Information about Ransom-FOO!htm
Ransom-FOO!htm is also a dangerous ransomware which is similar to CryptoWall 2.0. Once your computer is infected with this ransomware, it will change your computer setting including the registry entries, system files, start up items. Once the computer boots up, Ransom-FOO!htm will active automatically on the computer without the user's permission.
Ransom-FOO!htm is capable to encrypt files that are in those format: .odt, .ods, .odp, .odm, .odc, .odb, .doc, .docx, .docm, .wps, .xls, .xlsx, .xlsm, .xlsb, .xlk, .ppt, .pptx, .pptm, .mdb, .accdb, .pst, .dwg, .dxf, .dxg, .wpd, .rtf, .wb2, .mdf, .dbf, .psd, .pdd, .pdf, .eps, .ai, .indd, .cdr, .dng, .3fr, .arw, .srf, .sr2, .mp3, .bay, .crw, .cr2,.dcr, .kdc, .erf, .mef, .mrw, .nef, .nrw, .orf, .raf, .raw, .rwl, .rw2, .r3d, .ptx, .pef, .srw, .x3f, .lnk, .der, .cer, .crt, .pem, .pfx,.p12, .p7b, .p7c, .jpg, .png, .jfif, .jpeg, .gif, .bmp, .exif, .txt, .zip, .rar, .mp4, .iso.
To prevent the further damage brought from Ransom-FOO!htm virus, it is
recommended to remove Ransom-FOO!htm immediately from your computer. It is highly suggested to download and install a powerful and legitimate anti-spyware like Spyhunter to scan and protect your computer.
Usually, virus like Ransom-FOO!htm comes into your computer along with infected free software, files and drivers. You may also get infect by opening spam emails, sharing corrupt content, or clicking to suspicious web sites, sharing files over P2P network, using infected media or USB devices and so on.
1. Never click on a link or attachment in an email from a trusted source;
2. Be wary of files with a double extension such as .txt.vb or .jpg.exe.
3. Don’t get access to illegal online contents such as gambling or porn.
4. Don't download unknown "free" software and avoid opening unknown e-mail attachments
5. Install real-time anti-spyware protection and Keep anti-malware applications current.
Ransom-FOO!htm is capable to encrypt files that are in those format: .odt, .ods, .odp, .odm, .odc, .odb, .doc, .docx, .docm, .wps, .xls, .xlsx, .xlsm, .xlsb, .xlk, .ppt, .pptx, .pptm, .mdb, .accdb, .pst, .dwg, .dxf, .dxg, .wpd, .rtf, .wb2, .mdf, .dbf, .psd, .pdd, .pdf, .eps, .ai, .indd, .cdr, .dng, .3fr, .arw, .srf, .sr2, .mp3, .bay, .crw, .cr2,.dcr, .kdc, .erf, .mef, .mrw, .nef, .nrw, .orf, .raf, .raw, .rwl, .rw2, .r3d, .ptx, .pef, .srw, .x3f, .lnk, .der, .cer, .crt, .pem, .pfx,.p12, .p7b, .p7c, .jpg, .png, .jfif, .jpeg, .gif, .bmp, .exif, .txt, .zip, .rar, .mp4, .iso.
How can Ransom-FOO!htm get into your computer?
How to prevent from being infected by virus like Ransom-FOO!htm?
1. Never click on a link or attachment in an email from a trusted source;
2. Be wary of files with a double extension such as .txt.vb or .jpg.exe.
3. Don’t get access to illegal online contents such as gambling or porn.
4. Don't download unknown "free" software and avoid opening unknown e-mail attachments
5. Install real-time anti-spyware protection and Keep anti-malware applications current.
Instructions to Get Rid of Ransom-FOO!htm
Method 1: Ransom-FOO!htm Manual Deletion
Boot up the infected computer, press F8 at the very beginning, choose “Safe Mode with Networking” and press Enter to get in safe mode with networking.
Boot up the infected computer, press F8 at the very beginning, choose “Safe Mode with Networking” and press Enter to get in safe mode with networking.
Step 1: Open Windows Task Manager and close all running processes.
( Methods to open Task Manager: Press CTRL+ALT+DEL or CTRL+SHIFT+ESC or Press the Start button->click on the Run option->Type in taskmgr and press OK.)
( Methods to open Task Manager: Press CTRL+ALT+DEL or CTRL+SHIFT+ESC or Press the Start button->click on the Run option->Type in taskmgr and press OK.)
Step 2: Reset your browser setting
Firefox:
In the drop-down list of Firefox, go to Help and click on Troubleshooting Information.
Click on the Reset Firefox button to reset it.
Google Chrome:
Click on the Chrome menu on the right of toolbar and then select Settings.
Scroll down to the bottom to click Show advanced settings.
Go down to the bottom and click Reset browser settings to reset Google Chrome to its default setting.
IE:
Click Tools on the up right corner and select Internet Options.
Click on Advanced tab, press Reset button to reset IE to its default settings.
Step 3: Go to the Registry Editor and remove all the infection registry entries listed here:
(Steps: Hit Win+R keys and then type regedit in Run box to search)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main "Start Page" = "http://www.<random>.com/?type=hp&ts=<timestamp>&from=tugs&uid=<hard drive id>" HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Search "CustomizeSearch" = "http://www.<random>.com/web/?type=ds&ts=<timestamp>&from=tugs&uid=<hard drive id>&q={searchTerms}" HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Search "SearchAssistant" = "http://www.<random>.com/web/?type=ds&ts=<timestamp>&from=tugs&uid=<hard drive id>&q={searchTerms}"
Step 4: All the infection associated files listed below need to be removed:
%CommonAppData%\<random>.exe C:\Windows\Temp\<random>.exe %temp%\<random>.exe C:\Program Files\<random>
Method 2: Automatic Removal with SpyHunter
SpyHunter is a world-famous real-time malware protection and removal tool, which is designed to detect , remove and protect your PC from the latest malware attacks, such as Trojans, worms, rootkits, rogue viruses, browser hijacker, ransomware, adware, key-loggers, and so forth. To keep SpyHunter Anti-malware on your computer is an important way to protect your computer in a good condition. Please find the instruction as follow.
Boot up the infected computer, press F8 at the very beginning, choose “Safe Mode with Networking” and press Enter to get in safe mode with networking.
Boot up the infected computer, press F8 at the very beginning, choose “Safe Mode with Networking” and press Enter to get in safe mode with networking.
Step 1: Press the following button to download SpyHunter.
Step 2: Save it into your computer and click on the Run choice to install it step by step.
Step 3: Click Finish then you can use it to scan your computer to find out potential threats by pressing Scan computer now!
Step 4: Tick Select all and then Remove to delete all threats.
Guide to download RegCure Pro to optimize PC
If you are still worried about the left over of Ransom-FOO!htm and want to clean all the unwanted registry entries, it is recommended to use RegCure Pro.
A: At first, boot your computer into Safe Mode with Networking.
To perform this procedure, please restart your computer and keep pressing F8 key until Windows Advanced Options menu shows up, then using arrow key to select “Safe Mode with Networking” from the list and press ENTER to get into that mode.
B: Follow the below guide to continue.
Step 1. Install and launch RegCure Pro on your PC.
Step 2. Select "Yes" to download and install RegCure Pro.
Step 3. Click "Next" to continue.
Step 4. RegCure Pro will open automatically on your screen.
Step 5. RegCure Pro is scanning your PC for error.
Step 6. After scanning, choose the issues you want to fix.
Step 6. After scanning, choose the issues you want to fix.
Note: Manual removal Ransom-FOO!htm refers to key parts of computer system. Any error step may lead to system crash. If you don’t have sufficient expertise in dealing with the manual removal. Install Spyhunter can be your better choice, because it is capable of auto-detecting and removing viruses. You can also Download RegCure Pro to help you clean up unneeded registry files and optimize the computer.
No comments:
Post a Comment