Click on screenshot to zoom
Danger level 7
Type: Trojans
Common infection symptoms:
  • Slow Computer
  • System crashes
  • Connects to the internet without permission
  • Installs itself without permissions
  • Can't be uninstalled via Control Panel Ransomware

Ransomware infections are one of the most prevalent threats these days. Our specialists detect new threats almost every day too. Ransomware is the newest crypto-threat they have come across. It is not very popular, so the chances are not very high that you will ever find it on your computer, but, of course, you still need to be cautious because the successful entrance of this ransomware infection always results in the loss of personal files (e.g., pictures, documents, videos, music, etc.). Ransomware infections are designed to encrypt users’ files so that cyber criminals could obtain money from them easily. If you are reading this article because your files have already been encrypted too, you should not even think about transferring money to crooks. Surprisingly, the ransom note dropped by Ransomware does not demand a ransom right away, but we are sure you will be told that you need to pay money for the decryption of your files when you contact cyber criminals. You can send them to decrypt for free 3 encrypted files, but you should not pay money for the decryption of the rest of locked files because malicious software developers might take your money but do not give you a tool to decrypt your files with. They will not return your money to you in such a case either.

No doubt Ransomware is the one responsible for encrypting your files if you find a new extension appended to these files you cannot open. Surely, it is definitely not the only sign showing that the ransomware infection has successfully infiltrated your computer. After its entrance, you will also find a new file Readme.txt on Desktop. This file is a ransom note that tells users why they cannot open their files: “Access to your files was limited.” Also, it explains how users can get their files back. Unlike a bunch of other ransomware infections analyzed by our specialists, it does not demand a ransom at first. Users are simply told to contact the author of this infection:

To return your files you have 72 hours. Write to us.

Our contacts.

Our email:

You can contact them and send 3 files “each no more than 2 MB” to get them decrypted for free, but you should not pay a ransom to cyber criminals. The size of the ransom will be told, and you will get payment instructions if you write an email to the provided email address. You should not transfer money to malicious software developers even if the ransom they demand is very small because the chances are very high that your files will stay as they are. In other words, you might still not be able to decrypt your files after paying the ransom. We cannot promise that all users could decrypt their files for free, but there is a way to restore them – these encrypted files can be restored from a backup after the removal of the ransomware infection.

If you have already found Ransomware on your computer, it is very likely that you have opened a malicious attachment from a spam email. Ransomware infections are often spread via spam emails, but it is only one of several distribution methods that might be adopted to promote them, so we do not think that it will be very easy for you to ensure your system’s maximum protection alone. To put it differently, we recommend that you install a security application on your computer too. If you keep your system unprotected, another crypto-threat might enter your system without your knowledge and lock your personal files one more time. Ransomware is a simple crypto-threat. As has been noticed, it does not drop any files and does not make any modifications in the system registry. It is good news for you because it means you could remove this threat from your system quite easily. Speaking specifically, you just need to remove the malicious file launched. Since it has a random name, it might not be very easy to find it. Because of this, we recommend that you remove all recently downloaded files. They should be located in %USERPROFILE%\Downloads and/or %USERPROFILE%\Desktop. Ransomware removal guide

  1. Open Explorer (press Win+E simultaneously).
  2. Delete all recently downloaded files from Desktop (%USERPROFILE%\Desktop) and the Downloads (%USERPROFILE\Downloads) folder.
  3. Empty Recycle bin.
Download Spyware Removal Tool to Remove* Ransomware
  • Quick & tested solution for Ransomware removal.
  • 100% Free Scan for Windows

Post comment — WE NEED YOUR OPINION!

Please enter security code:
This is a captcha-picture. It is used to prevent mass-access by robots.