Click on screenshot to zoom
Danger level 6
Type: Trojans
Common infection symptoms:
  • Slow Computer
  • System crashes
  • Connects to the internet without permission
  • Installs itself without permissions
  • Can't be uninstalled via Control Panel

Gedantar Ransomware

Gedantar Ransomware may infiltrate your system and attack your precious files by taking them hostage. This vicious ransomware program can cause serious devastation on your system if you have infected it with a working version. It seems now that there could be a couple of versions on the web so it makes us assume that this threat could still be in a development state and doing trial runs. This ransomware seems to attack mostly Russian computer users, that is why the ransom note is in Russian, of course. Russian cyber criminals usually do not demand high fees but it is still not considered safe to contact them and pay them any amount of money. Such cyber crooks are more likely to attack you again with further threats than providing you with a decryption tool or key. Your only savior in this case is a recent backup of your files you may keep in cloud storage or on a portable drive.

If you find out that this serious threat has managed to slither onto your system, it is important for you to also find out how it is possible. This is the only way for you to be able to avoid similar invasions in the future. One of the main distributions methods we have found for this ransomware is spamming campaigns. This simply means that these attackers send out thousands of spam emails to potential victims as bait. This email can be quite deceptive and you may actually believe that it is urgent or important for your to see the content. This spam may regard an issue with a FedEx parcel that could not be delivered for some reason, a parking fine you have not settled yet, suspicious transactions detected on your bank account, and the like. These are usually matters that would really matter to anyone really. This is why so many victims fall for this trick. But there is one important thing you need to keep in mind. When it comes to such a ransomware infection, most of the time, you cannot save your files from being encrypted. Even if you delete Gedantar Ransomware in the end, it does not mean that your files will be restored automatically.

It is also important for us to mention other possible methods how you may infect your system with such a dangerous threat. For example, one common mistake inexperienced users may make is not to update their browsers and Java and Flash drivers regularly. This can give cyber criminals an opportunity to drop severe threats like this on your computer. How? They can use so-called Exploit Kits like RIG on malicious websites specifically designed for this. So when you click on an unsafe or corrupt third-party link or ad on a questionable website, it is possible that you get redirected to such a website. Before you know it, this ransomware can take all your important files hostage in the background. You will have no choice but remove Gedantar Ransomware and possible lose all your files to encryption.

The working version of this ransomware program applies the RSA-2048 encryption algorithm to encode your files. Obviously, this threat targets your personal files like photos, documents, archives, and databases to strike your hard enough to make you want to pay for getting them back. This malware infections is not known to add a special extension; instead, it inserts eight random characters between the original name and extension. The ransom note is an image file with twenty random characters and may look something like this: "cyrbhfpocxkivihsidue.jpg." This ransom note is written in Russian language, so it is most likely that it only targets Russian speakers in post Soviet countries like Belarus, the Ukraine, and Russia. You can send a file to "" to get it decrypted for free as proof. Then, you are supposed to visit a Tor website for more information. We believe that it is always risky to write to such criminals or pay them money. If you do not want to lose your money or be threatened with the deletion of your files if you do not pay more, we recommend that you remove Gedantar Ransomware as soon as possible.

Finally, it is time to say goodbye to your attackers. We have included our guide, our solution to your severe system security issue. If you follow these steps below, you can hopefully eliminate this dangerous ransomware infection without a trace. It is possible though that this threat, no matter how dangerous it is, may not be the only one on your system. You simply may not be able to keep your computer secure due to some careless browsing habits and so on. Therefore, we suggest that you employ a reliable anti-malware program, such as SpyHunter, to automatically take care of all your system security issues now and in the future, too.

Remove Gedantar Ransomware from Windows

  1. Launch Task Manager by tapping Ctrl+Shift+Esc simultaneously.
  2. Right-click over the malicious process and select Properties from the pop-up menu.
  3. Check the path to the malicious executable in the Location field and press OK or Cancel.
  4. Click End task and close the Task Manager.
  5. Tap Win+E to launch the File Explorer.
  6. Find and delete the malicious executable.
  7. Delete all the suspicious files you may find in your default download directories (%Temp%, Downloads, and Desktop).
  8. Delete the random-name ransom notes.
  9. Empty your Recycle Bin.
  10. Reboot your PC.
Download Spyware Removal Tool to Remove* Gedantar Ransomware
  • Quick & tested solution for Gedantar Ransomware removal.
  • 100% Free Scan for Windows

Post comment — WE NEED YOUR OPINION!

Please enter security code:
This is a captcha-picture. It is used to prevent mass-access by robots.