- Slow Computer
- System crashes
- Normal system programs crash immediatelly
- Connects to the internet without permission
- Installs itself without permissions
- Can't be uninstalled via Control Panel
A new ransomware infection LightningCrypt Ransomware has been discovered by specialists at pcthreat.com recently. Cyber criminals launched it on the 25th of May, 2017, so its infection rate is still quite low, but, of course, everything might change soon. Although this ransomware infection is a recent product of cyber criminals, there is not much new we can say about it because it works like other threats in the ransomware category. That is, it illegally enters the system, encrypts important files it finds there, and then demands a ransom. At the time of writing, the developer of LightningCrypt Ransomware wants 0.17 Bitcoin (~ $417) from users, but they should not give a cent to them because the chances are small that users will get their files decrypted after sending the money required. What specialists recommend victims of ransomware infections do instead is to remove them as soon as possible. These threats cannot be kept active on systems because they can strike again and encrypt new files. Also, they might help new threats to crawl into the system easier.
LightningCrypt Ransomware is an ordinary ransomware infection encrypting files. When users launch its file ChkDsk.exe (it has this name not without reason – it pretends to be a harmless disk checker), it scans the system, find where users’ important files are located, and, finally, encrypts those all files without mercy. It only encrypts documents, text files, music, videos, images, and some other files, which means that Windows files will not be ruined and your system will continue working normally after its successful infiltration. The only thing that will be different is your files – they will have a new extension .LIGHTNING appended to them, and, unfortunately, you could not open any of them. What you will also see is a new .txt opened, new Desktop background set, and a black window opened on your Desktop. Last but not least, three new files will be created by the ransomware infection on your computer: LightningCrypt_Recover_Instructions.txt, LightningCrypt_Recover_Instructions.png, and LightningCrypt_UniqeID.txt. Thanks to new Desktop background, a black window opened, and .txt files created by ransomware, users find out quickly what cyber criminals expect them to do. It is not surprising at all that LightningCrypt Ransomware demands money because that is all ransomware infections do. If you believe that it is the quickest way to get files back, you are wrong. Many users get nothing after sending money to cyber criminals, and we do not want you to be one of them. Therefore, we recommend removing LightningCrypt Ransomware the moment you discover it on your computer. Do not worry; it is not impossible to unlock files without the special decryptor. For example, you can recover them from a backup (if you back up your files periodically), or you can wait till specialists release a free decryption tool.
It is already clear that LightningCrypt Ransomware always enters computers illegally. Two distribution methods are adopted the most commonly to disseminate it: 1) it might travel as an attachment in spam emails and start working on users’ PCs the second they open it; 2) it might be promoted on a file-sharing page as an ordinary program. Even experienced users find it hard to protect their PCs from malicious software, so, in the opinion of security experts, all inexperienced users must have a security application active on their PCs. As long as they update it periodically and keep active, no malware could cause problems to them.
Remove LightningCrypt Ransomware as soon as possible if you have arrived at a decision not to send money to cyber criminals. Your files, unfortunately, will not be decrypted, but you necessarily need to erase this infection from your PC because it will continue performing activities on your system, for example, it might keep connecting to such URLs as rammichael.com/downloads/7tt_setup.exe, lupa-romana.de/blog/tag/marcus-antonius/, and arizonacode.bplaced.net. You can delete it either manually or automatically – it depends on you which of these methods you adopt. Instructions for the manual removal of ransomware are provided below, but if you decide to erase it automatically, you will need to acquire an automated malware remover – click on the Download button you see below to get a free diagnostic antimalware scanner.
Remove LightningCrypt Ransomware
Start your PC in Safe Mode
Delete the ransomware infection