Click on screenshot to zoom
Danger level 7
Type: Trojans
Common infection symptoms:
  • Slow Computer
  • System crashes
  • Connects to the internet without permission
  • Installs itself without permissions
  • Can't be uninstalled via Control Panel

Domino Ransomware

Domino Ransomware may sound fun, but there is nothing amusing about this program. In fact, it is one of the most dangerous infections out there. It may leave you with staggering file loss without you even realizing it. When you need to fight ransomware, your head has to stay clear as there is no room for panic. You can remove Domino Ransomware by yourself or with a licensed security application. Your biggest concern, of course, is your files, but that can also be taken care of if you have a backup. Thus, to find out more about this infection, please continue with the description.

When this program accesses your computer, it runs a full system scan to check all the file formats that it is capable of encrypting. In general, the ransomware application can encrypt all of your important picture and document file formats. In other words, it is highly possible that most of the files you use on a daily basis will become inaccessible once Domino Ransomware enters your system. What’s more, the program also uses the AES 1024 encryption method. This advanced encryption standard algorithm was first published in 1998, and it is used to protect important data from malicious exploitations. Unfortunately, as you can perfectly see, the algorithm can be exploited itself by cyber criminals for their evil deeds.

It is actually possible to avoid getting infected with Domino Ransomware, but for that you need to stay attentive and vigilant. Our research shows that the program travels around via spam email. It is hard to say how what the messages that carry the infection file impersonate, but it might be anything from popular social networking sites to some financial institution (like a bank or a credit card company). It is important to note that such websites and institutions seldom send attachments in their official emails. If anything, there is usually an outgoing encrypted link that ensures your security. On the other hand, if you see an attachment in a mail message from Facebook, Twitter or any other popular website, the chances are this is a scam. The scam that was devised to trick you into opening a ransomware installer file.

In the case of ransomware infection, the installer file is not the only piece of data Domino Ransomware drops on your system. It also adds two more files to the Temporary file directory, called Help.exe and Helloworld.exe. These files do not encrypt your files, but they automatically open an Explorer window on your screen with the ransom note. The ransom note is the main reason you know about the infection. The second tell-tale sign are your files that now have the .domino extension added to all file names.

This ransom note is supposed to convince you that you have to pay for the decryption tool; otherwise, there is no other way to restore your data. The criminals go as far as using a set of hilarious emoji icons in the message. However, the only ones who find it funny are obviously just them.

The message on your screen reads:

Your file had been encrypted with AES 1024 bit key!!
How to decrypt your files:

  1. Send me 1 bitcoin to: 1AkHpPZ18f3QAygdMV2W4R$QjkzYxDkNEA

  2. After send bitcoin, send me your (computer name + user name + bitcoin address) to email 61f1e8055af3f6a672959e6b0493a@gmail.com to get password!

  3. Using your password to decrypt your files!

This password supposedly should be the decryption key. The message also says you have only 72 hours to buy this password because after that it will self-destruct. Computer security experts also note that it is common for cyber criminals to simple swindle users out of their money without issuing the decryption key. Thus, you have you keep them in mind, considering all your options. After all, the bitcoin exchange rate is no joke at the moment, and one bitcoin is over $500USD, so paying should never be an option for you.

Due to the fact that this infection is relatively new, the public decryption tool is not available at the moment. However, you can always restore your files if you have backup copies saved in an external hard disc or a virtual cloud drive. Just keep in mind; you have to remove Domino Ransomware from your system before you copy and paste your files back. Although it is possible to terminate this program manually, we would strongly suggest running a full system scan with a security tool that would delete all files and malicious registry keys for you automatically. This way, you will be sure you have taken care of all the potential threats.

How to Remove Domino Ransomware

  1. Open the Downloads folder.
  2. Remove all the recently downloaded files.
  3. Press Win+R and the Run prompt will open.
  4. Type %TEMP% into the Open box and click OK.
  5. Delete the Help.exe and Helloworld.exe files.
Download Spyware Removal Tool to Remove* Domino Ransomware
  • Quick & tested solution for Domino Ransomware removal.
  • 100% Free Scan for Windows
disclaimer
Disclaimer

Post comment — WE NEED YOUR OPINION!

Comment:
Name:
Please enter security code:
This is a captcha-picture. It is used to prevent mass-access by robots.