EnkripsiPC ransomware is a malware threat that is of unknown origin, it encrypts target user data and appends the .fucked extension to the compromised files. Learn more about it in our removal guide.
Name |
EnkripsiPC |
File Extensions |
.fucked |
Ransom |
0.5 Bitcoins |
Solution #1 |
You can skip all steps and remove EnkripsiPC with the help of an anti-malware tool. |
Solution #2 |
EnkripsiPC ransomware can be removed manually, though it can be very hard for most home users. See the detailed tutorial below. |
Distribution |
Spam Email Campaigns, malicious ads & etc. |
EnkripsiPC Ransomware Description
EnkripsiPC Ransomware is a new malware threat that was recently reported by security experts. This virus uses the typical behavior pattern of encrypting target user files and appending the .fucked extension.
The ransomware is also known as IDRANSOMv3 and Indonesian Ransomware v3. The criminal developer responsible for the code is known as humanpuff69.
A machine-translated version of the Indonesian ransomware note reads the following:
EnkripsiPC (PC Encryption)
All your files are encrypted
Assalyamaleykum Wr Wb (User)
We encrypt all files
therefore, your files can not be opened
and all your files with the extensions .fucked
to restore all the files
Please send us, so that we
provided the code to restore
all your files
If you say something you do not do anything
never be disclosed in your data
as long as you do not pay us
it’s just so many of us do
Vassalamaleykum Wr Wb (User)
—
“Restore my files!” Button
—
How to recover files
1. Ask for an unlock code here to contact
LINE: manusiapartGS
Facebook: muhammad.f.nazeeh
Youtube: humanpuff69
email: [email protected]
[email protected]
muhlubaid69 @ gmail .com
ID KOMPUTER = WMMT / RM
2. Contribute to the redemption of this amount:
Rp 50.000 – Rp 100.000
3. If this is done the billing code will be provided to you, which you must enter here to restore files
[Click “BUKA” button]
EnkripsiPC Ransomware Distribution
The first malware samples of the EnkripsiPC Ransomware were detected in December 2016. It primarily targets Indonesian-speaking users by identifying the systme locale setting.
The virus is distributed as an infected binary file which poses as a legitimate software installer or an update.
EnkripsiPC Ransomware Removal
For a faster solution, you can run a scan with an advanced malware removal tool and delete EnkripsiPC completely with a few mouse clicks.
STEP I: Start the PC in Safe Mode with Network
This will isolate all files and objects created by the ransomware so they will be removed efficiently.
-
1) Hit WIN Key + R
- 2) A Run window will appear. In it, write “msconfig” and then press Enter
3) A Configuration box shall appear. In it Choose the tab named “Boot”
4) Mark “Safe Boot” option and then go to “Network” under it to tick it too
5) Apply -> OK
Or check our video guide – “How to start PC in Safe Mode with Networking”
STEP II: Show Hidden Files
-
1) Open My Computer/This PC
2) Windows 7
-
– Click on “Organize” button
– Select “Folder and search options”
– Select the “View” tab
– Go under “Hidden files and folders” and mark “Show hidden files and folders” option
3) Windows 8/ 10
-
– Open “View” tab
– Mark “Hidden items” option
4) Click “Apply” and then “OK” button
STEP III: Enter Windows Task Manager and Stop Malicious Processes
-
1) Hit the following key combination: CTRL+SHIFT+ESC
2) Get over to “Processes”
3) When you find suspicious process right click on it and select “Open File Location”
4) Go back to Task Manager and end the malicious process. Right click on it again and choose “End Process”
5) Next you should go folder where the malicious file is located and delete it
STEP IV: Remove Completely EnkripsiPC Ransomware Using SpyHunter Anti-Malware Tool
SpyHunter anti-malware tool will diagnose all current threats on the computer. By purchasing the full version, you will be able to remove all malware threats instantly. Additional information about SpyHunter / Help to uninstall SpyHunter
STEP V: Repair Windows Registry
-
1) Again type simultaneously the Windows Button + R key combination
2) In the box, write “regedit”(without the inverted commas) and hit Enter
3) Type the CTRL+F and then write the malicious name in the search type field to locate the malicious executable
4) In case you have discovered registry keys and values related to the name, you should delete them, but be careful not to delete legitimate keys
Further help for Windows Registry repair
STEP VI: Recover Encrypted Files
-
1) Use present backups
2) Restore your personal files using File History
-
– Hit WIN Key
– Type “restore your files” in the search box
– Select “Restore your files with File History”
– Choose a folder or type the name of the file in the search bar
- – Hit the “Restore” button
3) Using System Restore Point
-
– Hit WIN Key
– Select “Open System Restore” and follow the steps
STEP VII: Preventive Security Measures
-
1) Enable and properly configure your Firewall.
2) Install and maintain reliable anti-malware software.
3) Secure your web browser.
4) Check regularly for available software updates and apply them.
5) Disable macros in Office documents.
6) Use strong passwords.
7) Don’t open attachments or click on links unless you’re certain they’re safe.
8) Backup regularly your data.
SpyHunter anti-malware tool will diagnose all current threats on the computer. By purchasing the full version, you will be able to remove all malware threats instantly. Additional information about SpyHunter / Help to uninstall SpyHunter