How to Remove Annabelle Ransomware from Your Computer
Annabelle, a very dangerous ransomware with data locking features that cyber criminals use to hijack your files and demand ransom to decrypt and give them back to you. A potential threat to any Windows system, Annabelle would very easily scan your entire hard drive and find files, collect all sensitive, personal data and encrypts files using its powerful encryption algorithm. Annabelle then adds its own malicious extensions at the end of the filenames, thus making them inaccessible. It also changes the desktop algorithm, leaving a ransom note on the system. Thus when an attempt is made to open files, error messages come up. Ransom amount needs to be paid to decrypt all files, which would be deleted in case the ransom is not paid.
How the infection happens…
Annabelle comes in through free third-party programs, from suspicious websites, through phishing emails, shareware etc and once it gets installed, it would block your basic security software- the antivirus and the firewall programs. Experts point out that Annabelle ransomware could also come in via contaminated USB devices and fake download updates or from porn websites. It could also sneak in during sharing of files on an unsafe network.
How to remove Annabelle ransomware
Since Annabelle, or for that matter any ransomware, causes your data to be encrypted and blocked, it becomes very important that you remove the infection as soon as you detect it. You can do it either manually or automatically, but special care has to be taken to ensure that the malware doesn’t return after removal. Here’s a look at how Annabelle ransomware can be removed:
Start system in Safe Mode with Networking
- Click Restart button on Start menu.
- Choose Safe Mode with Networking option on the advance boot menu and hit Enter.
Kill the Malicious Process from the Task Manager
- Press ALT+ Ctrl+ Delete to open Task Manager.
- Select the malicious process in the process tab of the Task Manager.
- Right Click on the malicious process, hit End Task.
Remove Annabelle from the Control Panel
- Select Control Panel from the Start menu.
- Under Programs category select ‘Uninstall a Program’
- Select Annabelle ransomware
- Click on Uninstall.
Reset system to Factory Settings
- Go to Start, Select Programs and then Accessories
- Click on System Tools options.
- Choose System Restore.
- Select Restore my computer to an earlier time
- Click on Next
- Choose restore point on Calendar, click Next.
- When Windows asks for confirmation to reset, accept it.
- Wait for your system to restore completely.
Remove Annabelle-related files from Registry Editor
- On your keyboard, click Windows and R together.
- Type “regedit” on the run box and click OK
- Find all Annabelle related registry entries and remove them
Now you can recover your data, then install all the programs and do a full scan.
Automatic removal of Annabelle ransomware is possible by using a good anti-malware software. Using the anti-malware program, scan your system to detect all harmful threats and viruses. Use the program to remove Annabelle and any other malware present on your system by clicking on Fix Threats. You could then restore your data and scan to ensure that the infection has gone.
Kevin Jones911 Posts
Kevin Jones, Ph.D., is a research associate and a Cyber Security Author with experience in Penetration Testing, Vulnerability Assessments, Monitoring solutions, Surveillance and Offensive technologies etc. Currently, he is a freelance writer on latest security news and other happenings. He has authored numerous articles and exploits which can be found on popular sites like hackercombat.com and others.