The Bundeskriminalamt is a malicious application which is categorized as a tricky ransomware. It is originally used to target the windows based computers in the Germany; besides that, it has also infected computers in the England by using the name of the Metropolitan Police. This ransomware belongs to the family of Revoyem, and it can block your computer completely by saying that you have downloaded illegal software or involved in some kind of online crime. After blocking your PC, it will ask you to pay 100 Euro to unblock it; however, even if you pay the amount, they will never unblock your computer. It is pretended that the message is received from a government law enforcement agency, but actually it is the online criminals and developers of this ransomware who are behind this threatening message. Besides that, it also steals your personal information which then used in the cyber crimes. You need to remove the Bundeskriminalamt instead of paying them ransom amount.
Manual Removal Process of Bundeskriminalamt Ransomware
The manual removal of the Bundeskriminalamt is possible, however, it is a complicated process which is needed to be followed as it is described below in order to get the desired results:-
Start the Computer in Safe Mode
At first you have to restart the computer in safe mode to delete the Bundeskriminalamt threat. You have to use the F8 key while your computer is restarting to see the boot options screen where you have to select the safe mode option.
Delete the Malicious Processes
Once the PC is restarted in the safe mode, you have to end the associated processes. To end the processes, you have to start windows task manager by holding the Ctrl+Alt+Delete keys together, and press the processes tab where you can see all the running processes in your computer. Here you have to find and delete the following malicious processes associated with the Bundeskriminalamt:-
- %AppData%\[RANDOM CHARACTERS]\[RANDOM CHARACTERS].exe
Delete the Files and Folders
After ending the associated processes, you have to delete the files as well as folders to remove this dangerous threat. In this regard, you have to use the file explorer to locate the following files and delete them by holding the Delete key:-
- %Desktopdir%\Bundeskriminalamt Pressestelle.lnk
- %Programs%\Bundeskriminalamt Pressestelle\Bundeskriminalamt Pressestelle.lnk
Delete Registry Entries
The final step of manual removal process is deleting the corrupt registry entries which can be removed by using the registry editor. To start the registry editor you have to press the Start button, select Run, and type Regedit in the box. Once the registry editor is started, you have to navigate and delete the following entries:-
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\Bundeskriminalamt Pressestelle\DisplayIcon %AppData%\[RANDOM CHARACTERS]\[RANDOM CHARACTERS].exe,0
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\Bundeskriminalamt Pressestelle
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\Bundeskriminalamt Pressestelle\UninstallString “%AppData%[RANDOM CHARACTERS][RANDOM CHARACTERS].exe” -u
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce\[RANDOM CHARACTERS] %AppData%\[RANDOM CHARACTERS]\[RANDOM CHARACTERS].exe
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\Bundeskriminalamt Pressestelle\ShortcutPath “%AppData%\[RANDOM CHARACTERS]\[RANDOM CHARACTERS].exe” -u
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\Bundeskriminalamt Pressestelle\DisplayName Bundeskriminalamt Pressestelle
When you are done, you have to close the registry editor, and restart the computer in the normal mode to see the effectiveness of the manual removal method.