EdgeLocker Ransomware is a computer infection that definitely does not enter your system with good intentions. It only slithers onto computers seeking to encrypt documents, pictures, and other valuable files. Research has shown that this malicious application is even going to encrypt .exe files. Luckily, it touches only those files that do not have a signature (e.g. Microsoft Corporation), so the Windows OS running on your computer should not be ruined. Ransomware infections act the way they do to help cyber criminals obtain money from people. Everybody knows that users are not going to send money to them willingly, so this ransomware infection gives people the reason to make a payment by encrypting files. Unfortunately, EdgeLocker Ransomware uses the RSA encryption algorithm to lock users’ files, so it might be impossible to decrypt those files without the special key. Cyber criminals say that they have it, and they are willing to send this key to users after receiving money, i.e. a ransom from them. A number of users are ready to transfer the money they have to cyber criminals to get their files back. If you are one of them too, you should know that a promise to send you the decryption key might be a lie. There are a number of cases when users receive nothing from the creator of EdgeLocker Ransomware after paying the required amount of money. Therefore, in the opinion of specialists working at 411-spyware.com, people should go to delete EdgeLocker Ransomware from their computers and then try to find a way to decrypt files without the special tool.
Once EdgeLocker Ransomware successfully enters the computer, it starts encrypting users’ files immediately. It targets %USERPROFILE% and its subfolders primarily, but it might also affect some files located in the %WINDIR% directory (it contains system files) as well. All the encrypted files receive a new filename extension .edgel and then a window is opened on Desktop when the encryption process is finished. This window contains a ransom note and it cannot be closed or moved. The only way to make it disappear is to kill the malicious process (it has the same name as the malicious file launched by a user). This ransom note informs users that their “files are encrypted by the EdgeLocker ransomware” and only “a special RSA private key” can unlock them. Of course, users are also offered to purchase it. The price of the decryption key is 0.1 Bitcoin (~ 100 USD). It would not be a huge price for a tool that could really help to get valuable files back; however, it is clear that users might not get this tool after paying this amount of money, so specialists suggest going to decrypt files in a different way rather than sending money to cyber crooks. Alternative decryption methods might not work at all, so you should not expect much. According to our researchers, the luckiest users are those who have a backup of the most important files on external storage, e.g. external hard drive because they can easily recover their files after the deletion of the ransomware infection.
This ransomware infection does not differ at all from similar threats developed some time ago: it also seeks to extort money from users, it encrypts files stored on the computer, and, finally, it enters computers without permission. Let’s talk about the distribution of this ransomware infection. Research has shown that this infection usually travels as an attachment in spam emails. Of course, it does not look dangerous, so many users open this attachment and launch the malicious file. You might quickly become a victim of another serious computer infection again if you keep opening attachments you find in spam emails. Therefore, our security specialists recommend ignoring all spam emails you get and installing a security tool you could trust too. You will be protected from all kinds of threats, including ransomware, if you do that.
Files having the filename extension .edgel appended will not be unlocked when you delete EdgeLocker Ransomware from your system, but it is still a must to eliminate it. Fortunately, it does not create a point of execution on the infected computer and does not make copies of itself, so it should not be extremely hard to delete it. If it happens that our manual removal instructions located below this article do not help you to get rid of this infection at all, go to scan your system with SpyHunter, which is a reputable malware remover that can be downloaded from our website 411-spyware.com.