The Obama Cybercrime malware is a nasty variation of recently discovered ransomware infections that are designed to infect the windows based computers all over the world. Once this malicious application invades the system, it will lock the computer completely, and you are only able to see this message on the screen. This virus exploits the photograph of President Obama to trap the innocent computer users. This virus mostly targets the computer users in the USA, but some cases are reported outside the USA. Mostly this malicious application distributed through the compromised websites. This nasty ransomware uses different tricks to convince the users that they are involved in any illegal activities due to which the authorities locked their system. You will be asked to pay a certain amount as fine in order to unlock the system, but in reality this is a trap that is set by the cyber thugs to steal your money.
Removal of Obama Cybercrime malware
Once it becomes obvious that the Obama Cybercrime malware invades your computer, you have to take counter measures. This ransomware infection can be removed automatically as well as manually. The steps involved in the manual removal of this virus are mentioned below:-
Change the Mode of Operation from Normal to Safe Mode
It is unavoidable to boot the system in the safe mode instead of the normal mode to start the manual removal process. Restart the machine, and hit the F8 key repeatedly while the system is restarted to gain the access of the boot options screen. Select the safe mode option from the menu, and hit the Enter key to open the system in the safe mode.
End the Malicious Processes
After accessing the safe mode on the system, you have to start the windows task manager by holding the Ctrl+Alt+Delete keys together. Select the processes tab under the task manager window, and delete the following associated processes of this ransomware:-
- %AppData%\[RANDOM CHARACTERS]\[RANDOM CHARACTERS].ex
Remove the Associated Data
Open the system files folder through file explorer, and remove the following suspicious files by using the Delete key:-
- %Desktopdir%\Obama Cybercrime malware .lnk
- %Programs%\Obama Cybercrime malware \Obama Cybercrime malware .lnk
Reverse the Modification in the Windows Registry
You have to open the registry editor by executing the Regedit command through Run option available in the start menu. Once the registry editor is accessed, remove the following entries associated with this dangerous ransomware virus and close the registry editor:-
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\Obama Cybercrime malware \DisplayIcon %AppData%\[RANDOM CHARACTERS]\[RANDOM CHARACTERS].exe,0
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\Obama Cybercrime malware
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\Obama Cybercrime malware \UninstallString “%AppData%[RANDOM CHARACTERS][RANDOM CHARACTERS].exe” -u
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce\[RANDOM CHARACTERS] %AppData%\[RANDOM CHARACTERS]\[RANDOM CHARACTERS].exe
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\Obama Cybercrime malware \ShortcutPath “%AppData%\[RANDOM CHARACTERS]\[RANDOM CHARACTERS].exe” -u
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\Obama Cybercrime malware \DisplayName Obama Cybercrime malware
Do not forget to restart the PC in the normal mode to see the effect of the changes you have made recently. Update the existing antivirus and run a full system scan from the main interface the antivirus application to remove any infections caused by the Obama Cybercrime malware.