Do you know what KeyHolder is?
KeyHolder is a ransomware infection that encrypts your files and demands you to pay a particular fee for the decryption key. It is a very disturbing security threat because it basically robs you off of your files and wants to take your money too. Unfortunately, there is no way to remove KeyHolder because the application simply deletes itself once it encrypts your files. The best way to protect yourself from this kind of infection is to create a system restore point and back up your files.
KeyHolder indeed comes from a group of ransomware infections because it is developed by the same people as CryptoBit, CTB-Locker, and other similar infections. The problem with these ransomware programs is that they are really just in-and-out. For example, KeyHolder is distributed by a Trojan horse that is installed as a randomly named file. It is hard to pinpoint the exact moment when this infection enters your computer because the program spreads through spam email messages and various exploits. Thus, it is possible to avoid KeyHolder infection if you do not open spam email messages or download their attachments. Also, you should stay away from unfamiliar websites that could possibly be related to malware distribution.
The Trojan that installs KeyHolder on your computer might create a file that looks like a genuine software installer. For example, it could pretend to be an Adobe Flash Player updater file. If you run the file, it connects to the web and downloads KeyHolder. Once the ransomware is installed, it encrypts various files, including .jpg, .db, .mp4, .doc, .cer extensions and many others. The problem is that the ransomware will not show any signs of infection until it is done encrypting your files, thus, you will not know of the problem until it is too late to do anything about it.
When the encryption is complete, KeyHolder will display a notification that asks for $500 if you want your files back. As far as the infection itself is concerned, it deletes itself when the files are encrypted, so there is nothing to remove. The KeyHolder message will say that you need to pay the aforementioned sum of money if you want to restore your files. While it is probable that the ransomware will issue you the decryption key if you pay the ransom, you have to realize that this way you help cyber criminals to make easy money.
If you don’t have a file backup, you should refer to computer security professionals and see whether they can salvage your files. Infections like KeyHolder only proves how important it is to keep your computer protected with a licensed antispyware tool. You should also stay away from unfamiliar websites and open email messages only from the senders you know.
In non-techie terms:
KeyHolder is a dangerous computer infection that wants to rip you off. It virtually destroys your files and asks you to pay money to restore them. Do not succumb to this threat. Call for professional help and back up your files on an external disk or a cloud drive.