Godsomware v1.0 Ransomware

Ransomware infections are no doubt nasty PC threats, but it may not be that bad if the ransomware infection you have encountered is Godsomware v1.0 Ransomware. The thorough analysis conducted by our experienced researchers has revealed that this particular infection does not encrypt files on victims’ computers, which suggests that it may not be released with the intention of obtaining money from innocent computer users. Of course, it does not mean that Godsomware v1.0 Ransomware is completely harmless. Its presence may still be a pain in the neck because it creates an entry in the Run registry key that enables it to start working on system Startup. As a consequence, a window with a message this threat opens will be visible every time you turn on your computer. Yes, you could remove it out of your sight by pressing Alt+Tab or Win on your keyboard and thus continue using your computer normally, but we are sure you will sooner or later realize that closing it every time you want to use your PC is an extremely annoying task. Also, if the threat stays active, you could not access your CMD and Task Manager too since they get disabled upon the Godsomware v1.0 Ransomware entrance. To be honest, we see no reason you should keep it on your system. As mentioned, it does not mean that the ransomware infection that has not locked your private data is not dangerous at all.

Ransomware infections belong to the group of computer threats that enter users’ computers silently. Godsomware v1.0 Ransomware is no exception, but its entrance is hardly invisible because it not only disables several system utilities, but also places a window in full-screen with a short message for users. The message is written in red letters, and it is opened for only one purpose – to inform users that their “important files are encrypted.” As mentioned, at the time of analysis, this threat did not encrypt a single personal file, so it is very likely that this message is only opened to scare users. You can check the condition of your files after accessing your Desktop (tap the Windows key on your keyboard). A bunch of tiny error pop-ups are opened by Godsomware v1.0 Ransomware as well. Once they are closed, the main ransomware window shows up. It contains a considerably longer message if compared to the primary black window with a message in red. Users are not only informed about encrypted files, but also find out how they can “decrypt” them. As it is stated in the message, clicking the Decrypt button should decrypt some files for free, but the payment for the decryption of all other encrypted files must still be submitted in 3 days. After that time, the decryptor’s price will be doubled. Luckily for you, no files have been encrypted on your system, which means that you do not need to send Bitcoin to cyber criminals in order to get special decryption software as well. Of course, you must still delete the ransomware infection from your system fully.

We do not have much information about the Godsomware v1.0 Ransomware distribution. It is possible that it is not distributed at all. Of course, this might change when the ransomware infection is fixed and starts encrypting files on victims’ computers. If you have not encountered this malicious application yet, you should take certain security measures to protect yourself while you still can. First, do not open any malicious attachments from spam emails from now on. Second, download software you know can be trusted 100% and make sure you get it from its official website. Third, you will considerably reduce the chance of encountering malicious software if you do not click on random links you find on third-party websites. If you do not consider yourself a very cautious person, you can install an antimalware tool on your PC instead. It will protect you from harm 24/7/365.

You cannot keep even the smallest infection active on your system, so if you have already encountered Godsomware v1.0 Ransomware, you must erase it even if this threat has not caused you any problems. There are a few removal steps you will have to take to get rid of it fully. First, enter a key (29b579fb811f05c3c334a2bd2646a27a) to close the ransomware window and enable system utilities the ransomware infection has disabled. Second, you will need to kill the malicious process. Third, you will have to remove a malicious entry from the Run registry key. Finally, a malicious file that launches Godsomware v1.0 Ransomware must be eliminated from the system.

How to delete Godsomware v1.0 Ransomware

1. Click the Decrypt button and enter 29b579fb811f05c3c334a2bd2646a27a in the box.
2. Once your screen is unlocked, press Ctrl+Shift+Esc.
3. Open Processes.
4. Locate and kill the malicious process that belongs to Godsomware v1.0 Ransomware.
5. Launch Run (tap Win+R).
6. Type regedit and click OK.
7. Access HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run.
8. Right-click on the Godsomware v1.0 Value and click Delete (open the location it is pointing to first).
9. Locate the malicious file in the opened directory.
10. Delete it.
11. Empty your Recycle Bin.
12. Scan your system with an antimalware scanner to make sure the ransomware infection is fully removed.