Delete The Enjey Ransomware And Restore Your Computer (Virus Removal Guide)

The Enjey ransomware is a new malware which has been recognized as being descendant from the RemindMe ransomware, read our removal guide to learn more about it.

Enjey Ransomware Description

The security community has alerted us of a new discovery – the Enjey ransomware. According to the initial analysis it is descendant of the RemindMe ransomware threat. At the moment we do not who is responsible for its creation – hacker or hacker collective.

What we know is that it follows the usual behavior associated with similar viruses – it uses an encryption cipher to target various user data and then extort the victims for a ransomware payment.

Upon infection the virus fist contacts the remote C&C servers and initiates a network connection to report of the compromised host. The Enjey ransomware reports information about the system to the attackers such as the computer’s name and local settings.

When the encryption process is started the virus affects the most popular file type extensions associated with documents, photos, videos, configuration files, databases and etc. When this is done a ransomware note is crafted (in a README_DECRYPT.txt file ) and shown to the user. It reads the following message:

Hello, your personal identity:[redacted] All of your documents, photos, databases and other important data has been encrypted. TO get a decoder, please contact me by e-mail: [email protected] In the message write the following: ” Hey, I need a decoder + your personal identifier You will receive Bitcoin wallet, which will need to pay.
If you have no sitcom wallet – create a sitcom wallet https://blockchain.info/wallet/#/signup—dobj – Buy cryptocurrency. – Https://en.bitcoin.it/wiki/Help:FAD (for beginners),
Attention!
– Do not try to do something on their own, you can lose all your data! – Do not rename all files are encrypted!

All affected data receive the following extension: [email protected]. The ransomware note is fairy typical for these types of viruses – it scares the users and attempts to trick them into paying the ransomware sum. Do not attempt to pay the hackers. There are several case scenarios which have been reported by the experts:

  • The Criminals Receive The Payment And Do Not Restore The Files – As the payments are done via the Bitcoin currency they are pratically anonymous and untraceable. In the majority of cases the hackers receive the payment and then do not answer or restore the files of the victims.
  • Partial Restoration – The hackers restore some of the user’s data to show that they have begun decryption. However they do not restore everything.
  • Further Malware Infections – The hackers can introduce additional threats to the infected hosts.

These are the reasons why we recommend that everyone use a quality anti-malware tools to remove existing infections and protect their computers.

Enjey Ransomware Distribution

The captured Enjey ransomware samples are still very little in volume and the security experts cannot judge which are the primary infection methods.

The following options are the probable sources as they are the most popular ones:

  • Email Scams – Computer hackers typically use phishing messages to infect the victims via popular scams. The emails pose as being from a well-known company or a government institution. The viruses may either be attached directly to the message or linked somewhere in the body.
  • Download Sites and BitTorrent trackers – Various hacked or hacker-controlled sites are a popular source of viruses. BitTorrent trackers are notorious for distributing them.
  • Exploit Kits and Trojans – Direct attacks can institute additional malware installations such as the Enjey ransomware.
  • Dangerous Scripts and Browser Extensions – Malicious web scripts available on hacked sites, ad networks and browser hijackers can lead to a serious infection. The dangerous browser extensions (also known as hijackers) can infect the host computer with all sorts of viruses due to their behavior. They change the default search engine, new tabs page and homepage to point to a hacker-controlled site or portal.

Summary of the Enjey Ransomware


Name
Enjey Ransomware

File Extensions
[email protected]

Ransom
Varies

Easy Solution
You can skip all steps and remove Enjey Ransomware ransomware with the help of an anti-malware tool.

Manual Solution
Enjey Ransomware ransomware can be removed manually, though it can be very hard for most home users. See the detailed tutorial below.

Distribution
Spam Email Campaigns, malicious ads & etc.

Enjey Ransomware Ransomware Removal

STEP I: Start the PC in Safe Mode with Network
This will isolate all files and objects created by the ransomware so they will be removed efficiently.

    1) Hit WIN Key + R

Windows-key-plus-R-button-launch-Run-Box-in-Windows-illustrated

    2) A Run window will appear. In it, write “msconfig” and then press Enter
    3) A Configuration box shall appear. In it Choose the tab named “Boot
    4) Mark “Safe Boot” option and then go to “Network” under it to tick it too
    5) Apply -> OK

Or check our video guide – “How to start PC in Safe Mode with Networking

STEP II: Show Hidden Files

    1) Open My Computer/This PC
    2) Windows 7

      – Click on “Organize” button
      – Select “Folder and search options
      – Select the “View” tab
      – Go under “Hidden files and folders” and mark “Show hidden files and folders” option

    3) Windows 8/ 10

      – Open “View” tab
      – Mark “Hidden items” option

    show-hidden-files-win8-10

    4) Click “Apply” and then “OK” button

STEP III: Enter Windows Task Manager and Stop Malicious Processes

    1) Hit the following key combination: CTRL+SHIFT+ESC
    2) Get over to “Processes
    3) When you find suspicious process right click on it and select “Open File Location
    4) Go back to Task Manager and end the malicious process. Right click on it again and choose “End Process
    5) Next you should go folder where the malicious file is located and delete it

STEP IV: Remove Completely Enjey Ransomware Ransomware Using SpyHunter Anti-Malware Tool

Manual removal of Enjey Ransomware requires being familiar with system files and registries. Removal of any important data can lead to permanent system damage. Prevent this troublesome effect – delete Enjey Ransomware ransomware with SpyHunter malware removal tool.

SpyHunter anti-malware tool will diagnose all current threats on the computer. By purchasing the full version, you will be able to remove all malware threats instantly. Additional information about SpyHunter / Help to uninstall SpyHunter

STEP V: Repair Windows Registry

    1) Again type simultaneously the Windows Button + R key combination
    2) In the box, write “regedit”(without the inverted commas) and hit Enter
    3) Type the CTRL+F and then write the malicious name in the search type field to locate the malicious executable
    4) In case you have discovered registry keys and values related to the name, you should delete them, but be careful not to delete legitimate keys

Further help for Windows Registry repair

STEP VI: Recover Encrypted Files

SpyHunter anti-malware tool will diagnose all current threats on the computer. By purchasing the full version, you will be able to remove all malware threats instantly. Additional information about SpyHunter / Help to uninstall SpyHunter

How To Restore Enjey Files

    1) Use present backups
    2) Use professional data recovery software

      Stellar Phoenix Data Recovery – a specialist tool that can restore partitions, data, documents, photos, and 300 more file types lost during various types of incidents and corruption.
    3) Using System Restore Point

      – Hit WIN Key
      – Select “Open System Restore” and follow the steps


restore-files-using-system-restore-point

    4) Restore your personal files using File History

      – Hit WIN Key
      – Type “restore your files” in the search box
      – Select “Restore your files with File History
      – Choose a folder or type the name of the file in the search bar

    restore-your-personal-files-using-File-History-bestecuritysearch

      – Hit the “Restore” button

SpyHunter anti-malware tool will diagnose all current threats on the computer. By purchasing the full version, you will be able to remove all malware threats instantly. Additional information about SpyHunter / Help to uninstall SpyHunter

How disturbing is this problem?

Avatar

Author : Martin Beltov

Martin graduated with a degree in Publishing from Sofia University. As a cyber security enthusiast he enjoys writing about the latest threats and mechanisms of intrusion.


Related Posts

Leave a Reply

Your email address will not be published. Required fields are marked *