- System crashes
- Normal system programs crash immediatelly
- Connects to the internet without permission
- Can't be uninstalled via Control Panel
We want to inform you about a new ransomware called Bubble Ransomware, a dangerous infection that can enter your computer by stealth and then encrypt many of your valuable files and then demand that you pay money for a decryption tool to recover them. Paying the ransom is not a good idea because the cyber crooks might not keep their end of the bargain and send you the decryption tool. Therefore, we recommend that you remove this infection as immediately. We have received information on a free decryption tool that might already be available online, so we suggest you look for it. If you want to find out more about this ransomware, please continue reading.
If your computer were to become infected with Bubble Ransomware, then it will start encrypting your files immediately. We have found that this ransomware is capable of encrypting 42 file formats such as .mov, .mp3, .mp4, .mpeg, .mpg, .doc , .docm, .docx, .dwg, .jpeg , .jpg, and so on. It appends the encrypted files with a “.bubble” file extension that signals that a particular file has been encrypted. Once the encryption is complete, this malware will generate a small window that reads “Hello, I am Bob, do you remember the game? Unfortunately, the world has changed, and I have changed too: once spit bubbles, today i encode your file!:)” The text features an email address firstname.lastname@example.org that you have to message to receive instructions on how to pay the ransom and get your files back. Testing has shown that this window cannot be closed but you can launch Task Manager to kill its process, but it is named randomly. Nevertheless, you can identify this process by looking at its Description section that should say “preventivo.pdf.” You must terminate this process before you attempt to delete this ransomware. The full removal guide is located below this article.
Now let us take a look at how this particular ransomware is currently being distributed. We have received unconfirmed reports that Bubble Ransomware is sent in malicious emails. Apparently, its developers try to trick you into thinking that the file attached to the email is some sort of a legitimate PDF document. The name of the file is said to be “preventivo.pdf.exe.” Note that is has a PDF extension in the middle and an EXE extension at the end. The last extension is the real one, and it is obvious that the file is an executable application posing as a PDF document. Apart from being distributed via email, we believe that this ransomware’s developers can also distribute it using fake software downloads operating system updates and so on. It can also infect your PC through fictitious Flash Player or Java updates that are often promoted on malicious websites.
There is no question that Bubble Ransomware is a highly dangerous computer infection that can encrypt your files and, thus, prevent you from accessing their contents. Its developers want to extract money from you, but there is no guarantee that they will keep their word and send you the decryption tool once you have paid. As previously mentioned, a free decryption tool should be already available, and we suggest you get it. As far as its removal methods are concerned, you can get rid of it using an anti-malware tool such as SpyHunter or make use of the manual guide featured below.
How to delete this ransomware