Decrypt Protect Ransomware on the Prowl, Warns EnigmaSoftware.com
EnigmaSoftware.com a security company has detected one fresh ransomware called Decrypt Protect Ransomware, which produces an arbitrary pop-up window containing a message that an area law enforcement official or police has apparently found illegitimate operations on the victim's PC. Further, it's claimed that these operations supposedly have been performing adverse tasks as the malware was proliferating.
Essentially, Decrypt Protect Ransomware does the work of file-encryption that's real or for the minimum asserted that it's doing so, following which it blocks access to a few specified parts of the victim's machine. Thereafter, the ransomware directs the user towards making a fine payment and in 48-hrs.
The Ransomware also presents one electronic payment mechanism via MoneyPak through which the fine can be submitted. However, this payment is really processed for getting dispatched straight to the computer invaders, also the perpetrators of the new ransomware scam. PC operators, if find the message of Decrypt Protect Ransomware should desist complying with its treacherous tactics. Rather they should do fast to eliminate the malware and revive their systems to their original state.
While the ransomware can be removed manually, the method can prove a bit inefficient and unreliable; still it's described as follows:
To begin, Windows should be started for grasping the keyboard's 'F8' key till the time Windows Advanced Option column becomes visible. After this, 'Safe Mode with Command Prompt' should be selected from the menu followed with pressing on 'Enter.'
When 'Command Prompt' is open the browser name should be typed in followed with pressing on 'Enter' to display Windows Explorer.
Next, within command prompt, 'registry editor' should be typed and 'Enter' clicked.
Further, within registry editor, HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWinlogon should be visited.
After this, 'Shell'' should be clicked from the Windows right-most region. Then 'Modify,' a default Explorer.exe estimate should be clicked. Anything else displayed must be deleted while Explorer.exe should be entered. Incase something different is written, that information should be used for locating the malevolent .exe only to erase it wholly.
Finally, every file listed must be downloaded followed with performing one entire analysis of the system for cleansing off the Decrypt Protect Ransomware.
» SPAMfighter News - 24-05-2013