Get the 411 on Spyware
EnybenyCrypt Ransomware Removal Guide
EnybenyCrypt Ransomware is a dangerous computer infection that belongs to the Hidden Tear family. It comes from the same group as PTP Ransomware, BlackWorm Ransomware, XCry Ransomware, and many other applications. It is easier to deal with a familiar program, but it doesn’t mean that this infection is any less dangerous than unknown ransomware apps. It can still turn your world upside down. Thus, it is necessary to remove EnybenyCrypt Ransomware from your system as soon as possible. While you are at it, you should also look for ways to secure your computer against similar intruders in the future because ransomware will try to strike again.
It is very likely that EnybenyCrypt Ransomware was created from the Crypt888 Ransomware code. We can make such an assumption because this program uses the Crypt888 Ransomware extension when it encrypts files. Usually, when ransomware programs encrypt user’s data, each affected file receives an additional extension. It allows us to know, which files were encrypted, and it also works as a stamp of the infection in question. Although it would be really easy to tell, which files were encrypted because the file icon changes automatically, since the system can no longer read them.
As for the ransom note, EnybenyCrypt Ransomware doesn’t use an extensive text to convince users that they have to pay the ransom fee. It merely says the following:
Your files was encrypted with AES-256 Millitary Grade Encryption
Contact to rsupp@protonmail.ch or im flush your files to toilet and fuck using my dick!
Despite the lack of decent grammar, it is a rather eloquent message that basically says you have to contact these criminals if you want your files back. We don’t know how much they want from you because the ransom is not indicated, but it is very likely that the criminals could request different amounts depending on who gets infected.
Would paying the ransom help you restore your files? It is highly unlikely. Since EnybenyCrypt Ransomware comes from the Hidden Tear family, it is possible that there is a public decryption tool available for this application. However, the program was released so long ago, that the likeness of these criminals replying you is very low. Not to mention that doing what you are told by these criminals is never an answer. Security specialists are adamantly against paying the ransom too, because that would only encourage cybercriminals to create more infections.
Finally, it is important to note that prevention is probably the best preemptive measure that should protect you from ransomware infections. Just like most of the ransomware programs out there, EnybenyCrypt Ransomware is very likely to be distributed via spam email attachments. Spam email attachments that carry ransomware often look like legitimate documents, and users open them without any second thought. However, it would be a good idea to scan downloaded documents with a security tool before opening them, especially if they came from unknown senders. Spam emails are very sophisticated nowadays, so you have to be careful to avoid malicious scams.
Luckily, it is rather easy to remove EnybenyCrypt Ransomware from the infected system. You just need to delete the most recently downloaded files that could have been the ransomware installers. As for your files, you should be able to restore them if you have a data backup. You just need to delete the encrypted files and then copy and paste the healthy copies back into your computer. If you do not have a data backup, you should explore other file recovery options. Do not hesitate to address a professional if you find yourself and your wit’s end.
How to Remove EnybenyCrypt Ransomware
- Delete suspicious files from Desktop.
- Navigate to the Downloads folder.
- Delete the most recent files from the folder.
- Press Win+R and type %TEMP%. Click OK.
- Remove the most recent files from the directory.
- Scan your system with SpyHunter.
