Wannabehappy Ransomware

Wannabehappy Ransomware is certainly not about making you happy but rather its authors by collecting all the easy money they try to extort from their victims. This vicious program can encrypt most of your important files, including your photos, videos, documents, databases, and more. This attack can hit you hard, but you should not fall for it and try to transfer the demanded fee because you may still not get the decryption key that is needed for you to be able to recover your files. As a matter of fact, our research shows that it is actually possible to decrypt the files that have been rendered useless by this dangerous threat. However, unless you are an experienced or advanced user, we do not advise you to search the web for a free tool or other solutions because cyber criminals may be looking forward to such requests to offer expensive ways to recover your files or infect you with more dangerous threats. All in all, we recommend that you remove Wannabehappy Ransomware from your system immediately and then, ask an IT savvy friend or a professional to help you with the decryption.

This ransomware program is mainly spread in two ways. First, the most likely way for you to infect your system is via spamming campaigns. This is one of the most widely used method to fish for potential victims. This spam can appear to be something very important and it may seemingly come from well-known companies or authorities. The subject matter is always something that would make you feel like "Thank god, I found this mail in the spam folder before blindly deleting it" or something similar. This can be done by simply exploiting your basic human nature, i.e., your curiosity factor. If you find a mail in your spam folder that claims to come from a big company that you allegedly owe an unpaid invoice, you would most likely want to see it along with its attachment that is supposed to hold key information or a picture of the invoice in question. You need to understand that by opening this file attachment you actually initiate this vicious attack. This also means that you cannot delete Wannabehappy Ransomware without having your files encrypted. It is only by sheer luck that you may be able to decrypt your files without paying for the decryption key, which is risky anyway since you may not get anything in return.

It is also possible that these cyber villains use so-called remote desktop protocol attacks. In this case, you need to have a remote desktop application installed (e.g., TeamViewer) on your machine. If this software is not properly and adequately configured, these crooks can gain access to your system and initiate this attack manually. Obviously, you will not notice anything about this malicious cyber-attack only when it is finished and displays the ransom note. This is why it is not possible to remove Wannabehappy Ransomware without possibly losing your files to encryption.

This ransomware is spread under the name "Cryptor.exe." After you run this malicious executable, it targets all your photos, videos, audios, documents, databases, and other personal files to cause the most possible damage to you. The encrypted files get a ".encrypted" extension, which has been used by a number of other ransomware programs. When the encryption has finished, this malware infection displays its ransom note application window. This screen shows you how many of your files have been affected, how much time you have left before the price doubles, you can see the ransom note in the middle panel, and, on the right, you can enter the Transaction ID into the Payment field and press the "Validate payment" button after you have actually made the payment.

You have to pay 500 dollars’ worth of Bitcoins to the provided Bitcoin address. You have less than 14 hours to transfer the ransom fee; or else, it will be doubled. These crooks also offer you a free deal if you are “that poor” that you cannot pay the fee even after 6 months; not that it is likely that these criminals will be around to deliver you the decryption key. These crooks do have some sense of humor as they write "Thanks for using wannabehappy" above the “Close” button in the bottom-right corner. The truth is that we do not advise you to pay and not only because it would be supporting cybercrime, but also because it may be possible to decrypt your files without the key. We advise you to remove Wannabehappy Ransomware from your PC right away.

We have prepared the necessary instructions for you below, which you can use to eliminate this dangerous threat if you are up for some manual work on your computer. Once you delete all the related files and registry entries, you can ask a friend who is an advanced user to help you with finding a solution to recover your files. We do not suggest that you do this alone unless you are really that good and alert. Please remember that the web is full of dangers and cyber criminals can be behind a lot of seemingly amazing offers of recovering your files. If you want to protect your computer from all kinds of malicious attacks in the future, we believe that it is best for you to install a trustworthy anti-malware program like SpyHunter.

How to remove Wannabehappy Ransomware from Windows

1. Press Win+R and type regedit. Press OK.
2. Delete these registry entries:
   HKCU\SOFTWARE\WannabeHappy
   HKCU\SOFTWARE\WOW6432Node\WannabeHappy
3. Close the editor.
4. Press Win+E.
5. Locate any lately saved suspicious files in all your download directories and delete them.
6. Empty your Recycle Bin.
7. Restart your PC.