Gollum Ransomware Removal Guide

Gollum Ransomware is the same as Bitshifter Ransomware. It is often referred to as Gollum Ransomware because it uses the .gollum filename extension to mark those files it encrypts. No matter how it is called, it is a harmful malicious application that slithers onto computers to lock personal files on them. It should lock all kinds of files, from documents to media files. There is a reason why it acts the way it does. Malicious software developers have programmed it to encrypt users’ personal data with a strong cipher so that they could obtain money from them more easily. Unfortunately, it was impossible to decrypt files for free at the time of writing because free decryption software did not exist. It does not mean that users must pay a ransom to cyber criminals – they can restore those affected personal files from a backup if they have backed up their data regularly. It is very important to schedule an automatic backup because there are hundreds of different malicious applications that can ruin your precious files.

Gollum Ransomware will find personal files on your system when launched. Then, all these files will be mercilessly encrypted with a strong encryption algorithm. As mentioned in the previous paragraph, encrypted files are marked with .gollum, which is appended at the end of every encrypted file. You should also find a ransom note ARE_YOU_WANNA_GET_YOUR_FILES_BACK.txt dropped on your computer. You will find out what you need to do to unlock your files if you read it. Gollum Ransomware does not differ much from other typical ransomware infections – it demands money from users. To get your files decrypted automatically, you have to send £300 to cyber criminals behind this threat. You cannot know whether you will get your files decrypted after you send money to the author of the ransomware infection. Unfortunately, you could not do anything if your files are not unlocked. Cyber criminals will not send your money back to you either. As we have already told you – encrypted files can still be restored from a backup if you are not going to pay for the decryption of files.

Gollum Ransomware has been detected only recently, so it is still extremely difficult to talk about its distribution. According to our specialists, it should not differ much from older threats. In other words, it should be mainly distributed via malicious email attachments as well. These email attachments do not look harmful at all. In some cases, they even look like important documents, which explains why so many users open them even if they know that attachments from random emails might be dangerous. Other distribution methods might be used to spread Gollum Ransomware too. You might encounter it if you frequently download applications from file-sharing websites as well because cyber criminals often upload malicious applications to such websites. Since you already know how Gollum Ransomware is distributed, it will be easier for you to prevent it from entering your system; however, we cannot guarantee that you will be safe 100%. To ensure the maximum system’s security, you should install a security application on your computer. The antimalware tool you install cannot be random security software found on the web because there is a bunch of threats pretending to be powerful antimalware software. You should also make sure your security tool gets all updates if you want it to protect you from all the newest threats.

You must remove Gollum Ransomware immediately if you have encountered it. None of your files will be unlocked, but this threat could not encrypt more personal files on your computer. You can erase it either manually or automatically. If you decide to delete it from the system yourself, and you are sure you are not an expert in malware removal, you should use our manual removal guide – you can find it a bit below. Speaking about an automated malware removal method, you must use only a 100% reliable security application to clean your system. An untrustworthy tool will only pretend to erase malware from your system fully. In the worst-case scenario, you might even find new untrustworthy applications installed on your computer without your knowledge.

Remove Gollum Ransomware manually

1. Open Explorer by tapping Win+E simultaneously.
2. Access %TEMP%.
3. Remove Network.exe.
4. Delete the ransom note ARE_YOU_WANNA_GET_YOUR_FILES_BACK.txt from all affected directories.
5. Remove all suspicious files you have downloaded recently.
6. Check the connected USB flash drive.
7. If you can locate Launcher.exe there, delete it.
8. Empty Recycle Bin.