If your PC has been infected with ransomware virus…
The abyss of the Internet is full of the viruses of different kinds and natures: rogues, Trojans, spyware, ransomware etc. The very entry is devoted to ransomware computer infections. They are wide-spread phenomenon in the modern web life. They can mow down anybody. Nobody is 100% safe. So this post is for all PC owners. Here you will find the detailed algorithm of your actions if your workstation has been invaded by the parasite of such kind.
- reg delete hkcu\Software\Microsoft\Windows\CurrentVersion\Policies\System /v DisableRegistryTools /f
- reg delete hklm\Software\Microsoft\Windows\CurrentVersion\Policies\System /v DisableRegistryTools /f
- remove the parameter NoDesktop from HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer
- remove the parameter DisableTaskMgr from HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System
- Set the parameter 0 for HideIcons in HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced
- Set explorer.exe for Shell in HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon
- remove the parameter Shell from HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon
- find the parameter with the random name in HKCU\Software\Microsoft\Windows\CurrentVersion\Run and copy its name to the clipboard – and search in HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components
- If the parameter is found remove the full entry
- remove the file, indicated in the parameter with the random name. To do this, enter the following combination del /f /q “parameter value” in the command line.
- remove the parameter with the random name in the registry entries
If all above-stipulated steps are done the ransomware should be neutralized. Now it is a high time to check your PC for other malicious objects presence, because they can be hidden deeply in the system. Install GridinSoft Trojan Killer and run full scan with it. Make sure to update the program before you run it. Then, when the scan has been completed, remove all infections it finds and reboot your system. If you have difficulties deleting the viruses please contact us via support channels available at this site.
Ransomware automatic remover:
GridinSoft Anti-Ransomware beta
We are glad to annonce that our anti-ransomware product is now ready for a beta release! GridinSoft Anti-Ransomware was developed to protect your computer from cyptoviruses. Try this program, it may save your computer from possible future infication. Help us make GridinSoft Anti-Ransomware better by leaving your feedback! To install this program follow next steps:
- Download GridinSoft Anti-Ransomware.
- Follow the installation instruction.
- Open the program and enable the protection.