I recently had to clear one of these ransomware horrors from a friends computer.
What a clever piece of work it was - this newer version even activated his camera and placed a mug-shot of him in the middle of the locked screen!. You could NOT just start up in normal safe mode, only Safe mode with Command prompt. From there I was able to upload a heap of anti-virus , malware and trojan killer software tools from a USB [used about 20 different ones]. It took a few days to remove the actual infection, as it gets into the ports, the browsers, and even the Boot sectors of the HDD. After I got the computer back to functioning, I was then able to do a Restore from about a week prior to the attack, then ran a registry cleaner to clean out a load of dross.
About 5 year ago I had an experience with an exceptionally nasty trojan which even passworded the hard drive - lucky I did have a bootable recovery CD which just happened to have a hard drive bootup password remover app - the passcode that virus placed on the dirve was over 40 characters long [ ERD was not able to access the HDD until I was able to remove the password ]
That particular virus was an exceptionally difficult beast to get rid of , as it actually infected ALL the restore points in the recovery as well as nearly every executable file on the computer !
Keep Up with TechRepublic