NOT_OPEN_LOCKER Ransomware Removal Guide

NOT_OPEN_LOCKER Ransomware is not exactly a unique ransomware infection since it is a new version of Everbe Ransomware. In fact, NOT_OPEN_LOCKER Ransomware is only one of several existing versions of this malicious application, and, as research conducted by specialists at 411-spyware.com has shown, it shares similarities with the previously-released versions. They all lock files on victims’ computers after the successful entrance. Then, they all demand money from users. NOT_OPEN_LOCKER Ransomware is probably no exception because it drops a file with a message after encrypting data on the affected computer. It tells users that they can only unlock their data with the decryption program. The message does not have the decryptor’s price indicated, but users get instructions to send an email to the provided email address to get “full instructions how to decrypt all your files.” It is very likely that these instructions have the following steps: 1) to purchase Bitcoin and 2) send it to the provided Bitcoin Wallet. It seems that it is not that hard to convince users to make a payment, but you should know that it is not clever at all to send money to malware developers. First, you might not get anything from them no matter what you do. Second, the piece of software received might turn out to be completely useless. Needless to say, crooks will not give the money back to you in this case. Last but not least, you should know that some components of NOT_OPEN_LOCKER Ransomware will stay on your computer even if you purchase a decryptor and unlock your files.

NOT_OPEN_LOCKER Ransomware is definitely not the only ransomware infection that locks files; however, if it is the computer threat you have encountered, you will see the .[notopen@countermail.com].NOT_OPEN extension appended to all your files. Also, the text file !_HOW_RECOVERY_FILES_!.txt will be placed in all affected directories on your PC. Can you locate it? If so, you have already fallen victim to this ransomware infection. If extremely important files have been locked, you should send an email with your unique ID to notopen@countermail.com. Do not expect to get the decryptor for free. It is more likely that you will be asked to pay for it instead. Usually, decryptors that can unlock files encrypted by ransomware infections are not cheap. Also, not all users receive it after they transfer money, so we cannot guarantee that you could unlock your personal files even if you make a payment. What about the alternative file recovery methods? Unfortunately, NOT_OPEN_LOCKER Ransomware deletes Shadow Volume Copies once it is executed, which suggests that restoring files from a backup might be the only way to fix files without the special tool. You should back up all your files regularly so that you would not lose them if it ever happens that new malicious software ever infiltrates your computer successfully.

NOT_OPEN_LOCKER Ransomware is a standard threat that locks files on victims’ computers. There is nothing unique about its distribution too. Researchers say that it should be mainly spread via spam emails. Malware usually travels as an email attachment, but it might be planted on your PC after you click on the malicious link too. While malicious email campaigns are used to promote malware the most commonly, cyber criminals might also drop bad applications on users’ computers if they ever manage to hack their RDP connections. It is easier than you think, especially if you have set weak credentials for the RDP you use. Last but not least, if you download files from torrent and similar websites quite often, you might download ransomware and other nasty threats yourself. It would be best to avoid downloading software from suspicious websites, but we know well how hard it may be to recognize an unreliable website and malware masqueraded as ordinary software, so we highly recommend installing reputable security software.

As research has clearly shown, NOT_OPEN_LOCKER Ransomware deletes itself from the affected system when it locks files on it and drops a ransom note. It does not mean that you will not need to do anything – you will still have to eliminate the ransom note it has dropped from all affected directories. It is also advisable to perform a scan with a reputable antimalware scanner since there might be more than one malicious application active on your system. A reliable malware remover will delete them all for you in no time.

Delete NOT_OPEN_LOCKER Ransomware

1. Open Windows Explorer
2. Open all affected directories (i.e. those directories containing encrypted files) one by one.
3. Delete !_HOW_RECOVERY_FILES_!.txt from all of them.
4. Launch an antimalware scanner and perform a full system scan.