Let's go this route...
to access your computer, scan it for malware, and remove this infection. The program targets this ransomware.
You may want to print these instructions, so they are available to follow. Also, you may want to read them to have an idea of what you need to do.
Now, load a USB flash drive with HitmanPro.Kickstart
Note: the contents of the USB flash drive are erased during this process.
Use a clean (non-infected) computer, and download HitmanPro
Under Download (on the right) select the program applicable to the system: 32-bit
opens, click the KickStart
icon at the bottom of the screen.
Plug in the USB flash drive.
When the USB flash drive is detected, a selection screen is presented.
Select the USB flash drive from the choices, and press: Install Kickstart
A warning that all contents of the selected flash drive will erase is presented.
As the HitmanPro.Kickstart
files are loaded, a progress indicator is shown on the screen.
Once the process is completed a screen is presented with the contents of HitmanPro.Kickstart
Remove the USB flash drive from the clean computer and press: Close
Now, with the ransomed computer shut down, plug the USB flash drive into a USB port, and turn on the power.
When the computer starts, press the key that brings up the Boot Menu
. (On some machines its F12, F10, or F2)
From there, select to boot from the USB drive
. (It may say 'Removable Drive' in the options.)
Once you select the USB flash drive to boot from, press: Enter
prompt with USB boot options appears.
- Bypass the Master Boot Record (Default)
The system continues to boot from the hard drive and starts Windows.
If you get a message stating that Windows failed to start, etc., just select: Start Windows Normally
When Windows boots you either get a logon screen, or the Desktop is started.
If you see a logon screen with your User name, logon with it.
In the next prompt that appears, to start the program without installing to the local hard disk, select the option to do a one-time scan
to check the computer.
To start scanning for malware press: Next
If malware is detected, the program shows what malware is present on the system using a red framed screen.
to quarantine the malware into a secure storage where it can no longer start.
At the next screen, activate the 30-day
After successful activation (30 days), press: Next
A screen indicating that the malware was successfully disabled or removed is presented.
To obtain a report of the scan results, press: Save log
Save the Notepad log to the Desktop
It has a name such as: HitmanPro_xxxxxxxx_xxxx
Remove the USB drive, and press: Reboot
If no malware is found, press: Close
is done, you should be back into normal Windows.>>
Please post the HitmanPro report
in your reply.
To remove any remnant malicious files of the ransomware...
Select the version that applies to your system: 32-bit
Click the button to download.
Save to the Desktop.
Close all windows and browsers.
Right-click and select: Run as Administrator
At the program console, wait for the prescan to finish. (Under Status, it says: Prescan finished.)
When done, a report opens on the Desktop: RKreport.txt >>
Please provide the RKreport.txt (Mode: Scan)
in your reply.