.dian File Extension Ransomware

'.dian File Extension' Ransomware is a dangerous computer infection that can enter your PC secretly and encrypt many of your valuable files. Its creators want you to pay them money for a decryption key, but you should not pay them because there is no guarantee that they will hold their end of the bargain and send you the decryption program. Therefore, you ought to remove this program instead of complying with the cybercriminals’ demands. This ransomware has no user interface, and it will inform you about the encryption by dropping a ransom note into each folder in which files have been encrypted. However, the sum to be paid is no specified and, we think, it can vary between cases. For more detailed information, read this article.

While there is no concrete information on how this ransomware is disseminated, we believe that its creators may use more than one distribution channel. Of course, email spam is the usual suspect because it is the most popular and effective distribution method to date. '.dian File Extension' Ransomware’s creators might have set up an email server that sends fake emails with this ransomware to ransom email addresses. The emails can be disguised as something legitimate and intriguing. The ransomware is probably zipped and attached as a fake invoice or receipt. Naturally, the file format of choice should have been to disguise this ransomware as PDF file. Alternatively, this program’s developers might use malicious software bundles or infected websites with security exploits to infect your PC secretly after visiting an exploit-featuring site.

If your PC becomes infected with '.dian File Extension' Ransomware, then this ransomware will spring into action immediately. It should enumerate the files on your PC and start encrypted supported file formats. This particular ransomware should encrypt many file types that include your pictures, videos, audios, documents, applications, and so on. This program uses the Advanced Encryption Standard (AES) to encrypt your files. It should create a public encryption and private decryption keys. The decryption key is probably sent to this ransomware’s server. The keys are unique for each user. All of the encrypted files are appended with a “.dian” file extension.

Once the encryption is complete, this ransomware will drop a ransom note named ReadMeNOW.txt into each folder where files were encrypted. The note featured an email address lnq@protonmail.com that belongs to the cybercriminals. You are required to contact the cybercriminals via email to receive further instructions on how to pay the ransom which you will most likely have to pay in Bitcoins or some other cryptocurrency. You can also test the decryption by sending the criminals one file that is less than 2 MB in size.

However, you should refrain from paying the ransom because there is no telling whether the cybercriminals will send you the decryption tool. Indeed, your files can remain encrypted indefinitely. Furthermore, the sum you should pay can be too high if you did not have any important files on your PC. We recommend using SpyHunter’s free malware scanner to detect the malware and then go to their folders and remove them manually. See the guide below for more information.

Removal Guide

1. Open your web browser.
2. Go to http://www.pcthreat.com/download-sph
3. Download SpyHunter-Installer.exe and run it.
4. Launch the program and click Scan Computer Now!
5. Copy the file path of the malware from the scan results.
6. Simultaneously press Windows+E keys.
7. Enter the file path of the malware in File Explorer’s address box.
8. Press Enter.
9. Find and right-click the malicious file and then click Delete.
10. Right-click the Recycle Bin and click Empty the Recycle Bin.