Getting rid of the Buma Stemra ransomware malware – Windows 7

Categories Malware

Word reached me that my approach to get rid of the Buma Stemra Ransomware malware did not work on Windows 7. I initially only tested the approach on Windows XP, but I now took the time to test it on Windows 7 as well. The video below will show that the approach worked fine on Windows 7 in my test environment. While the approach is mostly the same there are some small differences.

Continue reading “Getting rid of the Buma Stemra ransomware malware – Windows 7”

Getting rid of the Buma Stemra ransomware malware

Categories Malware

Since a week or so a new Dutch version of some ransomware malware is active in the Netherlands. This malware claims to be from The Buma Stemra, but of course has nothing to do with the real Buma Stemra.  The malware successfully takes over the system by replacing the start of explorer.exe with itself, so as soon as the system starts the malware will be loaded instead of the normal Windows environment. The malware further disables editing the registry, accessing the task manager and getting access to the system in any way. When infected with the malware you can not access your own system anymore, the only thing the system will do is show the screen below.

Continue reading “Getting rid of the Buma Stemra ransomware malware”