- Connects to the internet without permission
- Installs itself without permissions
- Can't be uninstalled via Control Panel
AnonFive Ransomware is a program that will probably not infect you any time soon because its command and control server was taken down, but there is a chance that the program might come back some time later. Hence, it is always better to be ready, rather than get infected unawares. In case you have a computer infected with this application, you can scroll down to the bottom of this description for the manual removal instructions. However, we would like to emphasize that the best way to fight ransomware applications is to remove them with licensed security tools as they can detect and delete all the malicious files at once.
It is very likely that this program spreads through spam email attachments. Actually, that is the most common ransomware distribution method, so there is nothing surprising about that. What is surprising, however, is the fact that users tend to open email messages from unfamiliar senders because they think those message may have something useful. Also, these spam email messages come with attachments that masquerade as legal documents you must open no matter what. While most of the spam emails go straight into the Junk folder, these well-crafted messages can also land in your main inbox, too.
How can you tell spam message apart from an actual email? Normal, spam emails that deliver ransomware programs look like invoices from online stores. They may also pretend to carry a notification from a financial institution. So if you have not bought anything lately, and if you are not expecting a message from your bank, you should not open those emails. Also, the spam emails come with attachments, while the actual notifications from legal bodies will probably display the important information within the actual message. Legal institutions know the risks posed by email attachments, so they usually try to avoid them sending them.
Now, what do we know about AnonFive Ransomware? We know that the program is based on the open source Hidden Tear ransomware, and thus it falls into a long list of other ransomware applications that are also created with the Hidden Tear code. It means that whoever used AnonFive Ransomware to infect users must have customized this application according to their likes and preferences. Also, the there might be no public decryption tool for the application because it was working just for a short period of time. It is rather discouraging for users who still have files encrypted by this program.
Although the program’s life-span was rather short, it still managed to encrypt target files using the AES encryption algorithm. And we know that when you have files affected by this algorithm, it is virtually impossible to decrypt them unless you have the unique decryption key. Needless to say, the only ones who would have the key were the criminals. The program would also drop a ransom note in a READ_IT.txt file on your desktop. The ransom note says that you have to send 0.5BTC or around $500USD to a give Bitcoin address, and then you would be able to restore your files.
Of course, since the program’s command and control server is taken down, there is no way to contact the people behind AnonFive Ransomware, and thus you cannot receive the decryption key even if you do pay the ransom. Even if it were possible to contact these criminals, computer security experts would still be strongly against your paying the ransom. Think about it: If you pay the ransom fee, you help these scammers continue their dirty work, enabling them to infect even more users. Hence, you should remove AnonFive Ransomware from your system immediately without even considering paying the ransom.
It should not be hard to delete AnonFive Ransomware because you just need to remove the file that launched the infection. It will probably be in your Downloads folder. When you delete the file, scan your computer with the SpyHunter free scanner just to be sure you have removed all the malware elements.
As for your files, you need to delete the encrypted ones, and then look for healthy copies of your data. You probably have at least part of them stored in an external hard drive, or maybe you saved some of your files on some cloud storage or in your outbox. Please check out all the potential options to retrieve as many files as possible.
How to Remove AnonFive Ransomware