VilmaTech.com > VilmaTech Blog > How to Remove Booyah Ransomware, Booyah.exe Ransomware, CRIPTOSO.KEY Removal

How to Remove Booyah Ransomware, Booyah.exe Ransomware, CRIPTOSO.KEY Removal

Published on April 26, 2016

What Is Booyah Ransomware

Booyah Ransomware is a new ransomware focused on blocking users’ computers and encrypting all files on the infectious machine to blackmail money from unsuspecting victims. Booyah Ransomware spreads to a target machine like a program installation, it uses Booyah.exe executable file to start blocking and encrypting process. As researches by IT experts, the Booyah Ransomware can take advantage of the well-known Nullsoft Scriptable Install System installer to help itself complete a virus distribution. Just when users click to install Booyah.exe containing DLL file, the Booyah Ransomware will self install on user’s machine without any consent. For this Booyah Ransomware, there is another name called booyah.exe Ransomware according to the virus executable file. Once users become attacked, the Booyah Ransomware would block out the infectious computers and then pop-up a warning page named “WHATHAPPENDTOYOURFILES.TXT” to prompt victims what happened. The pop-up message may inform victims their files are now encrypted and they have to purchase the key to decrypt these files back.

Besides that, the payment is different due to the pay day. Complete the payment today, the price is only 1 bitcoin. If complete the payment on the second day, you have to pay 2 bitcoins. And if pay after one week, the payment have to be increased to be 7 bitcoins. By such scaring warnings, the Booyah Ransomware attempts to fool infectious users and trick money from them. If you are seeing such pop-up message on your computers, you then become attacked. And you must have some doubts that if the payment should be completed in time. The answer is no because of the authors of Booyah Ransomware never have conscience. Your computer and all your files won’t work as usual though you have finished a payment as required. What you have to do is to figure out the Booyah Ransomware and fix it completely. To fix the Booyah Ransomware and recover all your files require a certain level of computer skills. Any mistaken deletion my lead to a fatal error. Refer to Android Ransomware removal guide here.

If you need professional help to fix the Booyah Ransomware from your compute completely, you can consult more help with VilmaTech 24/7 online service now.

live chat

How to Remove Booyah Ransomware from Infectious PC and Recover Files

Step 1: Safe Mode

If the Booyah Ransomware makes the victimized machine abnormally worked and you can’t enable programs there, you can reboot the victimized machine with safe mode with networking.

For Windows 7, Windows XP, Windows Vista

1. Totally shut down the infected computer.
2. Press Power button to boot up the infected computer, but before Windows launches (after skipping the first interface), you have to hit F8 key to reveal out Windows Advanced Options.
3. Next Window says safe mode, safe mode with networking, safe mode with command prompt, etc. Highlight safe mode with networking by pressing Up-Down keys and hit Enter key. Wait for a moment, Windows is loading files to the desktop.

For Window 8 Users

1. Reach the desktop
2. Press the Ctrl+ Alt+ Del key, it will bring you to the Switch User interface.
3. Tap the “Shift” key on the keyboard by your left hand, click on “Shut down” button. Click on Restart option. In the ‘Choose an Option’ screen, you need select “Troubleshoot.”


4. Click on ‘Advanced Options’, and in the following window you need choose “Startup setting.”
5. Choose “restart.” Press F5/5 key to highlight Safe Mode with networking option, hit enter key.

Step 2: Windows Task Manager

End the Booyah Ransomware process. Press Ctrl+ Esc+ Shift or Ctrl+ Alt+ Del to open Windows Task Manager. Scroll down and locate at random Booyah Ransomware virus file and click on it. You last need click the End Process button.

Step 3: Show hidden virus files

Delete Booyah Ransomware files from Local disk.
1. Click on Start button. Click “Control Panel.” And click on Appearance and Personalization.


2. Double click on Files and Folder Option.


3. Select View tab. Check “Show hidden files, folders and drives.” Uncheck “Hide protected operating system files (Recommended). Then click ok to finish the changes.
4. Open Local disk, and remove Booyah Ransomware files.

    %Program Files%\ random
    %AppData%\Protector-[rnd].exe
    %AppData%\Inspector-[rnd].exe
    %AppData%\vsdsrv32.exe

Step 3: Delete virus registry entries

Delete the Booyah Ransomware registry entries.
1. Press Windows+ R key to reveal out Run box. Type regedit in Run window and click Ok.


2. In the Registry Editor window, you need navigate to the below path. You then need to find out “Shell” and right click on it. Click on Modify.
3. The default value data is Explorer.exe If you see something else written in this window, remove it and type in Explorer.exe.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\
4. Now delete Booyah ransomware registry entries, you can refer to the below registry entries.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\[random].exe
HKEY_LOCAL_MACHINE\SOFTWARE\ Booyah Ransomware
HKEY_CURRENT_USER \Software\Microsoft\Windows\CurrentVersion\Policies\System ‘DisableRegistryTools’ = 0
HKEY_LOCAL_MACHINE \SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system ‘EnableLUA’ = 0
Check file like %APPDATA%\%ID%.
5.After that, you just need to reboot your PC to a regular mood to check if the Booyah Ransomware virus has been removed completely.

Conclusion

Booyah Ransomware is a new version of malicious ransomware used by attackers to trick money over the cyber world. It often blocks out computers and encrypts all essential files on the infectious machine. Booyah Ransomware is known to encrypt files and then offer a fake method to recover files to trick money. Once you’re one of these victims of the Booyah Ransomware, what you have to do is to fix the Booyah Ransomware first rather than try to pay for a non-existent decryption. If you are suffering from Booyah Ransomware damage and hardly remove it from the infectious computer and recover files, you can ask for a further help from VilmaTech online exerts. Till now, still need help to fix the Booyah Ransomware virus, you can live chat with VilmaTech 24/7 Online Experts.

live chat