1 of 2
Danger level 7
Type: Trojans
Common infection symptoms:
  • Slow Computer
  • System crashes
  • Connects to the internet without permission
  • Installs itself without permissions
  • Can't be uninstalled via Control Panel

Mole03 Ransomware

The malicious Mole03 Ransomware is the continuation of the infamous Mole02 Ransomware that was uncovered a few months ago. This new version of the threat is almost identical, but it appears that it is spread in a different manner. While the older version was believed to spread primarily via corrupted spam emails, this new version is linked to the Rig Exploit Kit. Aside from that, the infection is pretty much identical to its predecessor, and that it is why we know exactly how it works. Unfortunately, it is not one of those infections that only pose as file-encryptors. This threat actually encrypts files, and the chances are that you will not be able to revert the damage. What if you pay a ransom? That is exactly what the creator of the ransomware wants you to do, but, unfortunately, that does not guarantee anything. In fact, the only guarantee is that you will lose your money. So, should you remove Mole03 Ransomware right away, or should you try to decrypt your files first. Continue reading to find out.

According to our research, Mole03 Ransomware is most likely to be spread via one-hour.fr with the help of the Rig Exploit Kit. Once you visit the website – which you might be redirected to via a corrupted link or an offer – you should be introduced to a pop-up concealing the installer of the launcher. For example, it could be automatically downloaded as the Chrome font installer. Needless to say, different scams could be employed for the users of other browsers. If you are tricked into opening the downloaded launcher, the encryption begins right away. It appears that Mole03 Ransomware can encrypt all kinds of files (e.g., those with .txt, .htm, .png, .zip, .exe, or .jpg extensions), but it should avoid files that are essential for smooth Windows running. After encryption, the threat should delete itself, including the registry entries that are created by it. If that happens, you have one less problem to deal with, but, of course, the encryption of your files is a much bigger problem. Unfortunately, the files remain encrypted even if the ransomware automatically removes itself.

“_HELP_INSTRUCTION.TXT” is the name of the file via which Mole03 Ransomware introduces victims to the ransom demands. According to it, a special key is required for the decryption of the files. This key is stored on a remote server, and you cannot access it yourself. This is why you might be tempted to follow the instructions that include downloading a Tor Browser, visiting a site that is introduced to you, and then following the payment instructions. As you now know, you are unlikely to get your files decrypted by paying the ransom. Can you rely on third-party file decryptors to free your personal files? Since the threat employs strong encryption ciphers, it is unlikely that you will be able to decrypt your files using specialized software. Retrieving the decryption key in any other way is impossible as well. That means that your files might be lost for good. If you are prepared for situations like this one, your files are backed up, and your files are not lost at all.

As we have mentioned already, it is most likely that Mole03 Ransomware deletes itself after the encryption is complete, but in case that does not happen, we have created a guide that shows how to eliminate the components of this infection. Alternatively, you can employ an anti-malware tool to get the infection eliminated automatically. Needless to say, you need to take better care of your operating system once you get your PC cleaned because you do not know when then next infection could slither in. First and foremost, you need to establish reliable full-time protection. Second, you need to protect your files, and you can do that by backing them up. If you take care of these two problems, you should be able to evade serious issues in the future. Do you need our advice or you want to discuss the ransomware or your virtual security? Use the comments section to initiate a conversation.

Mole03 Ransomware Removal

  1. Launch RUN by tapping Win+R keys.
  2. Enter regedit.exe to access Registry Editor.
  3. Move to HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run.
  4. Delete the values with random names (e.g., 00FF0EBCF2F2, BC0EBCF2F2, and BC0EBCF2F2).
  5. Launch Explorer by tapping Win+E keys.
  6. Enter %ALLUSERSPROFILE% into the bar at the top.
  7. Delete the .exe file with a random name (e.g., BC0EBCF2F2.exe).
  8. Enter %USERPROFILE%\Desktop\ into the bar at the top.
  9. Delete the .exe file with a random name (e.g., A9A3FC3BCED9DDB790FAA4AB38F89E27.exe).
  10. Empty Recycle Bin and run a full system scan to check for leftovers.
Download Spyware Removal Tool to Remove* Mole03 Ransomware
  • Quick & tested solution for Mole03 Ransomware removal.
  • 100% Free Scan for Windows
disclaimer
Disclaimer

Post comment — WE NEED YOUR OPINION!

Comment:
Name:
Please enter security code:
This is a captcha-picture. It is used to prevent mass-access by robots.