Remove Ransomware

Printer Friendly Version |

Like These Tips? Get Them Free In Your E-mail Everyday!

Currently 4.68/5
1
2
3
4
5

Rating: 4.7/5 (36 votes cast)

Recently, I wrote an article on how to recognize and avoid Rogue software.

What the article did not cover, however, is how to remove a program should you accidentally get infected. Because there is a new and particularly nasty program infecting computers out there, this article explains how to remove Malware in general, and specifically, how to remove “Total Security 2009”.

The latest version of “Total Security 2009” can be classified as “Ransomware”. Earlier versions just indicated that your computer was infected and you should purchase the program to eliminate infections that were not really present. If you are unlucky enough to run across the new version, it will disable your PC until you activate it by purchasing a serial number from them.

The only program that is left functioning is a Web browser so that you can send them payment.

Figure 1: Example of the opening screen of “Total Security 2009”

The program disables your computer by popping up fake warnings that claim any file the user opens is infected and the only screen displayed says you must send payment.

Figure 2: Example of an infected file warning.

Users who choose to pay the ransom (as I write this the cost is $79.95) receive a serial number that releases all files and executables. The computer will appear to function normally, however the fake software will remain on their systems.

There are several ways to remove this threat and other malware.

A: Restore your computer to a prior state using “System Restore”
Here is a link to a WorldStart article that has System restore instructions for Windows XP
http://www.worldstart.com/tips/tips.php/bsod-precautions

Please Note: Some malware erases restore points so this method may not be available.

B: Register the “Total Security 2009” software by submitting a serial number and then run an up to date anti-malware program to remove the Ransomware.
Fortunately, PandaLabs has a list of serial numbers on their Web Site that can be used to release your computer. The serial numbers and a video showing what happens on the screen of an infected computer are located here. The scammers frequently change how their programs work so the listed serial numbers may not work for long.

C: Start your computer in “Safe Mode” and then run an up to date anti-malware program.
To get to Safe mode, press the F8 key when Windows starts to boot. You have to do this Before you see the first "Windows" screen.

~Boyd Lutz

Want to comment on this tip? Click here! We'd love to hear from you!

Do you know something helpful to add to this tip? Click Here and let us know. We'll share it with the world!

Your name:
Email:	Your email address will not be published.
Subject:
Your suggestion:	Please Note - Use this form ONLY if you have additional information you think should be added to this tip (For example, you have a better / faster way of doing it, an additional warning, etc). All submissions are moderated by WorldStart personnel and subject to our approval and / or revisions. If approved, your information will be added below for anyone visiting this page to see. If you have a comment or question, please do not use this form! Instead, use the "Tip Feedback" link above.

Like these tips? Get them for FREE in your email!

Computer Tips with MS Office Tips Newsletter

Computer Tips Daily - Run your Windows PC like a pro! No matter what your skill level, beginner or advanced, you'll find tons of valuable tips, tricks, and ideas in every issue (plus great software deals). Become the computer guru you've always wanted to be! The tip you've just read was in this newsletter!
Computer Tips Weekly - If you don't want our Computer Tips newsletter every day, then sign up for this weekly newsletter to get the best information of the week. Sent on Fridays.

Other Newsletters

Software Deals - Every week, we send out great deals in our Software Deals newsletter. Many of these deals are exclusively for our Software Deals newsletter subscribers and can't be found with our regular specials.
Just For Grins - Each issue includes a couple clean jokes, some funny quotes, and a hilarious reader's story. Newsletter is sent five days a week.

Enter Email Address:

Your e-mail address is safe with us!
We only use it to send you the newsletters you request. It is NEVER disclosed to a third party for any reason, ever! Plus, if you decided you don't like our newsletters (don't worry, you'll love them), unsubscribing is fast and easy.

Computer Tips with MS Office Tips Newsletter

See what others say!

New Ransomware on the Loose

Ransomware

Missing Change/Remove Buttons

Removing Google SearchWiki From IE

Restoring the Safely Remove Hardware Icon

TurboCAD 15 Deluxe 2D/3D - $12.97