SecretSystem Ransomware may lock your screen and claim it has enciphered all your files. Luckily, there might be no reason to panic as the research reveals the malware only claims to have encrypted your data, while in reality, all files on the computer should remain undamaged. This does not surprise us since the instructions left by the malicious application’s creators do not even say where to transfer the ransom. Infections like SecretSystem Ransomware are created only to extort money from unfortunate users who accidentally get their systems infected, so providing concrete instructions how to transfer the ransom is essential. Therefore, the lack of such important detail makes us think the threat might be not yet fully developed. Further, in the text, we will provide more information about the malware. We would also advise you to use the recommended deletion steps available below or a legitimate antimalware tool to eliminate the malicious program.
The research shows that SecretSystem Ransomware was programmed to encipher data with the following extensions: 3gp, .ahok, .apk, .asp, .aspx, .avi, .encrypt, .doc, .docx, .flac, .html, .jpeg, .jpg, .MOV, .mov, .mp4, .mp3, .php, .png, .ppt, .pptx, .psd, .rar, .raw, .txt, .wav, .wma, .wmv, .xls, .xlsx, .zip. As you can see, its targeted data is mostly personal files like pictures, videos, audio files, documents, etc. Moreover, if the malicious application would encipher these files they would have an additional extension called .slvpawned, so if your files do not have such an extension, you should be able to open them normally.
What’s more, it appears to be that SecretSystem Ransomware might enter the computer with the help of the user himself who unknowingly launches a file carrying the infection. Such a file could be received while clicking malicious pop-up ads, downloading software from untrustworthy sources, or opening suspicious data sent via email. As soon as the user opens the infection’s launcher, it should place a message on a blue screen that looks like the Windows update screen. It should look rather suspicious that the system started updating itself so suddenly. Nonetheless, if you continue waiting till the non-existing updates are being installed, the malware should lock the screen and show you demands from the cyber criminals who developed the threat.
The ransom note says these hackers want to receive payment in Bitcoins ($500 worth), but like we said earlier the note does not mention the account such a payment should be transferred to. Thus, not only there are no reasons to pay the ransom, but also no means. What is left to do is to unlock the screen and remove SecretSystem Ransomware from the system so you could use the computer normally again. Our computer security specialists advise unlocking the screen by restarting the PC in Safe Mode with Networking. That way you can have two option to erase the malware. Firstly, you could try to locate its data on your own while following the second part of the instructions located below the text. The other option is to acquire a reliable antimalware tool which could detect the threat and help you delete it. Either way, do not hesitate to write a comment bellow or contact us via social media if you are having any trouble removing the malware.
Windows 8/Windows 10
Windows XP/Windows Vista/Windows 7