Severity scale:  
  (91/100)

Malabu ransomware virus. How to remove? (Uninstall guide)

removal by Olivia Morelli - - | Type: Ransomware
12

Malabu ransomware demands a ransom to set your files free

Malabu virus is a ransomware-type malicious program that encrypts files[1] on a computer system. The ransomware corrupts them with AES cipher[2] and appends .fucked file extensions to their filenames. The virus also has a screenlocker function, which prevents the user from accessing the computer system. The main file of this ransomware is called MALABU-X.exe, and it launches a full- screen message that informs the victim about the attack and says that the computer was hacked. Criminals state that they want $500 from the victim within two days otherwise the price will double. The criminals command the victim to purchase Bitcoins[3] worth that sum of money in US dollars and send them to a provided Bitcoin wallet. After doing this, the victim has to take a screenshot or a photo of the transaction confirmation page and send it to criminals to steverussel@mail.com. The criminals promise to send the user the decryption key afterward. However, research shows that even 20% of ransomware victims who decide to pay up do not receive the decryption keys or tools from cybercriminals[4]. Another reason not to pay is that these is a decrypter available, and you can use it for free. However, you should firstly remove Malabu ransomware from the computer using powerful ransomware and malware removal software such as Reimage

Ransomware viruses usually are highly sophisticated programs, and their developers tend to do their best to ensure that the victim won’t get a chance to restore encrypted files for free. They do this because they want victims to pay up, and to push them to do so faster, they promise to destroy the key after a certain period of time. Again, this is done only in order to rush the victim, because the first several days after releasing the virus are the most profitable since there isn’t much information about it on the Internet and scammers’ email addresses and other means of communications function properly before they get blocked. This particular malware was analyzed rapidly and a researcher Michael Gillespie already provided a decrypter for it. You should try using this tool after completing Malabu removal successfully.

How did I infect my computer with ransomware?

Ransomware viruses are mostly distributed via malvertising[5], exploit kits and a good old technique that is known as spam. The last method we mentioned is used for delivery of all kinds of malware. You can catch the computer virus if you tend to open shady emails without knowing the sender of them. It is also advisable to check the email address of the sender or just simply hover your mouse above hyperlinks added to the message because then you can see the link it leads to in the lower bottom corner of the browser window. If the link looks suspicious, do not click it, otherwise, you might get redirected to a phishing or a malware-hosting website. Also, stay away from email attachments called invoices, subpoenas, resumes, and so on. Scammers tend to hide malicious codes in either Word or .JS files to deceive them the victim and trick him into opening the file without realizing what lies within it.

How can I remove Malabu virus and decrypt my files for free?

You can remove Malabu virus using Reimage anti-malware software, and then decrypt files using a free decrypter created by Michael Gillespie. You can find its download link below the article in data recovery section. Please, do not waste your time trying to remove the virus on your own – you can do more harm than good by leaving some malicious components on the system. Malabu removal must be done professionally and an automatic malware removal software is exactly what you need in order to complete the task.

We might be affiliated with any product we recommend on the site. Full disclosure in our Agreement of Use. By Downloading any provided Anti-spyware software to remove Malabu ransomware virus you agree to our privacy policy and agreement of use.
do it now!
Download
Reimage (remover) Happiness
Guarantee
Download
Reimage (remover) Happiness
Guarantee
Compatible with Microsoft Windows Compatible with OS X
What to do if failed?
If you failed to remove infection using Reimage, submit a question to our support team and provide as much details as possible.
Reimage is recommended to uninstall Malabu ransomware virus. Free scanner allows you to check whether your PC is infected or not. If you need to remove malware, you have to purchase the licensed version of Reimage malware removal tool.

More information about this program can be found in Reimage review.

More information about this program can be found in Reimage review.

Manual Malabu virus Removal Guide:

Remove Malabu using Safe Mode with Networking

Reimage is a tool to detect malware.
You need to purchase Full version to remove infections.
More information about Reimage.

Remove the ransomware out of the computer system using a powerful malware removal sofware, but to ease this task for it, you should reboot your PC into Safe Mode with Networking first:

  • Step 1: Reboot your computer to Safe Mode with Networking

    Windows 7 / Vista / XP
    1. Click Start Shutdown Restart OK.
    2. When your computer becomes active, start pressing F8 multiple times until you see the Advanced Boot Options window.
    3. Select Safe Mode with Networking from the list Select 'Safe Mode with Networking'

    Windows 10 / Windows 8
    1. Press the Power button at the Windows login screen. Now press and hold Shift, which is on your keyboard, and click Restart..
    2. Now select Troubleshoot Advanced options Startup Settings and finally press Restart.
    3. Once your computer becomes active, select Enable Safe Mode with Networking in Startup Settings window. Select 'Enable Safe Mode with Networking'
  • Step 2: Remove Malabu

    Log in to your infected account and start the browser. Download Reimage or other legitimate anti-spyware program. Update it before a full system scan and remove malicious files that belong to your ransomware and complete Malabu removal.

If your ransomware is blocking Safe Mode with Networking, try further method.

Remove Malabu using System Restore

Reimage is a tool to detect malware.
You need to purchase Full version to remove infections.
More information about Reimage.

  • Step 1: Reboot your computer to Safe Mode with Command Prompt

    Windows 7 / Vista / XP
    1. Click Start Shutdown Restart OK.
    2. When your computer becomes active, start pressing F8 multiple times until you see the Advanced Boot Options window.
    3. Select Command Prompt from the list Select 'Safe Mode with Command Prompt'

    Windows 10 / Windows 8
    1. Press the Power button at the Windows login screen. Now press and hold Shift, which is on your keyboard, and click Restart..
    2. Now select Troubleshoot Advanced options Startup Settings and finally press Restart.
    3. Once your computer becomes active, select Enable Safe Mode with Command Prompt in Startup Settings window. Select 'Enable Safe Mode with Command Prompt'
  • Step 2: Restore your system files and settings
    1. Once the Command Prompt window shows up, enter cd restore and click Enter. Enter 'cd restore' without quotes and press 'Enter'
    2. Now type rstrui.exe and press Enter again.. Enter 'rstrui.exe' without quotes and press 'Enter'
    3. When a new window shows up, click Next and select your restore point that is prior the infiltration of Malabu. After doing that, click Next. When 'System Restore' window shows up, select 'Next' Select your restore point and click 'Next'
    4. Now click Yes to start system restore. Click 'Yes' and start system restore
    Once you restore your system to a previous date, download and scan your computer with Reimage and make sure that Malabu removal is performed successfully.

Bonus: Recover your data

Guide which is presented above is supposed to help you remove Malabu from your computer. To recover your encrypted files, we recommend using a detailed guide prepared by 2-spyware.com security experts.

If your files are encrypted by Malabu, you can use several methods to restore them:

Use a Malabu ransomware decrypter

Luckily, victims of Malabu ransomware do not have to spend a cent to restore their files because there is a free decrypter available for victims of it. You can download it here – StupidDecrypter. Do not be scared of the file name – researchers entitled it like that due to poor programming skills that ransomware developers have. 

Finally, you should always think about the protection of crypto-ransomwares. In order to protect your computer from Malabu and other ransomwares, use a reputable anti-spyware, such as Reimage, Plumbytes Anti-MalwareWebroot SecureAnywhere AntiVirus or Malwarebytes Anti Malware

About the author

Olivia Morelli
Olivia Morelli - Ransomware analyst

If this free removal guide helped you and you are satisfied with our service, please consider making a donation to keep this service alive. Even a smallest amount will be appreciated.

Contact Olivia Morelli
About the company Esolutions

References


  • jozife

    Thanks for the help! I removed Malabu with ease. Great tutorial 🙂

  • Gandi2_1

    removed ransomware, decrypted my files. I never thought it was possible. Thanks a million!!!

  • w3ap0n

    what does Malabu even mean?!

  • Roze

    Oh my god! I was so scared when this message popped up on my screen! Thank you guys, for helping me out. I really thought I will never be able to open my family photos again. 🙂