Click on screenshot to zoom
Danger level 7
Type: Trojans
Common infection symptoms:
  • Slow Computer
  • System crashes
  • Connects to the internet without permission
  • Installs itself without permissions
  • Can't be uninstalled via Control Panel

Storagecrypter Ransomware

You might get lucky if you have just got infected with Storagecrypter Ransomware because there is a chance that the Command and Control server does not operate anymore; therefore, the encryption could be disabled. In other words, it is possible that your important files could be safe for the time being as it seems that this dangerous infection cannot encrypt them right now. Of course, it is also possible that you were hit by this threat before the server went down and your files were actually ciphered. A new server can also be set up soon and this ransomware may hit victims hard again. Still, we do not advise you to pay the nearly 5,000 US dollars' worth of ransom fee. Once you pay, there is no guarantee that you will get anything in return other than yet another warning to pay more for your files. Unfortunately, it is not yet possible to recover your files any alternative ways. This means that you could lose all your precious files if you do not have a recent backup or if your version does actually work properly. We strongly recommend that you remove Storagecrypter Ransomware as soon as possible; although, your files may be untouched by this threat.

It is quite possible that you have received a spam e-mail recently and you were curious enough to see its attachment. This is how most of the victims infect their system with this dangerous malware. This spam mail could be about an unpaid invoice and claim that the attached image of the invoice will contain all the details you need to know. Since you may not remember any invoice you have forgotton to settle, you would obviously want to see what this might be about, and this is how you may end up viewing this attachment, which is indeed the malicious executable. Of course, the subject could be regarding your credit card information or an issue with an online booking. When in doubt, you should always contact the sender of the e-mail to get further information before opening any attached file if you do not want to find yourself losing all your personal files to encryption. Unfortunately, it is not possible for you to delete Storagecrypter Ransomware without the nightmare of encryption if this is a fully functioning version you have let on board.

You can also download such a dangerous infection when downloading software cracks or unlicensed software from suspicious file-sharing websites. These pages usually promote malicious software bundles that can be packed with all sorts of malware infections and potentially unwanted applications as well. But there are other ways too for you to infect your system with such a bundle. For example, your system could be infected with adware, which can display unreliable third-party ads while you are browsing the web and infect your PC with a bundle just by clicking on one. But you can also be exposed to unsafe third-party contents when visiting suspicious websites. All in all, please remember that it is best to use a reliable malware scanner right after you delete Storagecrypter Ransomware from your computer in order to make sure that you are aware of the extent of potential threats on board.

After launching the malicious executable, it creates a copy of itself and places it in your "C:\Windows" folder under the name of "smss.exe." Then, it initiates the attack and targets all your personal files, including your documents, images, archives, and more to hit you as hard as possible. This malware infection adds a ".locked" extension to your files so it is easy to see the extent of the damage. However, we must tell you again that it is possible that this ransomware can no longer harm you, or at least, not temporarily since the C&C server could be shut down.

This infection drops a text file named "_READ_ME_FOR_DECRYPT.txt" that contains payment information and how you can decrypt your files. These villains demand 0.4 Bitcoins to be paid to a Bitcoin wallet provided in this note, which is almost 5,000 dollars at the time of writing. Once you paid, you need to write an e-mail to "" with the "Decrypt-ID" that is shared at the bottom of the ransom note. Although these criminals offer you a chance to decrypt two unimportant and smaller than 2MB for free, this is still not enough guarantee for you that these crooks will keep their promise to send you the decryption key. We believe that it is best to remove Storagecrypter Ransomware right now.

Hopefully, you are a security-minded user and save regular backups. However, we must warn you that this ransomware infection may also encrypt your files stored in cloud. Of course, in case you are infected with a working version. Thus, it may be safest to have a removable hard disk as storage for backups. Even if your files have not been encrypted this time, it is important that you eliminate Storagecrypter Ransomware. Please follow our instructions below if you want to do this manually. If you are not confident enough or would like to have an automated tool to protect your system from further infections, we suggest that you use a trustworthy anti-malware program like SpyHunter.

Remove Storagecrypter Ransomware from Windows

  1. Launch your Task Manager by tapping Ctrl+Shift+Esc simultaneously.
  2. Find the malicious process and right-click on it if it is still active.
  3. Select Properties.
  4. Remember the Location field so you can delete the malicious executable.
  5. Close the Properties window and click End task.
  6. Close your Task Manager.
  7. Tap Win+E.
  8. Delete the malicious executable.
  9. Delete the ransom note ("_READ_ME_FOR_DECRYPT.txt") and all suspicious files you can find in your download directories.
  10. Empty your Recycle Bin and reboot your system.
Download Spyware Removal Tool to Remove* Storagecrypter Ransomware
  • Quick & tested solution for Storagecrypter Ransomware removal.
  • 100% Free Scan for Windows

Post comment — WE NEED YOUR OPINION!

Please enter security code:
This is a captcha-picture. It is used to prevent mass-access by robots.