CoNFicker Ransomware Removal Guide

Do you know what CoNFicker Ransomware is?

CoNFicker Ransomware is the newest infection to join the family of malicious ransomware. It joins File Security Protected Ransomware, BlackRose Ransomware, and many other dangerous threats that have two main tasks: To encrypt your personal files and to demand a ransom fee. According to the latest research, the malicious ransomware we are discussing in this report – strangely, it shares the name with the infamous CoNFicker worm – can use spam email attachments to spread across the web. Also, it could be distributed with the help of exploit kits, as well as malicious downloaders. In any case, the installer of the infection is either camouflaged or hidden altogether, and you are unlikely to notice it. Needless to say, if you open the launcher without even realizing it, the infection starts encrypting your files, and it appears that a couple of minutes is enough for this threat to encrypt many files on your PC. Unfortunately, once that is done, you are unlikely to recover your files even if you remove CoNFicker Ransomware.

According to our research team, CoNFicker Ransomware can encrypt quite a few files running on your computer. It even can encrypt .exe files, which is not something all ransomware infections are capable of. By encrypting .exe files, the threat can disable applications, including your browsers. Of course, the malicious ransomware evades all Windows files that allow the operating system to run smoothly. After all, if the PC was crashing, the creator of CoNFicker Ransomware would not reach the goal of making you pay a ransom. As soon as the encryption is complete, you should notice that all of your precious personal files have the “.conficker” extension appended to their names. The good news is that the ransomware does not rename files, which means that you can assess the damage. Right after the encryption is done, the infection changes the Desktop wallpaper to introduce the victim to a ransom request. The same request is also represented via a file called “Decrypt.txt” that is also placed on the Desktop.

The creator of CoNFicker Ransomware wants you to pay a ransom of 0.5 bitcoins – which is around 600 USD or 570 EUR – to 1sUCn6JYa7B96t4nZz1tX5muU2W5YxCmS, which is a Bitcoin Address used by cyber criminals. According to the message, if you pay the ransom, you also need to confirm that by emailing Conficker-decryptor@mail.ru. Since it is impossible the decrypt files using third-party software or even manually, paying the ransom might be the only option for you. Well, that is unfortunate because this option is very precarious. You must understand yourself that cyber criminals are unpredictable, and they cannot be held accountable for not providing you with a decryptor after you pay the ransom. So, since there is a risk of losing the money, you need to think very carefully about your next step. After that, you need to make sure that you get CoNFicker Ransomware deleted ASAP.

It is crucial that you delete CoNFicker Ransomware from your operating system because it is a malicious infection that can do a lot of harm. Cyber criminals are standing behind this threat, and you cannot expect anything good from them. Although they promise to decrypt your files after you pay the ransom, that is not guaranteed, and so paying the ransom is extremely risky. Hopefully, you can eliminate the infection without any worry because your files are securely backed up. When it comes to removal, check out the guide below, or use anti-malware software. We advise choosing the latter option if you also want to have your operating system guarded against ransomware and other types of malware in the future.

Remove CoNFicker Ransomware

  1. Find the launcher file (if you cannot find it, use anti-malware software).
  2. Right-click the file and choose Delete.
  3. Right-click and Delete the ransom file called Decrypt.txt.
  4. Empty Recycle Bin to get rid of all elements of the malicious ransomware.
  5. Install a trusted malware scanner to examine your PC for malicious leftovers.

In non-techie terms:

If the malicious CoNFicker Ransomware slithers into your operating system, your files get encrypted without you even knowing it. Right after that, the demands to pay a ransom show up, and you have to decide whether you pay it or kiss your files goodbye. If your files are backed up, of course, you can recover them, but you must do that after you remove CoNFicker Ransomware. What if backups do not exist? If they do not, you might look into paying the ransom, but remember that that is very risky. Ultimately, you need to get rid of the infection, and we advise using anti-malware software that can also guard your operating system thereafter. If you are interested in manual removal, check out the guide above.