- Can't be uninstalled via Control Panel
- Installs itself without permissions
- Connects to the internet without permission
- Normal system programs crash immediatelly
- System crashes
- Slow Computer
Whycry Ransomware may become a dangerous malware infection one day, but the sample that has hit the web recently seems more like a work in progress. This means that if you find out that this ransomware program has infiltrated your system, you may not lose your precious files to encryption after all. We have found that even the updated sample does not actually encrypt anything. The first version crashed before it could do so and the new version only locks your screen but still no encryption takes place. The source code does target almost 200 extensions, which means that a finished version could actually strike you hard. If you are infected with this version, you do not need to panic and rush to buy Bitcoins to transfer in exchange for the alleged decryption key; not that we ever advise this. You need to know that it is always risky to pay or contact cyber criminals. There is a good chance that you will never get the promised key or file recovery software; yet, instead, you may get more infections. We advise you to remove Whycry Ransomware immediately even if it does not seem to be dangerous for you at the moment.
You can infect your computer with this semi-ready ransomware program if you open a spam e-mail that has a malicious attachment. This attached file could show up as an image, a video, a document, or even as a .zip archive. No matter what file type icon you may see though, it is an executable file that when you run, you initiate this malicious attack. This spam could appear to be quite important; therefore, you may open it even if you find it in your spam folder. Do not think for a second that just because your incoming mails are filtered, it is totally safe to open any mails. You may have noticed that sometimes even official or legitimate mails end up in your spam folder. Therefore, it is possible that you go and check this folder on a just in case basis to see what newly received mail could there be. If you find a mail about an unpaid invoice, an unsettled parking ticket, and alleged credit card detail issues, you will probably want to see it. But we suggest that every time you see a questionable mail, you should contact the sender to find out whether this mail in question was really meant for you. This time you are very lucky because you can delete Whycry Ransomware and your files will not be lost like normally. Remember that it is essential that you try to prevent such threats from entering your computer because you can easily lose all your personal files in a proper ransomware attack.
Another frequent method for cyber criminals to spread ransomware infections is via malicious webpages set up with Exploit Kits. We cannot yet confirm that this particular threat is distributed this way, but we believe that it is important that you know how you can avoid such attacks. The truth is that such kits can exploit old versions of your browsers and drivers (Java and Flash). Therefore, it is only obvious that you need to keep all your browsers and drivers always updated not to get infected in this way. Sometimes it is also possible that you click on download offers that come up on your screen as pop-ups or banner notifications. Clicking on these third-party ads never end well either and you can drop a ransomware or other types of malware. No matter how you infected your machine this time, we recommend that you remove Whycry Ransomware right away.
After you initiate this attack, it locks your screen by displaying a blue screen, which turns into a grey screen with the ransom note. Then, the new version does not crash anymore as its predecessor did at this point. However, for some unknown reason, it still does not encrypt your files. We have found that the source code does include targeting almost 200 file extensions and that this infection is supposed to add ".whycry" extension to the affected files. This note asks you to transfer 300 US dollars worth of Bitcoins (around 0.07 BTC) for the decryption key so that you can recover your encrypted files. The decryption key is supposed to pop up on the left side automatically, which is claimed as an advanced technique compared to other ransomware programs. If you have the key, you need to enter it in the field below and click on the Decrypt button. As a matter of fact, we do have the key for you now ("YANGTGTDKYFWSBDAUWPMFNHBUGPFUCKYOUBITCH") with which you could unlock your files; however, you cannot even enter it in the provided input field. Still, there is no use for this code as this version leaves your files untouched.
If you want to make sure that your files are safe from a future attack, you should start saving them regularly to cloud storage or onto a removable drive. If a finished version of this or any other ransomware hits your computer, you need to be prepared to lose all your important files otherwise. Finally, let us see what you need to do to be able to delete Whycry Ransomware from your system.
First of all, you need to restart your computer because there is no other way for you to exit the screen lock. Then, you can delete the related file or files. Please use our instructions below if you want to take matters into your own hands. If you want to defend your PC from similar or worse attacks, we suggest that you start using a trustworthy malware removal application like SpyHunter. Such a security program can automatically identify all possible threats and liquidate them if always kept up-to-date and active.
How to remove Whycry Ransomware from Windows