Tilde Ransomware Removal Guide

Threat Level:
Rate this Article:
Comments (0)
Article Views: 1143
Category: Trojans

We have recently tested Tilde Ransomware and in this article, we will tell everything you need to know about it. From the outset, this program is dedicated to encrypting your files and asking you to pay a ransom for the decryption key that you might not ever get. Therefore, it is recommended that you remove it from your computer. Unfortunately, a third-party decryption tool that could help you get your files back for free is yet to be developed. Regardless, you should not allow yourself to be bullied by cyber criminals, which is what the developers of this ransomware truly are. We have a lot of interesting information about this infection, so, without further ado, let us jump into it.

When this ransomware infects your computer, it immediately scans its hard drives for file formats that it can encrypt and then go to work. This ransomware is capable of encrypting close to a hundred file formats which include the most popular image, video, audio, and document files. It uses a secure AES (Advanced Encryption Algorithm) cipher to encrypt them and, thus, render them inaccessible. Tilde Ransomware’s main file is named randomly, and the name does not appear to follow any predictable patterns. The file gets dropped to the location of your choice as it is known to be included in a file archive. It does not make a copy of itself to hide deep in your computer’s OS. When it encrypts the files, it appends their names with the ~ symbol which indicated that the file had been encrypted.

After the encryption process is complete, the ransomware creates multiple files named _RECOVER_INSTRUCTIONS.ini that are put into every folder where a file was encrypted. Furthermore, it will change the desktop wallpaper to an image named img.bmp that is dropped in %TEMP%\Simple_Encoder. Take note that Simple_Encoder is another name for Tilde Ransomware and they can be used interchangeably. Both of these files serve as ransom notes that tell you what to do next. Of course, it offers you to purchase the decryption key from the cyber criminals. Its price is only 0.8 BTC. Does not look much, does it? But, when you convert this sum to US dollars you get 521.6 dollars. Now this is a substantial amount of money, and you should ask yourself whether it is worth paying. We are of the opinion that paying the ransom is a risk because you might not get the promised decryption key. Before we move on to the removal guide, let us take a look at how this ransomware is disseminated.

We have found that like so many ransomware-type infections, Tilde Ransomware too is distributed using email spam. Its developers have set up a server dedicated to sending email spam to random email addresses. The emails may be disguised as invoices or receipts from international companies. The emails contain a file archive that requires you, the user to open or extract and run the featured program. The executable file can be disguised as a PDF file that can trick users into thinking that it is indeed real and safe.

After analyzing this ransomware, we have come to the conclusion that it is a real danger to your computer. If you do not have an anti-malware tool, this infected can easily get onto your computer and render your files inaccessible. Currently, there is no way to decrypt the files for free, but we do not recommend paying because you might not receive the decryption software anyway. All you can do at this point is to remove Tilde Ransomware, and you can do this by following the simple instructions provided below.

Removal instructions

  1. Delete this ransomware’s main file from its location (e.g. Downloads folder, desktop)
  2. Then, hold down Windows+E to open File Explorer.
  3. Enter %TEMP%\Simple_Encoder in the address box and press Enter.
  4. Delete all of the _RECOVER_INSTRUCTIONS.ini files.
Download Remover for Tilde Ransomware *
*SpyHunter scanner, published on this site, is intended to be used only as a detection tool. To use the removal functionality, you will need to purchase the full version of SpyHunter.

Tilde Ransomware Screenshots:

Tilde Ransomware
Tilde Ransomware


Your email address will not be published.


Enter the numbers in the box to the right *