Do you know what DetoxCrypto Ransomware is?
DetoxCrypto Ransomware seems to be one of those ransomware infections that are either underdeveloped or released into the wild a tad too soon. The program looks like your average ransomware program, but it certainly presents us with a puzzle because it does not seem to encrypt your files at all. Nevertheless, the program does not disappear automatically, so you will have to remove this ransomware yourself. It is not a complicated task, but if you feel you might not be up for it, you can always delete the infection with a security application.
It is not exactly clear how this infection spreads around, but it is known that the payload can be deployed via a spam campaign that impersonates popular social networks. For example, the spam messages that spread this infection may look like notifications from Facebook, Twitter, Instagram, Amazon, PayPal, and so on. When the message comes with such a trademark name, it is far more likely that a user will be convinced to download the attached file. As a result, the infection will enter a target computer.DetoxCrypto Ransomware screenshot
Scroll down for full removal instructions
An interesting thing about this program is that there are at least two variants of the ransomware: PokemongGo and Calypso. Meaning, the two mentioned infections fall under the same umbrella. As far as the PokemonGo variant goes, it happens to be almost identical to the other Pokemon GO Ransomware application we have covered earlier. However, the difference is that the DetoxCrypto Ransomware infection sports a different ransom message that has a picture of sad Pikachu. This message says the following:
ALL YOUR FILES AND DOCUMENTS HAVE BEEN ENCRYPTED!!
YOUR DOCUMENTS, PHOTOS, DATABASES AND OTHER IMPORTANT FILES HAVE BEEN ENCRYPTED AND A UNIQUE UNLOCK KEY IS GENERATED!!
YOU CAN ONLY UNLOCK YOUR FILES BY BUYING THIS KEY FROM US, THERE IS NO OTHER WAY TO OR UNLOCK YOUR FILES!
HOW TO UNLOCK MY FILES?
You need to send 3 Bitcoins to our Bitcoin Wallet address.
Albeit the message does not sound too bad for someone who is not familiar with Bitcoins, but the sad truth is that three bitcoins amount to more than $1700USD. No one should ever pay a single cent to these cyber criminals, especially if the program does not even manage to encrypt the target files.
However, there is a possibility that this program might be able to affect user files in the future because we were able to find out which file types it targets. The list is actually pretty extensive, and it includes such file types as 3GP, .7Z, .APK, .AVI, .BMP, .CDR, .CER, .CHM, CONF, .CSS, .CSV, .DAT, .DB, .DBF, .DJVU, .DBX, .DOCM, ,DOC, .EPUB, .DOCX .FB2, .FLV, .GIF, .GZ, .ISO .IBOOKS,.JPEG, .JPG, .KEY, .MDB .MD2, .MDF, .MHT, .MOBI .MHTM, .MKV, .MOV, .MP3, .MP4, .MPG .MPEG, .PICT, .PDF, .PPS, .PKG, .PNG, .PPT .PPTX, .PPSX, .PSD, .RAR, .RTF, .SCR, .SWF, .SAV, and many others.
How to avoid such infections? First, seeing how DetoxCrypto Ransomware uses the Pokemon keyword to infect unsuspecting users, you should be careful about what you download from the Internet. If PokemonGo is still not available in your location, you should think twice before download an illegal version, because that might be the ransomware infection.
If you are downloading various supplements and additional features, make sure they come from the official Pokemon GO developer. Just because you see a message with “Pokemon GO” topic in your inbox, it does mean you should click it without any second thought. Make sure it comes from a reliable source; otherwise, you will be forced to deal with severe computer infections.
In order to remove DetoxCrypto Ransomware, you will have to delete several files associated with this program. While you are at it, you should also scan your PC with the SpyHunter free scanner and see whether there are more unwanted applications on-board. The chances are that you might have downloaded more potentially unwanted and dangerous programs on your PC while you were surfing the web.
After manual removal, protect your system from other severe threats by investing in a legitimate computer security tool of your choice. It will function as a firewall between your system and the nasty intruders from the outside.
How to Remove DetoxCrypto Ransomware
- Delete recently downloaded files associated with Pokemon.
- Press Win+R and type %USERPROFILE%. Click OK.
- Go to Downloads folder and delete the Pokemon folder.
- Press Win+R again and type %APPDATA%. Click OK.
- Go to Microsoft\Windows\Start Menu\Programs\Startup.
- Delete the Pokemon.exe file.
In non-techie terms:
Always think twice before you install something unfamiliar on your PC, or open a file sent by unknown senders. You might get infected with DetoxCrypto Ransomware in process, and then you would have to deal with one of the most prevalent types of computer infections nowadays. Luckily, DetoxCrypto Ransomware is not as dangerous as it seems, but it does not mean you can take it lightly. Delete this program immediately and protect your PC from other threats.