Click on screenshot to zoom
Danger level 6
Type: Trojans
Common infection symptoms:
  • Slow Computer
  • System crashes
  • Normal system programs crash immediatelly
  • Connects to the internet without permission
  • Installs itself without permissions
  • Can't be uninstalled via Control Panel

Caleb Ransomware

The name of the malicious Caleb Ransomware comes from the extension that is added to the names of the files that the infection encrypts. This extension is “.log.id[{ID}].[adagekeys@qq.com].Caleb,” and it can be added to all of the corrupted files. These include various types of document, image, and media files. The extension consists of an ID number that is unique to every victim, an email address, and the word “Caleb” at the end. According to our research team, the email address could be changed, and that could be done by different parties using the same malware code. Unfortunately, if you find such an extension appended to your files’ names, it is most likely that you can no longer read them. Even if you delete the extension, the file will remain unreadable because it was encrypted. Can you fix the issue by removing Caleb Ransomware? You cannot, but that does not mean that you should ignore this threat.

It was discovered that Caleb Ransomware is a variant of a well-known infection, Phobos Ransomware. While the attackers behind these infections are anonymous, they are likely to act the same. Quite possibly, they will employ spam email attacks and malicious bundled downloaders or employ unpatched vulnerabilities within the system or certain software to drop the infection. Whether it is done silently or using clever tricks, you are unlikely to identify and delete Caleb Ransomware as a threat in time. If the threat invades your operating system successfully, it is likely to drop itself to the Startup folder (%APPDATA%\Microsoft\Windows\Start Menu\Programs\Startup), and that is what should ensure that the threat runs whenever the system is started. The infection is also meant to create a text file named “info.txt,” and this file is meant to deliver this message: “!!!All of your files are encrypted!!! To decrypt them send e-mail to this address: adagekeys@qq.com.” We want to remind you again that the email address could be different in your case. All in all, regardless of the address, you do not want to contact your attackers because that could cause even more security problems for you.

At first, the attackers would introduce you to a decryptor and ask you to pay money for it. Later on, they could send you spam emails that are set up to execute malware or expose you to virtual scams. Of course, if you need to have your files decrypted – which might be the case if backups do not exist – you might decide that you are ready to take the risk. Well, if you pay the ransom, you are unlikely to obtain a decryptor or whatever else the attackers might promise you. That is because the creator of Caleb Ransomware cares only about making money, and as soon as they scam you, they can move on to another victim, to a new infection, or to a different kind of scam altogether. Hopefully, you have not been duped yet, but if you have, do not think that a mistake has occurred – remove Caleb Ransomware ASAP. If you end up decrypting your files – which was not possible at the time of research – the infection still needs to be deleted. If you skip this step, your files could be re-encrypted again!

You need to delete Caleb Ransomware launcher, startup file, and ransom note file. While this does not sound like a big task, the location of the launcher is unknown, and the name is unknown either. Due to this, you might be unable to clean your Windows operating system yourself. What should you do then? Have you heard of anti-malware software? Clearly, your system lacks protection because a malicious file-encryptor managed to slither in, and so it is high time you installed legitimate anti-malware software. While securing the system against threats is its main task, it also can remove Caleb Ransomware from your PC automatically. Once you have your system malware-free, you can connect to your backups and replace the corrupted files. If you do not have this luxury, remind yourself to backup files in the future. Also, do not forget that security backdoors and clever tricks could be used to execute new infections, and so you must educate yourself on how malware spreads too.

Caleb Ransomware Removal

  1. Delete recently downloaded suspicious files.
  2. Tap Win+E keys to access the Windows Explorer.
  3. Enter %APPDATA%\Microsoft\Windows\Start Menu\Programs\Startup into the quick access field.
  4. Delete suspicious files that belong to the infection.
  5. Delete the file named info.txt (copies might exist in multiple locations).
  6. Empty Recycle Bin once you believe that all malicious files are eliminated.
  7. Install and run a trusted malware scanner to check if your system is 100% free from malware.
Download Spyware Removal Tool to Remove* Caleb Ransomware
  • Quick & tested solution for Caleb Ransomware removal.
  • 100% Free Scan for Windows
disclaimer
Disclaimer

Post comment — WE NEED YOUR OPINION!

Comment:
Name:
Please enter security code:
This is a captcha-picture. It is used to prevent mass-access by robots.