How to Remove Amnesia 2 Ransomware

Jun 23rd 2017 - by Fix My PC FREE in: Blog Virus Removal | 0 Comment

ATTENTION, PLEASE!

Malware may reinstall itself multiple times if you don't delete its core files. This may require tracking down dozens of files in different locations.

We recommend downloading Advanced System Repair to eradicate Malware for you (it should cut down the time to about 15 minutes).

>> Download Advanced System Repair <<

What is Amnesia 2 Ransomware?

This ransomware could be one of your worst nightmares ever. As this threat can encrypt your files to make them inaccessible to you until you pay them the demanded ransom. The Amnesia 2 ransomware is a slightly newer and more improved version of the original Amnesia ransomware and was first discovered in early June, 2017. This cyber infection was spread through spam email attachments that have been terrorizing many users lately.

This ransomware variant does not only append the new extensions .01 and .02 but also jumbles up your files to make it even more difficult for you to recover them. It also changed its ransom note’s file name from HOW the TO the RECOVER the ENCRYPTED files.txt to a clearer file name, RECOVER-FILES.HTML as you can see below. This new note looks polished compared to the first one which is a clear indication that this is an improved version of the Amnesia ransomware.

Its predecessor, Amnesia ransomware, carries out a typical Trojan tactic which involves encrypting the victim’s files and then demanding the ransom. The Amnesia 2 ransomware is quite the same, except that this newly improved version uses a strong encryption algorithm in encrypting the files and like stated, after the encryption it also jumbles up your files to make it even harder for you to recover them. Luckily, a decryption tool was recently developed by Emisoft so there is no need for you to panic and pay the crooked cyber criminals. This tool can be obtained online and for free. However, if you are not quite familiar with distinguishing a suspicious software to a genuine one, then it is not advised that you do such thing for you might end up adding more malicious infection if you download the wrong tool or an infected one on your computer the instead of eliminating it.

The distribution method of the Amnesia 2 ransomware is through the use of corrupted text files that contain macro scripts designed to download and install the ransomware unto your computer. For instance, those corrupted text files will be sent to your email as a spam email disguising as an important document to lure you into opening it. The other way in which this infection could be distributed is through the so-called Remote Desktop Protocol or RDP attack which means that these cyber criminals can get into your computer and gain access by hacking it and once they did, they use RDP to monitor and control your computer to drop an infection like the Amnesia 2 ransomware.

The distinguishing differences between the Amnesia and Amnesia 2 ransomware is that the new one uses an improved encryption algorithm as well as new file extensions like stated at the beginning of this article. So without further adieu, you can remove this troublesome ransomware using the following complete set of instructions below.

Eliminating Amnesia 2 ransomware:

Step 1: Open the Windows Task Manager by pressing Ctrl + Shift + Esc. Go to the Processes tab. Locate suspicious processes that can be related to the Amnesia 2 ransomware.

Right-click on them and select Open File Location then scan them using any up-to-date antivirus. After opening each folder, end the infected processes and delete their folders.

Step 3: Open Control Panel by pressing Start key + R to launch Run and type appwiz.cpl in the search box and click OK.

Look for the Amnesia 2 ransomware or any suspicious program that might be related to it and then click Uninstall.

Step 4: Go to the System Configuration. To do so, click the Windows button and type msconfig in the search box and hit Enter Proceed to Startup and unmark items with an unknown manufacturer.

Step 5: Hold down Windows + E keys simultaneously.

Step 6: Go to the directories listed below and delete everything in it. Or other directories you might have saved the file related to the Amnesia 2 ransomware.

  • %USERPROFILE%\Downloads
  • %USERPROFILE%\Desktop
  • %TEMP%

Step 7: Look for the html file or the corrupted text file of Amnesia 2 ransomware named RECOVER-FILES.HTML or any malicious file that could be related to the Amnesia 2 ransomware.

Step 8: Right-click on it and click Delete.

Step 9: Perform a full system scan using an excellent antivirus and anti malware program like SpyRemover Pro. This will help you get rid of any residues that the Amnesia 2 ransomware might have left out as well as prevent infections like that from getting into your computer again in the future.

Step 10: Empty your Recycle Bin and then restart your PC.

No Comment

Leave a Reply

Name Required

Website