Tilde Ransomware

Tilde Ransomware is a dangerous computer infection classified as ransomware. Like most of the programs in the group, it changes your background image and connects to the Internet without permission. Obviously, it cannot be uninstalled via Control Panel, but you have landed in the right place because in this description we will give a user-friendly overview of this infection, and we will also tell you how to remove Tilde Ransomware for good. Although it may not be possible to retrieve your encrypted files, you have to do everything in your power to terminate this malicious infection. Submitting to its demands is not the right option.

This program is also known as Simple_Encoder Ransomware, so you may find information on it using this keyword, too. There might be a reason Tilde Ransomware has this Simple_Encorder alias. According to our researchers, this program is a light-weight ransomware. It means that it is not extremely complicated or difficult to crack. Nevertheless, it does not diminish the danger it poses, and the damage is caused to your system. Thus, the program should be taken seriously, and we believe that quite a few users do. After all, when your desktop background changes all of a sudden, there is enough reason to be alerted.

As far as the distribution of this program is concerned, the research shows that Tilde Ransomware spreads around through spam email messages. We receive spam email every single day. Sometimes it is very easy to tell it apart from the actual message, and some could be crafted in such a way it makes them look like the actual deal. Our inbox systems often can filter spam messages into the Junk box. However, some unwanted mail messages could still make it to your main inbox, and (if the Topic line looks relevant) you could end up opening it.

For the most part, spam email that distributes Tilde Ransomware and similar ransomware often pretend to carry messages from financial institutions and other legal bodies. However, you have to realize that no financial institution would ask you to download and open an attached file. If you receive an unfamiliar invoice, it is best to make a call and check its legitimacy before opening it. Because if you fail to employ these safety measures Tilde Ransomware might as well settle down in your system.

When the infection takes place, the program immediately encrypts a list of files. It targets a big number of file types, including those that have these extensions: xlw, .slk, .xlsb, .xlsm, .xlsx, .xltm, .xltx, .wks, .odp, .otp, .sxi, .sti, .pps, .pot, .sxd, .std, .pptm, .pptx, .potm, .potx, .uop, .odg, .otg, .sxm, .mml, .docb, .ppam, .ppsx, .ppsm, .sldx, .sldm, .ms11, .lay, .lay6, .asc, .SQLITE3, .SQLITEDB, .sql, .mdb, .dbf, .odb, .frm, .MYD, .MYI, .ibd, .mdf, .ldf, .php, .cpp, .pas, .asm, .vbs, .dip, .dch, .sch, .brd. The list of extensions goes on and on, so it is more or less safe to say that Tilde Ransomware affects almost all of the files you have on your computer, and definitely all the files you use frequently. After the encryption, the infection displays a message that says:

All your system is encrypted.
<…>
Now you have two options to solve the problem:
1. Format your hard disk. This way you’ll lose all your files.
2. Pay 0.8 Bitcoin and get key of decryption. At the end of this ad you’ll see you personal ID and our contact information.

Further in the message, you are requested to send “your personal identifier” to the given email address. Supposedly, after that, you will receive further instructions on how you can transfer the payment and get the decryption key to restore your files. Does that really happen, though? Hard to say, ransomware applications are known to have a pretty poor record of keeping their promises.

Actually, the best way to restore your files is to re-import them from your backup. If you do not have one, it might be possible to get your files back from system’s shadow copies (granted the ransomware did not delete those), but for that, you would need to get help from an experienced technician. Also, there could also be a free decrypter tool available online. Whichever option you choose, the point remains: You need to remove Tilde Ransomware.

Check out the removal instructions below to get rid of the program, and do not hesitate to use a powerful antispyware tool if need be. It is always better to invest in an automated security application to protect your computer and your data from similar threats in the future.

How to Remove Tilde Ransomware

1. Delete the latest file you downloaded and opened.
2. Press Win+R and type %TEMP%. Click OK.
3. Locate and delete the Simple_Encoder folder.
4. Change your desktop’s background.
5. Locate and remove the _RECOVER_INSTRUCTIONS.ini file in each folder on your system.
6. Scan your PC with the SpyHunter free scanner.

Take note that deleting all the files dropped by this ransomware manually might be too tedious for you, especially if you are not an experienced computer user. Hence, do not hesitate to acquire a powerful security application that would do that for you.