1 of 2
Danger level 7
Type: Trojans
Common infection symptoms:
  • Slow Computer
  • System crashes
  • Connects to the internet without permission
  • Installs itself without permissions
  • Can't be uninstalled via Control Panel

D2+D Ransomware

D2+D Ransomware is one of the many fake file-encryptors that have emerged recently. Our research team has recently been observing threats that pose as ransomware that can encrypt files, when, in reality, they can do no such thing. CryMore Ransomware and CVLocker Ransomware are few other threats that fit this description. At first sight, the threat looks like a real file-encryptor, but that is just an illusion to trick you into following demands, which is what real file-encryptors do. Hopefully, you can remove D2+D Ransomware without any consequences, but there is a risk that your Facebook account will be hijacked if you are not cautious. If you want to learn more about this, and you are interested in deleting the infection manually, we suggest reading this report.

You have to be careful when interacting with spam emails. Why? That is because they can hide the installers of ransomware. According to our research, D2+D Ransomware is not the only threat that can be concealed as a harmless-looking spam email attachment. In fact, this is how most ransomware threats are spread, and that includes seriously malicious file-encryptors as well. Immediately after the threat is executed, the infection displays a window entitled “D2+D Ransomware detected but don’t worry, this is harmless after purchase.” The window represents a message that does not look that much different from the messages used by real infections. According to it, the victim must purchase a key within 3 days to have their files decrypted. Of course, some things are out of the ordinary. For example, the message informs that you have to send 100 USD worth of Bitcoins to a seemingly bogus Bitcoin Wallet. Furthermore, discounts are promised for “poor” users, and the creator of the threat offers to buy them coffee instead of paying the ransom. None of this makes any sense.

It looks like the main goal behind D2+D Ransomware is to make you visit http://bobdinh.hol.es. The ransom note suggests that this page represents frequently asked questions, but that is not the case. Instead, it opens a page that looks identical to the regular Facebook.com login page; except that there is a notification suggesting that you need to verify your login to view the F.A.Q. page. If you enter your email address, telephone number, and password, this information will be recorded, and it is possible that it your Facebook account will be hijacked. Needless to say, that could lead to many problems. For example, a bogus message could be sent to everyone in your Friends list to expose them to malware as well. If that is not what you want, do NOT visit this website and do NOT disclose private information.

Although D2+D Ransomware should not lock your computer, there is a way to get rid of the bogus ransom note by entering “215249148” into the box above the “Unlock now” button. Once you apply this code, the fake alert should go away, but that does not mean that the ransomware is disabled as well. For as long as it is running on your PC, it can do malicious things, and so we recommend that you delete D2+D Ransomware as quickly as possible. Undoubtedly, most users will try to erase this threat manually, and that is not necessarily a bad option, but you must be certain of the file you are erasing. If you remove the wrong file, the threat might continue running without your notice. Unfortunately, we cannot give you a precise location and name of this file because these things change. Of course, if you have executed the launcher of the ransomware yourself, you should be able to delete it yourself as well.

Though manual removal might be a good option, employing anti-malware software is a great option. It will automatically delete D2+D Ransomware components, as well as other infections whose infiltration you might have overlooked. Needless to say, the most important thing about this software is that it can provide you with full-time protection, and everyone needs that. There are plenty of security backdoors that cyber criminals can use, and new security vulnerabilities are discovered all the time so that malware could become even more stealthy and unnoticeable. If you want to ensure that malicious threats cannot slither into your operating system in the future, using anti-malware software is imperative.

D2+D Ransomware Removal

  1. Locate the launcher of the ransomware ({random name}.exe).
  2. Right-click and file and then choose Delete.
  3. Empty Recycle Bin to get rid of the threat.
  4. Perform a full system scan to see if you need to erase any other malicious components.
Download Spyware Removal Tool to Remove* D2+D Ransomware
  • Quick & tested solution for D2+D Ransomware removal.
  • 100% Free Scan for Windows

Post comment — WE NEED YOUR OPINION!

Please enter security code:
This is a captcha-picture. It is used to prevent mass-access by robots.