on server, web sites, installed programs, etc. with the help of Trojan which hammers at hiding viral items from being detected. Thanks to the Rootkit technique from Trojan, Ukash virus is capable of putting its source files into an encrypted folder before its eradication of the source ones and fabricating false ones in a bid to direct installed security utilities in a wrong way to escape easy deletion. Ukash virus then affects database to acquire information so as to form the counterfeit but vivid security warning sealed-screen message accordingly. Apparently that Ukash virus is able to impose modifications randomly, leading to dysfunctions like: Disabled Safe Mode, it can be Safe Mode with Networking, Safe Mode with Command Prompt. Useless System Restore and System Repair. White screen or blue screen happens. F8 key will not direct victims into Advanced Windows Options. Beep happens when constantly tapping on F8 key when trying to troubleshoot the problem with Advanced Windows Options. Whats worse, backdoor can come into shape because of the Trojan. Arbitrary modifications made deep in a target system can aggravate the risk of being attacked by other virus, resulting in residual damages to the computer: Computer takes longer to response to tasks. New tab will open up automatically during browsing session and direct to some vicious sites, including commercial ones. CPU is usually consumed highly when few programs are running in the background. It takes longer to load a page. Search results unrelated to queries are often obtained. Crashes and freezes could happen with additional unknown icons on desktop. If your anti-virus programs expire, you are not able to run rescue disk because of Ukash virus blocking screen or security utilities help only to remove innocuous infections, you are highly suggested to employ manual method to remove Ukash virus before it alleviates additional installations of other virus and further affect
Instruction applicable to the case where Safe Mode with Networking is accessible.
Boot into Safe Mode with Networking by restarting the computer or by cold restart. Windows 8 users to follow up
Stay at the counterfeit warning message. Press Alt,Ctrl and delete key together..
Keep holding shift key when clicking on power button together. Select Restart. Select Troubleshoot with arrow keys. Select Advanced options. Hit Restart button at the right bottom of the screen. Please hit F5 to get into safe mode with networking.
Keep tapping on F8 key continuously as the computer is booting but before Windows launches.
Windows Advanced Options Menu prompts up. Highlight Safe Mode with Networking option with arrow keys. Press Enter key to enter into Safe Mode with Networking. Disable startup items associated with Ukash virus. Windows 8 users to follow up Type Task on Start Screen. Hit Enter key. Find and tick items related toUkash virus. Press Disable option to remove Ukash virus.
Launch Search/ Run box. Type msconfig followed by Enter key. Find and tick items related to Ukash virus. Press Disable All option to remove Ukash virus. Re-manage Database (registry editor). Windows 8 users to follow up Move your mouse over lower right of the screen. Type regedit on Search charm. Hit Enter key. Press and hold Ctrl+F to search for Winlogon.
Locate the key labeled Shell in the right pane. Right click on it and replace it with explorer.exe to help remove Ukash virus. Windows 7/XP/Vista users to follow up
Put regedit in Run box. Press Enter. Press and hold Ctrl+F to search for Winlogon. Locate key labeled Shell in the right pane. Right click on it and replace it with explorer.exe to help remove Ukash virus.
Stay at the Ukash virus screen. Open Windows Explorer by clicking on Windows Explorer from Start Screen.
Select View tab on Windows Explorer window, you will get numbers of options. Tick File name extensions and Hidden items options. Go to Roaming folder and Temp folder respectively in C Disk to remove files with abnormal name, such as serial numbers with random letters. Windows 7/XP/Vista users to follow up Open Control Panel from Start menu and search for Folder Options.
Tick Show hidden files and folders and non-tick Hide protected operating system files (Recommended) under View tab to click OK. Browse to Roaming folder and Temp folder respectively in C Disk to remove files with abnormal name, such as serial numbers with random letters. Save changes, reboot to normal mode to see if Ukash virus is gone.
Instruction applicable to the case where Safe Mode with Command Prompt is accessible while Safe Mode with Networking is disabled.
Enter into Safe Mode with Command Prompt. Windows 8 users to follow up
Press Alt,Ctrl and delete key together, locate the power icon at the right bottom. Hold shift key and click on power button at the same time. Select Troubleshoot option with arrow keys.
Select Advanced options. Hit Restart button at the right bottom of the screen. Hit F6 to get into safe mode with command prompt. Windows 7/XP/Vista users to follow up Keep tapping F8 key continuously as the computer is booting but before Windows launches.
Windows Advanced Options Menu appears to highlight Safe Mode with Command Prompt option. Press Enter key.
Create a new user account with administrator from cmd. Type explore when you see a black window with flashing slash after System32. Hit Enter key to get desktop. Created a new user account with administrator right. create a new user account on Windows 7 1. 2. 3. 4. 5. 6. 7. 8. Click the Start button. Select Control Panel. Click User Accounts and Family Safety. Select User Accounts. Choose Manage another account. Select Create a new account. Type the name you want to name the user account. Tick Administrator before clicking Create Account to finish creating a new administrative user account. create a new user account on Windows XP
1. Click Start button before clicking on Control Panel. 2. Double click on User Account. 3. Select Create a new account. 4. Type a name for the new user account before clicking on Next. 5. Tick Computer administrator before clicking Create Account. create a new user account on Windows Vista.
1. Hit Start menu to select Control Panel. 2. Select Add or Remove User Accounts. 3. Click Create a New Account. 4. Enter an account name, then select account type as administrator. 5. Click Create Account button to finish the process. create a new user account on Windows 8 1. Double click on Control Panel on the start screen. 2. Click on Add a user under Users which is on the left pane. > If Windows Live id is available, use it to create a new account > Otherwise, click on More about logon options to fill in the given form, then follow the on-screen hint to finish creating a user account.
Remove Ukash virus in the newly created user account. Restart the computer normally without tapping on any key. Enter into the newly created user account. Follow steps to .
Instruction applicable to the case where both Safe Mode with Command Prompt and Safe Mode with Networking are disabled.
Reboot your computer and access Repair Your PC. Windows XP users to follow up
Insert Windows XP CD into the drive (if Autoplay kicks in, exit out of it). Press Win key and r key together. Copy and paste sfc /scannow into the box. Windows File Protection Service will start to scan all protected files and verifie integrity, replacing any files with which it finds problems. Be patient and allow the process to proceed automatically and completely. Restart your computer once this process is completed. Windows 7 users to follow up Put Windows 7 CD in your optical drive. Restart to boot from the DVD. On the Install Windows screen, make the appropriate selections for language, time, and keyboard, and then click Next. On the next screen, click Repair Your Computer. In System Recovery Options, select which operating system you want to restore if any are listed, and click Next. The System Recovery Options screen shows up and select Startup Repair.
Insert Windows Vista DVD and restart the computer with the DVD in. Press any key to boot from CD or DVD is displayed in black background. Press any key to start the booting process. A new screen will appear saying Windows is loading files. Another small progress bar appears after several minutes. Select your language and keyboard language and click Next button when you are given options. Click on the Repair Your Computer option at the bottom left of install screen. Once the Vista installation is located, highlight it and then click the Next button. You will see the picture below:
Click on Startup Repair and let the wizard finish. It is perfectly normal that the computer restarts after it finishes the process. Windows 8 users to follow up Start Screen. Type Advanced. Click Settings category. Select Advanced startup options. General PC Settings screen appears. Scroll down to the bottom to select Advanced startup. Press on Restart now. Select Troubleshoot. Select Advanced options. Click on Automatic Repair. Log in the User Account you wish to repair. Automatic repair will now start. After a while, your computer will automatically restart; please leave it to complete all the process.
Conclusion: Ukash virus should be removed from the infected PC as soon as possible once you have found it. For the virus can not only lock down your PC to damage the system but also steal personal /confidential data like online account, password, and some privacies of Credit Card, if any. Should you believe Ukash virus over online professionals to submit the stipulated amount of money, you are not merely suffering from economic losses, you also make the cyber cribbers taste the sweetness of illegal activities. To crown it all, dont be reluctant to remove Ukash virus when some forms of Safe Mode or another user accounts are functioning well since the Trojan will help Ukash virus to spread its infectious code to those places. In a word, you should remove Ukash virus at first time. And
it is worth the reiteration that the truth is there isnt such thing as computer being locked by police for watching child porn and similar stuff. This behavior is totally conducted by cyber criminals. One wont need to worry about any criminal cases initiated against self. All we need to do is to remove Ukash virus in a bid to regain a functional machine.