1 of 2
Danger level 6
Type: Trojans
Common infection symptoms:
  • Slow Computer
  • System crashes
  • Shows commercial adverts
  • Installs itself without permissions
  • Can't be uninstalled via Control Panel

Cryptedx Ransomware

Cryptedx Ransomware is a new threat that can encrypt your files and thus render them unusable. Although this ransomware can encrypt most of your media files and more on your main drive, it is possible that you have a way out. We have found that this new malware infection is based on the notorious Xorist Ransomware just like Hello Ransomware and SevenDays Ransomware. Our research shows that you may be in the luck though. As a matter of fact, you may be able to use the free Xorist decryption tool, which was made available by malware hunters. But we do not advise you to try to search the web for this tool or use it yourself, either, unless you are an advanced user. If you do not have any IT savvy friends, you may want to take your PC to a professional to help you out with this infection. It is important that you do not remove Cryptedx Ransomware from your system until you decrypt your files. Otherwise, you may have to say goodbye to them for good. Of course, it is also possible that you have a recent backup stored on a removable drive, which you can use now to transfer back.

There are a couple of ways for such a ransomware to infiltrate your system. Some of these, unfortunately, require your clicks, too. For example, you may receive a spam e-mail that has an attachment, which may look like an image or text document file. You may open such a spam because you believe that it has important information for you. Why or how? Well, this spam may seem to come from the local authorities or famous companies for starters. Then, the subject line can also lead you to believe that you are dealing with an urgent matter. This can be anything that most people may relate to, such as an unpaid speeding ticket or parking fine, an unsettled invoice, a problematic online booking, and so on. Finding such a mail, even if in your spam folder, would make anyone want to see this alleged information.

However, when you open this mail, you will find no details but a link maybe forwarding you to a file storage place to download the supposed "proof" or some information regarding the attached file. The main goal of this spam is to push you to want to open this attachment since it is indeed that malicious executable. Obviously, once you view this file, you cannot delete Cryptedx Ransomware from your computer without possibly losing your files to encryption. It is only by sheer luck that this time you may be able to decrypt them using a free tool.

This ransomware infection uses the TEA algorithm to encrypt your files. This threat targets your "%HOMEDRIVE%" and encrypts all files with these extensions: html, gif, wma, htm, jpg, bmp, tar, lnk, wav, 7z, txt, LNK, cer, wmv, zip, mp3, png, and etc. All the files that have been encrypted will get a ".cryptedx" extension. This infection also drops a text file called "HOW TO DECRYPT FILES.txt" in all affected folders, which contains the ransom note. Once the operations are finished, this ransomware displays an error dialog box with the ransom note.

This note informs you that your files have been encrypted and you have to send an e-mail to "www@lass.33mail.com" in order to get further details about the ransom fee and how you can transfer it. This pop-up also warns you that you will have 5 attempts to enter the right password, or else, your files will be lost forever. If you click OK, another pop-up comes up where you can enter the password to get your files decrypted. We do not advise you to contact these criminals or to pay them any amount of money since there is no guarantee that you will be able to recover your files. The good news is that it seems that the free tool developed to decrypt the files encrypted by Xorist can also be used in this case possibly with success. After you manage to decrypt your files, although we do not recommend that you do this alone if you are not an experienced user, you can finally remove Cryptedx Ransomware from your PC.

If you are ready to take action, you can use our guide below as a reference. It is important that you take this attack seriously even if it seems to be decryptable. It is possible that this is not the only threat on your system. What is more, it is quite possible that this is not the last time you may let such infections on board. This is why we recommend that you install a reliable anti-malware program, such as SpyHunter, which can automatically protect your PC against all known threats.

How to remove Cryptedx Ransomware from Windows

  1. First, try to decrypt your encrypted files.
  2. Press Win+E.
  3. Delete "%TEMP%\{random name}.exe"
  4. Empty your Recycle Bin.
  5. Press Win+R and type regedit. Click OK.
  6. Delete these registry entries:
    HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run|Alcmeter ("%TEMP%\{random name}.exe")
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|Alcmeter ("%TEMP%\{random name}.exe")
    HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cryptedx
    HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cryptedx\OpenWithProgids\NTGQBAPSQKOSXWE
    HKLM\SOFTWARE\Classes\.cryptedx
    HKLM\SOFTWARE\Classes\NTGQBAPSQKOSXWE
  7. Exit your editor.
  8. Restart your computer.
Download Spyware Removal Tool to Remove* Cryptedx Ransomware
  • Quick & tested solution for Cryptedx Ransomware removal.
  • 100% Free Scan for Windows
disclaimer
Disclaimer

Post comment — WE NEED YOUR OPINION!

Comment:
Name:
Please enter security code:
This is a captcha-picture. It is used to prevent mass-access by robots.