How to Remove Annabelle Ransomware from Your Computer

in security •  7 years ago 

Annabelle, a very dangerous ransomware with data locking features that cyber criminals use to hijack your files and demand ransom to decrypt and give them back to you. A potential threat to any Windows system, Annabelle would very easily scan your entire hard drive and find files, collect all sensitive, personal data and encrypts files using its powerful encryption algorithm. Annabelle then adds its own malicious extensions at the end of the filenames, thus making them inaccessible. It also changes the desktop algorithm, leaving a ransom note on the system. Thus when an attempt is made to open files, error messages come up. Ransom amount needs to be paid to decrypt all files, which would be deleted in case the ransom is not paid.

How the infection happens…
Annabelle comes in through free third-party programs, from suspicious websites, through phishing emails, shareware etc and once it gets installed, it would block your basic security software- the antivirus and the firewall programs. Experts point out that Annabelle ransomware could also come in via contaminated USB devices and fake download updates or from porn websites. It could also sneak in during sharing of files on an unsafe network.

How to remove Annabelle ransomware

Since Annabelle, or for that matter any ransomware, causes your data to be encrypted and blocked, it becomes very important that you remove the infection as soon as you detect it. You can do it either manually or automatically, but special care has to be taken to ensure that the malware doesn’t return after removal. Here’s a look at how Annabelle ransomware can be removed:

Manual removal

Start system in Safe Mode with Networking

Click Restart button on Start menu.
Choose Safe Mode with Networking option on the advance boot menu and hit Enter.
Kill the Malicious Process from the Task Manager

Press ALT+ Ctrl+ Delete to open Task Manager.
Select the malicious process in the process tab of the Task Manager.
Right Click on the malicious process, hit End Task.

Remove Annabelle from the Control Panel

Select Control Panel from the Start menu.
Under Programs category select ‘Uninstall a Program’
Select Annabelle ransomware
Click on Uninstall.
Reset system to Factory Settings

Go to Start, Select Programs and then Accessories
Click on System Tools options.
Choose System Restore.
Select Restore my computer to an earlier time
Click on Next
Choose restore point on Calendar, click Next.
When Windows asks for confirmation to reset, accept it.
Wait for your system to restore completely.

Remove Annabelle-related files from Registry Editor

On your keyboard, click Windows and R together.
Type “regedit” on the run box and click OK
Find all Annabelle related registry entries and remove them
Now you can recover your data, then install all the programs and do a full scan.

Source : https://hackercombat.com/remove-annabelle-ransomware-computer/
Remove-Annabelle-Ransomware.jpg

Authors get paid when people like you upvote their post.
If you enjoyed what you read here, create your account today and start earning FREE STEEM!
Sort Order:  

Hi! I am a robot. I just upvoted you! I found similar content that readers might be interested in:
https://www.blogarama.com/technology-blogs/1290971-hacker-combat-news-community-blog/24164514-remove-annabelle-ransomware-from-computer

You got a 1.88% upvote from @minnowvotes courtesy of @general1!

Congratulations! This post has been upvoted from the communal account, @minnowsupport, by General from the Minnow Support Project. It's a witness project run by aggroed, ausbitbank, teamsteem, theprophet0, someguy123, neoxian, followbtcnews, and netuoso. The goal is to help Steemit grow by supporting Minnows. Please find us at the Peace, Abundance, and Liberty Network (PALnet) Discord Channel. It's a completely public and open space to all members of the Steemit community who voluntarily choose to be there.

If you would like to delegate to the Minnow Support Project you can do so by clicking on the following links: 50SP, 100SP, 250SP, 500SP, 1000SP, 5000SP.
Be sure to leave at least 50SP undelegated on your account.

You got a 4.94% upvote from @nado.bot courtesy of @general1!

Send at least 0.1 SBD to participate in bid and get upvote of 0%-100% with full voting power.

You got a 0.74% upvote from @mercurybot courtesy of @general1!