How To Remove The Banjo Ransomware / Virus.

How To Remove The Banjo Ransomware / Virus.

How To Remove The Banjo Ransomware / Virus

If you find your self in this situation and have to remove the Banjo Ransomware we suggest you follow our guide. This is something we only recommend an experienced person tries. If this is something you do choose to do yourself we are giving you a fair warning now. This is only a suggestion, this blog is provided as a guide for the removal of the Banjo virus. Rezz Tech can not be held liable for any damage caused or if you are unable to successfully remove the banjo virus. Now that we got that out of the way lets get started!

First Steps in Removal

If you are working on a network with several computers your first step should be to disconnect all computers from the network. Do this by disconnecting the ethernet cable to each PC / device. For wireless devices make sure you disconnect the wireless. If your network has managed switches we suggest you login to that switch. Then check and make sure you have no more devices on the network. The banjo ransomware /virus can be very tricky and can go from computer to computer on your network. This should be your first step when dealing with any ransomware.

Back up data

Now before you say “why should I back up anything when its all infected?” Honestly, it’s a great question. The main reason we have you do this is for a few reasons. The main one being that in case one day they come up with the decrypt key for this type of ransomware. Which if they do, you will have a copy of your data and can recover data that you wrote off as being lost. Now, this does not happen often, but it does happen. Which is why we suggest you take a backup of the infected data. If this attack has caused you to lose files.

A few ways to remove the Banjo Ransomware

The first way you can remove the banjo virus and the way that we suggest at Rezz Tech is wiping your computer. This means reinstalling your OS onto your HHD (Hard Drive). Yes this will wipe everything on your computer, thus deleting all of your files, programs etc along with the banjo virus. This is the safest way to go when dealing with the Banjo virus. Which can be very difficult to remove and handle. There is very little reason why one should not wipe their computer when it becomes infected like this.

The next way you can remove the Banjo Ransomware is by using third-party software. Now this option just like the next one does leave a chance of you missing the ransomware. Thus setting it up to infect you at a later time. Which trust us. Nothing feels worse than getting everything back up to normal and then boom. The same virus/ransomware comes back. Take it from us. Wipe your computer. But if you choose to use a third party software here are some we suggest using. As always make sure to use the paid version and support these companies.

  • Malwarebytes Click here for Link
  • SuperAntiSpyware Click here for Link
  • SpyHunter Click here for Link

These programs are just some we have used in the past and had good luck with. Again these programs do leave a small chance of leaving a trace of any virus / ransomware on your computer. Which if your one of the few who reads the software agreement you will see that part on it.

The last way to remove the Banjo Ransomware / Virus is to manually delete the virus / ransomware. However, if this is the way you want to go follow the steps below and we will show you how to do this.

1 – Boot Computer into safe mood (Windows Key and R)

2 – the Run window will show up. Type msconfig and hit enter

3 – Click Boot Tab, then Safe Boot, then network and then apply and ok.

4 – when asked click on Restart to start safe mode.

5 – You know your in safe mood by the words safe mode in the bottom corners of your screen.

6 – clean any registries created by the Banjo ransomware / virus on your computer.

7 – look for these files in the registries

  • HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run
  • HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce

8 – Use run and runonce keys shown here

Remove the value by right-clicking on it

Step 9 – Find the files created by Banjo

For this just use open up explorer.exe and search .banjo files. This should pull up all files with the extension .banjo.

Again, we strongly suggest that you bring in an IT company for this if it is on a large network. Removing this virus can be very tricky and can cause issues for you in the long run. If you have any questions we will do our best to respond! Thanks for taking the time to read our blog and until next time!


Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.