Click on screenshot to zoom
Danger level 9
Type: Trojans
Common infection symptoms:
  • Can't be uninstalled via Control Panel
  • Block exe files from running

Cryptorium Ransomware

Cryptorium Ransomware is a malicious computer infection that will not allow you to open your files anymore. Or at least this is what it wants you to think because the application tries to pass for a regular ransomware infection that can encrypt your files and steal your money. However, that is not what this program is about. It does not encrypt your files, but it still expects you to pay the ransom fee, so there is no need to tolerate it. Please remove Cryptorium Ransomware from your system immediately, and then run a full system scan to look for other potential threats that might be hiding on your computer.

It is obvious that the program cannot be uninstalled via Control Panel, but perhaps the most annoying thing about this infection is that it blocks executable files from running. Therefore, it will probably be impossible to run most of your programs with this infection on-board. It does make the impression that you are in a serious problem, and unless you do what the ransomware program ask of you, you will not be able to solve this. However, once again, we would like to point out that paying the ransom fee is never an option you should consider.

How did this program manage to enter your computer? Normally, ransomware applications travel via spam email attachments, but this one has a rather different distribution vector. This infection targets mostly the gaming community, as its executable file spreads as an illegal copy of the FIFA’17 game. Our research shows that this infection began spreading with the fake version of the game packed together with a crack that was released in December 2016. What does it mean? It means that if you refrain from downloading illegal programs from file-sharing sites. If you really want to have a particular application, it is best to download it from its official vendor’s website or to purchase a particular game from an online store. Indulging in illegal downloading, as you can see, can easily result in malware infection.

In our case, the executable file for the ransomware was VirtualUlpro.exe, and once it gets launched, it pretends to be encrypting most of your files, but the reality is that it only modifies the file extension to .ENC in the Downloads directory. So, even if you does seem that the files are encrypted, the program will make you think that only the files in the Downloads folder are affected. However, if you change the modified file extension back, for example, from vlc.ENC to vlc.exe, you should be able to launch all of your affected files again without any difficulty.

Aside from the supposed encryption, Cryptorium Ransomware also displays a ransom note that should convince users of the gravity of the situation. The note says the following:


Oh no, you had bad luck today. All your files are encrypted!
But! I have not deleted them yet! Purchase a “GBO KEY” to decrypt your files.

If not all encrypted files will be permanently deleted within 32 h and then there is no way to recover them!

As you already know, this ransom note is useless because no encryption took place at all. Also, the fact that the message has grammatical errors should be enough to convince you that there is nothing reliable about it. So keep your money to yourself and figure out other ways to get rid of this infection.

There is one good thing about this infection. Sometimes ransomware programs lock user’s screen to scare the infected users. However, Cryptorium Ransomware does not lock the screen. There is only a window with the ransom note that appears on top of your other windows. On the other hand, it is not possible to close this message because the ransomware blocks your Task Manager. What’s more, the purchase button does not work either, as there are no email address or other links given.

To remove Cryptorium Ransomware from your computer, you can use the instructions provided at the bottom of this description. If you find the manual removal too tedious, you can always rely on a licensed security application. In fact, that would be your best shot at protecting your computer from this ransomware and other dangerous threats.

How to Delete Cryptorium Ransomware

  1. Press Win+R and type Gpedit.msc into the Open box.
  2. Press Enter and go to User Configuration.
  3. Open Administrative Templates and go to System.
  4. Select Ctrl+Alt+Del Options.
  5. Select Disable or Not Configured under Remove Task Manager.
  6. Close the utility and press Win+R again.
  7. Type gpupdate /force and press Enter.
  8. Go to your Downloads folder and remove the downloaded malicious file.
Download Spyware Removal Tool to Remove* Cryptorium Ransomware
  • Quick & tested solution for Cryptorium Ransomware removal.
  • 100% Free Scan for Windows

Post comment — WE NEED YOUR OPINION!

Please enter security code:
This is a captcha-picture. It is used to prevent mass-access by robots.