Click on screenshot to zoom
Danger level 6
Type: Trojans
Common infection symptoms:
  • Slow Computer
  • System crashes
  • Connects to the internet without permission
  • Installs itself without permissions
  • Can't be uninstalled via Control Panel

Comrade Ransomware

Comrade Ransomware, or Comrade HT Ransomware as some malware researchers named this infection, can strike hard and encrypt your precious files before you could even realize that you have been hit by this malicious threat. Our research shows that this new ransomware belongs to the Hidden Tear "family," i.e., a growing group of ransomware programs built on the open-source Hidden Tear program. Some of these infection can actually be decrypted and you can find a tool for them on the web but, in this case, we have not found any yet. This does not mean that malware hunters will not come up with a possible recovery tool but we cannot know when or if at all. What we know now is that you may easily lose your important files if you do not have a recent backup. We do not recommend that you comply with the demands and transfer the ransom fee because you can never know if these crooks will send you the decryption key or just disappear with your money. If you do not have an extra few hundred dollars to waste, we advise you to remove Comrade Ransomware as soon as possible.

If you find this dangerous program on your system, it is quite likely that you have recently opened a spam e-mail and clicked to view its attachment. This is the most usual way to get infected with this and other ransomware programs as well. Users may believe that their spam filter is an effective way to weed out all malicious mails; however, you may have noticed that even important and legitimate mails can end up in your spam folder, which require your own judgment to decide whether they are for real or just junk. This is when the victims of this threat make the first mistake and they click to open this spam.

It is not easy to spot this spam and consider it as malicious right away. These cyber crooks know exactly how to make you want to open this spam; they use subjects that would not let you doubt its authenticity. Once you open this mail, which you may believe is regarding an issue with an unsettled invoice, you will not get enough information but instead, you are pushed to view the attached file. However, when you click to see this file, you practically initiate this malicious attack and there is no way back from this point. Even if you delete Comrade Ransomware after you realize what has happened, this will not recover your files. This is why it is so important that you only open mails that you expect or ones that come from trusted senders. Whenever in doubt, you should send a mail to the sender to find out if it is safe for you to open the mail and its attachment.

This ransomware is similar to most of its peers in the sense that it also attacks your important files, including your photos, videos, audios, documents, and databases because these are mainly the ones that can cause these biggest possible damage to you and thus they represent the biggest incentive for you to pay up. The encrypted files get a new extension, ".comrade" that clearly shows how many of your files have been affected if you run a search in your File Explorer. After the encryption is done, you will find the ransom note file named "DECRYPT_FILES.txt" on your desktop.

This file contains information about this attack as well as how you can recovery your files by paying for the decryption key. You have to transfer 480 US dollars in Bitcoins (0.06 BTC at the moment) to an address provided in this note. Once done, you have to write an e-mail to "" and wait for the reply, which is supposed to contain your decryption key. You need to be quick because you are only given 1 single day to transfer and contact these criminals. Nevertheless, we do not advise you to do so because you cannot actually know if you get the key or not. To be frank, it is more likely that you will lose your money, too, or that you will get infected by another dangerous threat. We strongly recommend that you delete Comrade Ransomware from your PC as soon as you can.

We have prepared an easy-to-follow guide below this article for you if you would like to manually take care of this dangerous infection. Fortunately, this threat does not lock your screen and does not disable your main system processes either so it is not that difficult to eliminate it from your system. It is possible that you would like to employ an automated solution that could also defend your PC from future malicious threats. Therefore, we suggest that you download and install a trustworthy malware removal application, such as SpyHunter or any other that you find best for your purposes.

Remove Comrade Ransomware from Windows

  1. Tap Win+E to launch the File Explorer.
  2. Delete all suspicious files you have saved lately from all your download folders.
  3. Bin "%USERPROFILE%\Documents\Windows.exe"
  4. Empty the Recycle Bin.
  5. Tap Win+R and enter regedit in the box. Click OK.
  6. Delete "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run | Windows_Defender" value name (value data: "C:\Users\user\Documents\Windows.exe")
  7. Close your editor.
  8. Reboot your computer.
Download Spyware Removal Tool to Remove* Comrade Ransomware
  • Quick & tested solution for Comrade Ransomware removal.
  • 100% Free Scan for Windows

Post comment — WE NEED YOUR OPINION!

Please enter security code:
This is a captcha-picture. It is used to prevent mass-access by robots.