1 of 2
Danger level 7
Type: Trojans
Common infection symptoms:
  • Slow Computer
  • System crashes
  • Slow internet connection
  • Connects to the internet without permission
  • Installs itself without permissions
  • Can't be uninstalled via Control Panel

Angela Merkel Ransomware

The malicious program was named as Angela Merkel Ransomware because it shows a ransom note with Angela Merkel’s photograph. Also, as the malware encrypts user’s data it marks such files with an additional extension called .angelamerkel. The good news is that the infection does not lock all data on the system. Instead, it targets a couple of directories and their subfolders. Therefore, it does less damage compared to similar threats that are programmed to encrypt all data on the infected computer. Since decrypting your files is rather impossible and so is paying the ransom there is nothing much left to do, but to erase Angela Merkel Ransomware. If you decide to delete it manually, we offer you our removal guide placed below the article. Additionally, we encourage you to invest a couple of minutes and read the rest of the text too.

Our specialists say that based on the malicious program’s code, it looks quite similar to Exotic Ransomware, although it does not seem to be fully developed yet. What makes us think this way is not only the fact that Angela Merkel Ransomware is quite poorly made, but also because its creators did not leave any Bitcoin address for users to transfer the money. Since such threats are created to extort money from users, payment details are usually the most important part in the ransom note. Thus, the lack of such crucial details as Bitcoin address makes us believe the infection could be still in the developing stage. Perhaps, it was distributed to some users just to test how it performs.

Currently, we cannot say how this malicious program is distributed, but we could mention a couple of possibilities. Just like many other similar threats, Angela Merkel Ransomware might be spread with Spam emails or malicious software installers. The next time we would advise you to be more careful while downloading such data. Both email attachments and application installers can be scanned with a reliable antimalware tool first. By doing so, you could determine whether the file is infected or not and accordingly decide if it is safe to open it.

As soon as Angela Merkel Ransomware is installed it should begin encrypting user’s data located on his Desktop. Afterward, the malware should continue by encrypting your data in the %USERPROFILE% directory and all of its subfolders. It seems the infection should target both personal and program data, for example, it could affect files with the following extensions: .exe .png .3dm .3g2 .3gp .aaf .accdb .aep .aepx .aet .ai .aif, .as .as3 .asf .asp .asx .avi, .bmp .cdr .cer .class .cpp .cr2 .crt, .cs .csv .db .dbf .dcr .der .dng .doc, .docx, and other. However, you might be unable to recognize some of the files as the malicious program might replace their original titles and add a second extension. For instance, your files could look like l5@J6glD.angelamerkel.

Later, Angela Merkel Ransomware should open a window with a message demanding to pay 1200 euros. It is a huge sum and normally we would advise you not to risk losing so much money, but under such circumstances, we do not need to. Like the note says the ransom should be paid in Bitcoins, but the malware’s creators somehow forgot to add their Bitcoin wallet address. Obviously, since you do not know where to transfer the money, it is simply impossible to pay the ransom.

Even if you remove the malware, the files that are already encrypted will still be locked. Nevertheless, if you want to keep the system secure, it is important to get rid of the infection. As the instructions placed below this text suggest, you should locate the main malicious file and delete it manually. Also, you could eliminate Angela Merkel Ransomware with a reliable antimalware tool. In that case, the security tool would detect the threat automatically, and you could erase it by clicking the removal button. If you have any other questions about this particular infection, you could leave us a comment below or write us via social media and we will try to reply as soon as possible.

Remove Angela Merkel Ransomware

  1. Press Win+E combination to open the File Explorer.
  2. Use the Explorer to check the Desktop, Downloads, Temporary Files, and other locations where the infected file could have been saved.
  3. Find the malicious file with a random name, right-click it and select Delete.
  4. Empty the Recycle Bin.
Download Spyware Removal Tool to Remove* Angela Merkel Ransomware
  • Quick & tested solution for Angela Merkel Ransomware removal.
  • 100% Free Scan for Windows

Post comment — WE NEED YOUR OPINION!

Please enter security code:
This is a captcha-picture. It is used to prevent mass-access by robots.