Dedcryptor Ransomware is yet another Trojan that tends to enter systems without permission. Once it does that, it immediately encrypts personal files users keep on their computers because its main goal is to make users pay money. Unfortunately, Dedcryptor Ransomware is targeted at the most valuable personal files, including documents, pictures, slides, etc. You do not need to have much knowledge about ransomware infections to say whether the file is locked or not because Dedcryptor Ransomware will add the .ded filename extension to those files it encrypts. You should not transfer money to cyber criminals for the decryption of files even though it seems to be the quickest solution to the problem. Do not worry; specialists at 411-spyware.com say that there is another way to decrypt files. We will elaborate on the possibilities of the decryption of files further in the article. Also, you will find out whether or not you will need to delete Dedcryptor Ransomware from your computer.
As you already know, Dedcryptor Ransomware will encrypt the majority of files you have on your computer if it really manages to sneak onto the system. Research has shown that it is going to lock the following files:
.txt, .doc, .docx, .xls, .xlsx, .ppt, .pptx, .odt, .jpg, .png, .csv, .sql, .mdb, .sln, .php, .asp, .aspx, .html, .xml, .psd, .dll, .lnk, and .pdf
Once it finishes doing that, it will create the .png file in %USERPROFILE%. This file is a simple picture that also works as a ransom note. It will be opened for you automatically after the encryption process is finished, and you will also quickly notice that it has replaced your preferred Desktop wallpaper. This .png file informs users that their files have been encrypted. Also, it informs them that they need to pay 2 Bitcoins ($1519) within 24 hours to access their files. We do not recommend doing that, so we do not think that it is a good idea to contact cyber criminals. We understand that you have important files that you want to unlock; however, we also know that you might lose $1519 and not receive the decryption key from cyber criminals in exchange. Is it worth risking losing money? We believe not, so we suggest trying to unlock files free of charge. For example, it is possible to do that if you have a backup (copies) of your most important files. Also, it is very likely that the decryption tool will be released in the future, so we suggest that you wait for it instead of transferring money to cyber criminals.
As you already know how Dedcryptor Ransomware acts, let’s talk about the distribution of file-locking Trojans. It has been observed that they usually come as spam email attachments. Even though many users know that they risk infecting their computers with malware by opening a spam email attachment, they still do that because these attachments do not seem to be bad files at first glance, for instance, Dedcryptor Ransomware pretends to be the file of the legitimate antivirus Kaspersky. It even has its logo and its name, so we cannot blame those gullible computer users. To make sure that similar infections do not enter your system again, install security software and keep it there. Also, you should ignore spam emails you receive. Last but not least, you should stay away from questionable sites and do not download software from them.
Fortunately, Dedcryptor Ransomware does not make copies of its .exe file. In addition, the malicious .exe file should disappear after the encryption process is finished. Therefore, you will only need to delete the .png file from %USERPROFILE%. Of course, it would be wise to check whether the malicious .exe file is really gone too. If you manage to find it, delete it immediately because it might encrypt your new files again quickly. Our security specialists also say that you should not forget to eliminate all other infections that might be hiding on your system. The quickest way to find them all is to scan the system with an automatic antimalware scanner, e.g. SpyHunter.