The Magic Ransomware might settle in without you noticing anything and encipher all of your private files to make them unusable. This way the cyber criminals who created the malicious program are hoping to force the user to pay them for a decryptor. The truth is they may not even have such a tool, which means if you decide to pay the requested sum you might end up losing your money in vain. Consequently, our specialists advise not to take any chances and eliminate the malware at once. For this reason, they prepared deletion instructions you can find if you slide a bit below the article. Of course, before you see the instructions we invite you to read the rest of our report and get to know The Magic Ransomware better and not to make any rash decisions. What’s more, should you have more questions about the infection or want more help with its removal, you could leave us a comment at the end of this page.
The Magic Ransomware should infect the system after the user unknowingly opens its launcher. The malware’s launcher could be any file you downloaded from unreliable sources. For instance, it might be an email attachment sent by someone the user is not familiar with or a setup file downloaded from torrent and other doubtful file-sharing web pages. Naturally, if you do not wish this to happen again, you should try to be more careful with suspicious data and try not to visit potentially malicious web pages.
After the malware infects the system, it should create a copy of its launcher named as local.exe in the following location: %HOMEDRIVE%\user\rand123. Our researchers say the folder called rand123 should be created by The Magic Ransomware and it might be titled the same on all affected computers. Soon after local.exe is placed in the mentioned directory, the original launcher might be removed by the infection itself. The next malicious program’s task is to encipher data important to you, e.g., photographs, text or other documents, video files, and so on. It should not be difficult to separate the locked data since besides being unable to open it you should see there is a second extension applied to the file’s title (e.g., bird.jpg.locked).
Furthermore, when the valuable files are enciphered The Magic Ransomware should drop a file called READ_IT.txt. Inside of it, the user could find a text written in Italian. In short, it says you need to pay a ransom in Bitcoins, and the decryptor will be sent to you right after the payment is made. Needless to say, this could be a lie, and since it is not explained how the decryptor will be sent to you precisely, we are even more convinced the cyber criminals are trying to trick users. This is why we strongly advise against paying the ransom. Thus, if risking your savings does not seem like a good idea, we recommend eliminating The Magic Ransomware either with the deletion instructions provided below this paragraph or a reliable antimalware tool of your preference.