Remove ransomware that modifies “Shell” registry entry
There are several ransomware-type applications that modify the “Shell” registry entry of your computer. The location of this “Shell” registry key is as follows – HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\. The default value of this “Shell” string must be explorer.exe, however, the scam perverted it by assigning the totally different name to it. […]