Godsomware v1.0 Ransomware Removal Guide

Godsomware v1.0 Ransomware might appear like an extremely vicious threat, but according to our specialists, it only looks this way. Even though the malware may lock the user’s screen and display messages claiming all of his data was encrypted, in reality, it does not affect any data. At least the version we came across did not encrypt any files on our test computer. Also, we even found a passcode that unlocks the screen in the malicious application’s code. Thus, the malware might be trying to imitate the well-known WannaCry Ransomware, but fortunately, it is not as capable as the mentioned infection. Further, in the text, we will explain more about Godsomware v1.0 Ransomware, and if you come across it, we would recommend removing it from the system with the deletion instructions added below or a reliable security tool of your preferences.

Given Godsomware v1.0 Ransomware does not encrypt any files on the infected computer and contains the needed passcode in its program code, we suspect it could be still in the development stage. Meaning, it might not be distributed yet and the chances for you or anyone else to encounter it could be slim. Nonetheless, we will list a couple of ways of how this malware could be distributed. Probably, the most popular way so spread threats alike is to attach infected files to email messages and send them as Spam to potential victims. Usually, the system gets infected as soon as the attachment is launched, which is why we advise not to open doubtful data without first checking it with a reliable antimalware tool. Some malicious applications travel with software installers located on untrustworthy file-sharing web pages too, which is why we would recommend staying away from sites offering pirated software or unknown freeware.

Once launched, Godsomware v1.0 Ransomware should lock users screen and display a window saying: “Ooops, your important files are encrypted.” On top of it, victims could see the malware’s window that might contain a ransom note. It should claim the user has to pay to decrypt his files. To encourage the victim to pay the ransom the note might even say the hackers behind Godsomware v1.0 Ransomware guarantee the data will be unlocked. Given it was not encrypted in the first place, we recommend not to pay the ransom. In fact, we would advise against it even if the malicious application would damage your data because dealing with hackers is risky and there is always a possibility they may not keep up with their promises. One way or the other, we believe the safest option is to get rid of the infection.

There are a couple of ways to erase Godsomware v1.0 Ransomware, so you can pick the method that suits you best. If you consider yourself to be experienced with such threats, you could try to remove the malware with the deletion instructions located below. On the other hand, if you do not think you could handle this task alone, you could employ a reliable security tool. Our researchers say the screen can be unlocked if the user clicks Alt+Tab or Windows key. Afterward, you could install an antimalware tool of your choice, scan the computer with it, and let it eliminate the malicious application for you.

Get rid of Godsomware v1.0 Ransomware

1. Click Decrypt on the malware’s window and insert the following passcode: 29b579fb811f05c3c334a2bd2646a27a
2. Press enter and wait till the threat unlocks the screen.
3. Click Ctrl+Alt+Delete.
4. Select Task Manager.
5. Locate a particular process titled God Cryt v1.0.
6. Mark it and press End Task.
7. Exit Task Manager.
8. Open File Explorer (Win+E).
9. Go to these locations separately:
   %TEMP%
   %USERPROFILE%\Downloads
   %USERPROFILE%\Desktop
10. Search for a suspicious file that might be the malicious application’s installer; right-click it and select Delete.
11. Exit the Explorer.
12. Then tap Win+R and insert Regedit.
13. Click OK and navigate to: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run
14. Locate a value name belonging to the malware; should be named Godsomware v1.0, right-click it and select Delete.
15. Leave Registry Editor.
16. Empty Recycle bin.
17. Reboot the device.