BeethoveN Ransomware

No matter how much you love classical music, BeethoveN Ransomware will hit you hard as this malicious program can encrypt all your personal files so you will not be able to use, open, and view them anymore. The attackers want to extort hundreds of dollars from you in exchange for the private key that can automatically decrypt your files. But how could you trust the ones that attacked you with this vicious program in the first place? Why would you believe that they will send you anything after you transfer the ransom fee? Well, unless you have a backup on a removable drive or in a cloud storage place, there is no chance as of yet to decrypt this ransomware with any free tools. We cannot claim that no such program will emerge on the web in the near future but so far malware hunters have not come with a solution at the time of our research. In any case, we recommend that you act now and remove BeethoveN Ransomware from your system. But before you rush to do so, let us explain more about this dangerous program.

It is possible that you infected your computer with this threat by opening a spam e-mail. In fact, it is not the opening that triggered this malicious attack; although, there are indeed ransomware threats that can automatically drop and activate by your opening the mail itself. This ransomware has been reported spreading as a malicious attachment. This means that you may find this spam mail very important even if it shows up in your spam folder. Crooks use either existent or made-up sender names and e-mail addresses that may strike you as completely legitimate. The subject field is another important part of the deception and it usually regards an issue that would seem urgent to you. Such matters include overdue invoices, unpaid fines, credit card issues, and so on. Most people could not possibly refrain from opening such a spam and download its attachment to view it as soon as possible. However, once you run this file, you can say goodbye to your personal files. Keep in mind that if you delete BeethoveN Ransomware, you will not recover your encrypted files automatically.

You also need to be careful when you are downloading free programs and updates from suspicious file-sharing websites or when these are offered by third-party pop-up ads. One wrong click and you can drop this infection onto your system. The web is swarming with unreliable ads that you should never engage with; even more so when these are displayed on shady websites. However, when your computer is infected with adware, you should be even more careful whenever you go online because such an infection can also show you unsafe ads that could drop this infection. We also need to mention the possibility that you land on a malicious page created with Exploit Kits that can trigger the drop of this ransomware. This method only works if your browsers or drivers are out of date. Therefore, you can easily avert this by always keeping these updated.

When you launch the malicious executable of this malicious infection, it targets your most important personal files right away, including your photos, documents, videos, archives, and databases, and encrypts them using the AES-256 algorithm combined with RSA-2048. These tow algorithms applied together result in a virtually impossible-to-crack decryption key. This does not mean, of course, that malware hunters do not try to find a way around it, but it might take some time till they can come up with a free file recovery tool. You can easily recognize the encrypted files as they get a “.BeethoveN” extension. Anyway, you can also find out about the encrypted files by opening the “FILELIST.txt” text file on your desktop. As a matter of fact, there are already two versions of this threat even though it is merely one month old. There are some minor differences between the two, for example the encrypted file list is called “FILEUST.txt” in the original version and there is some difference in the ransom note as well.

When the attack is over, the ransom note program window comes up on your screen. In the updated version an e-mail is mentioned, “SK1CU3SE3FI7L@yandex.ru,” where you need to send an email with your Reference ID that you can also find in this window. Then, you are supposed to get further instructions about the money transfer. If you do not send $400 worth of Bitcoins, which is supposed to be “negotiable,” within 168 hours, your private key will be deleted. We do not recommend that you send this amount to these criminals because this could be just money down the drain, not to mention the fact that you would support cybercrime, too. Even if you do not have a backup, it is important that you remove BeethoveN Ransomware from your system.

Fortunately, this ransomware does not lock your screen so you can easily close the ransom note window by pressing the Alt+F4 combination. Once done, you need remove a Windows registry entry and the related files from your system, and that is all. If you need help, please use our guide below. Hopefully, you see now why it is so important to think about prevention and protection. If you do not feel to have the required skills and web surfing savvy, we suggest that you install a reliable malware removal application like SpyHunter that can take care of all your system security problems automatically. Your peace of mind could really be a few click away.

How to remove BeethoveN Ransomware from Windows

1. Press Win+R and type regedit. Click OK.
2. Locate and delete the malicious entry “HKEY_CURRENT_USER\Environment\SAVETHETREES”
3. Exit the editor.
4. Press Win+E.
5. Locate BeethoveN.exe and FILELIST.txt (or FILEUST.txt), and delete them.
6. Remove all recently downloaded suspicious files.
7. Empty your Recycle Bin.
8. Reboot your PC.