Rebus Ransomware

Researchers at pcthreat.com monitor the web for new malicious software periodically. The most recent infection they have found is Rebus Ransomware. According to malware analysts, it is very likely that it is a new version of Scarab Ransomware. This threat has not affected many computers yet, but the total number of victims might soon increase, so it does not mean that it can never slither onto your computer too. Without a doubt, the majority of users who encounter Rebus Ransomware are those who keep their computers unprotected and act carelessly, e.g. download applications from untrustworthy websites, do not inspect links before clicking on them, and open suspicious attachments from emails they receive. If Rebus Ransomware has already infiltrated your computer, it is, of course, too late to take any preventative measures, but you can still prevent new crypto-threats from entering your computer. Make sure Rebus Ransomware is fully removed before you take any action to ensure your system’s protection.

We cannot tell you anything new about Rebus Ransomware because it is an ordinary ransomware infection that only encrypts victims’ personal files. This malicious application should lock all your images, documents, and music. These encrypted files will get the .REBUS extension appended after the encryption, so if you can already locate it at the end of almost all your files, there is no doubt that this ransomware infection has already done its dirty work, i.e. encrypted your files. You should also be able to find a new file REBUS RECOVERY INFORMATION.txt on your computer. This file contains a message to users. You will, first, find out why so many files can no longer be opened: “Your documents, photos, databases, save games and other important data was encrypted.” Then, you will find out how these files can be unlocked. Users are told that they need to have a decryption tool to be able to unlock those encrypted files. To get it, they need to write an email to rebushelp@airmail.cc or rebushelp@protonmail.com with a personal ID. Cyber criminals will respond with a Bitcoin address and the exact amount of money users need to send to them. Never pay money to malicious software developers even if it might be your only chance to decrypt your personal data because a) you do not know whether you will get the decryption tool and b) you will give crooks a reason to continue developing threats. Do not be so sure that you will not encounter them yourself in the future.

All ransomware infections demand money. They usually lock users’ screens or personal files and then ask victims to send money. We have to admit that these are nasty malicious applications that can cause a lot of problems to users. Because of this, we want to provide several pieces of advice for you to help you to prevent new ransomware infections from entering your system. First, never download applications from suspicious-looking websites. Second, do not click on random buttons/links/advertisements you come across. Third, do not open attachments suspicious emails hold. Of course, it is not always so easy to prevent malicious software. More harmful infections might be sneakier than others, and it might be extremely hard to protect the system from them all alone. Because of this, we recommend that you additionally install security software. It will protect your computer from all kinds of malicious applications 24/7/365.

It does not matter that your files have already been encrypted – you need to remove Rebus Ransomware from your computer as soon as possible. Since it is quite a simple infection, it should not be hard to delete it from the system too. Our specialists say that it will be gone after you remove all recently downloaded files from your computer and, on top of that, delete the ransom note REBUS RECOVERY INFORMATION.txt. Below this article, you will find our manual removal guide. You just need to follow it step by step to delete the malicious application from your system fully. Alternatively, an automated malware remover can be used to clean the system. If we were you, we would adopt the automatic method because it is the easiest way to delete malicious applications.

How to delete Rebus Ransomware

1. Tap Win+E.
2. Type %USERPROFILE%\Downloads in the URL bar.
3. Press Enter to access this directory.
4. Delete all suspicious files you have downloaded recently from the web.
5. Remove REBUS RECOVERY INFORMATION.txt from your computer (you should find it on your Desktop).
6. Empty Recycle bin.