12/05/2014

http:// paytordmbdekmizq.tanktor.com/1ptz0Qa Removal, How to Get Rid of http:// paytordmbdekmizq.tanktor.com/1ptz0Qa



This http:// paytordmbdekmizq.tanktor.com/1ptz0Qa sucker is nasty



http:// paytordmbdekmizq.tanktor.com/1ptz0Qa is an unsafe website that has connected with some infamous ransowmare virus which are created to lock down the target computers.


When your computer get infected with a ransomware virus like paytordmbdekmizq.torsona.com, paytordmbdekmizq.torsona.com/1iyv5jo, Cryptowall 2.0, you will get a lot of warning on computer screen said all files would be encrypted unless payment made. Unable to unlock warning on screen so forced computer shutdown. After restart the files were encrypted. And then you will be redirected to this site http:// paytordmbdekmizq.tanktor .com/1ptz0Qa.



As soon as your computer has been infected with http:// paytordmbdekmizq.tanktor .com/1ptz0Qa, you can see that all your files have been encrypted. The files included:

.odt, .ods, .odp, .odm, .odc, .odb, .doc, .docx, .docm, .wps, .xls, .xlsx, .xlsm, .xlsb, .xlk, .ppt, .pptx, .pptm, .mdb, .accdb, .pst, .dwg, .dxf, .dxg, .wpd, .rtf, .wb2, .mdf, .dbf, .psd, .pdd, .pdf, .eps, .ai, .indd, .cdr, .dng.

After the files have been encrypted, you are asked to pay certain fee to restore them. You can see a bitcoin payment address shown on the page. Please don’t pay the fee, and then try to remove paytordmbdekmizq.tanktor .com/1ptz0Qa from your computer as soon as possible you can.

Lesson to Get Rid of http:// paytordmbdekmizq.tanktor.com/1ptz0Qa from Windows XP/ Vista/7/8


Lesson 1: http:// paytordmbdekmizq.tanktor.com/1ptz0Qa Manual Removal
Lesson 2: http:// paytordmbdekmizq.tanktor.com/1ptz0Qa Automatic Removal

http://www.pcresolvers.com/spyhunter.php

Lesson 1: http:// paytordmbdekmizq.tanktor.com/1ptz0Qa Manual Removal


Before you performing manual steps, please back up all your Windows registry and important files. For any mistake may cause loss of precious data.

Step one: Reboot your computer into Safe Mode with Networking
Windows XP/ Vista/7:

Turn your computer off and then back on and immediately when you see anything on the screen, start tapping the F8 key on your keyboard.
Using the arrow keys on your keyboard, select Safe Mode with Networking and press Enter on your keyboard.



For win8:

Reboot your computer in safe mode with networking.
Press the Power button at the Windows login screen or in the Settings charm. Then, press and hold the ” Shift” key on your keyboard and click Restart.

Click on Troubleshoot and choose Advanced Options. Then click on Startup Settings and select Restart. Your PC will restart and display nine startup settings. Now you can select Enable Safe Mode with Networking.






Step two: Show hidden files

a) Open Control Panel from Start menu and search for Folder Options;
b) Under View tab to tick Show hidden files and folders and non-tick Hide protected operating system files (Recommended) and then click OK;

c) Click on the “Start” menu and then click on the “Search programs and files” box, Search for and delete these files generated by Js:kak-A (trj):



%AppData%\[RANDOM CHARACTERS]\[RANDOM CHARACTERS].exe
%AllUsersProfile%
%AllUsersProfile%\Programs\{random letters}\
%AllUsersProfile%\Application Data\~r
%AllUsersProfile%\Application Data\~dll

*For Windows 8 users

a. Open Windows Explorer from Start screen, navigate to View tab. At Show/Hide column, tick both file name extensions and Hidden items and hit Enter.


Step three. Examine following entries respectively. Seeing any suspicious key value started with Run, right click on it and select Delete.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Current Version
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders Startup=”C:\windows\start menu\programs\startup


Lesson 2: http:// paytordmbdekmizq.tanktor.com/1ptz0Qa Automatic Removal


For manual removal of this infection needs to know more about special computer skills, if you have no more knowledge, please don’t do any trial. 

1: Download Removal Tool by clicking the below icon. (if you feel your computer sluggish, please restart your PC and then sign in safe mode with networking.)

http://www.pcresolvers.com/spyhunter.php

2: Installation process:

1) Check out the "File Download", and press "Save" to save SpyHunter file. “Save” the SpyHunter file on your Desktop.




2) Double click on the installation file and you will be prompted with a license agreement. Please read through the license agreement and check the box stating that you agree to the terms and click "Next."





3: After the installation has been successfully completed, SpyHunter will start scanning your system automatically.

4: You should now click on the Remove button to remove all the listed malware.


Optional Step:
There will be many residual files like invalid registry entries still on your computer when you uninstall the adware. These junk files occupy disk space of your computer and may degrade your computer performance over time. It is complicated to delete them manually, so you may need the help of a system cleaner or system optimizer. We recommend you optimize the infected system with RegCure Pro.

1) Click the icon to download RegCure Pro

http://www.pcresolvers.com/regcure.php

2) Double-click on the icon the RegCure Pro program to open it
(If Windows prompts you as to whether or not you wish to run RegCure Pro, please allow it to run.)








3) Click Next and complete the installation






4) RegCure Pro will begin to automatically scan your computer for errors
RegCure Pro Thoroughly scans and cleans up your Windows registry automatically. RegCure Pro allows you to automate the whole process of regular optimization of your PC for best performance using an in-built “Fix All" scheduler.






Quick Notice: http:// paytordmbdekmizq.tanktor.com/1ptz0Qa is a very aggressive infection that does a great deal of behaviors on the infected system, to make sure your computer safe, you are asked to remove http:// paytordmbdekmizq.tanktor.com/1ptz0Qa. Manual steps are complex and difficult, if you are not a professional tech, please don’t delete any host file. We here recommend you removing this infection with popular removal tool.

>> Download Removal Tool Here!

No comments:

Post a Comment