SuperCrypt Ransomware - How To Remove?
SuperCrypt Ransomware is a very dangerous infection targeted to users from Europe. The main target of this ransomware is Windows Servers with Windows 2003 and Windows Server operating systems. The scheme of SuperCrypt ransomware is really similar to all other ransomware – firstly it encrypts files on server and then users are asked to pay a ransom in order to retrieve those files. As you know usually very important files are stored in those Windows servers. This means users just can’t afford to lose them and that’s why they are willing to pay that fee asked by SuperCrypt. They get scared that they can lose them for good and that push them to paying ransom. It’s extremely difficult (or should I say impossible) to remove this ransomware manually because it disappears once those files are encrypted. It is really hard to prevent getting infected with this ransomware as well.
All files encrypted by SuperCrypt ransomware will be changed to .SUPERCRYPT extension. You will also find a note placed on a desktop called HOW-TO-DECRYPT-FILES.txt. There you will find a step-by-step instructions what you have to perform in order to retrieve your files. Message looks like this:
If you’re reading this text file, then ALL your FILES are BLOCKED with the most strongest military chiper.
All your data – documents, photos, videos, backups – everything in encrypted.
The only way to recover your files – contact us via email@example.com
Only WE have program that can completely recover your files.
Attach to e-mail:
- Text file with your code (“HOW TO DECRYPT FILES.txt”)
- One encrypted file (please dont send files bigger than 1 MB)
We will check your code from text file and send to you our CONDITIONS and your decrypted file as proof that we actual have decrypter.
The FASTEr you’ll CONTACT US – the FASTER you will RECOVER your files.
We will ignore your e-mails without attached code from your “HOW TO DECRYPT FILES.txt”
If you haven’t received reply from us – try to contact us via public e-mail services such as Yahoo or so.
If you complete these instructions, you will receive instructions how to pay a ransom and retrieve all of your files. You will be asked to pay 300 Euro via Bitcoin or Ukash vouchers. Please take in consideration that there are no guarantees that your file will be decrypted, if you pay the ransom. However, any of anti-virus applications are not able to remove this ransomware at the time and that decrypter for 300 Euro offered by cyber criminals seems to really work. So incase you don’t have any backup of your files stored in external hard drive or anywhere else, you will probably will have to pay the ransom to retrieve your files. It’s also almost impossible to protect your system from this infection once you are a direct target of the hackers. However, there are some cyber security aspects about this ransomware that you should be aware of. SuperCrypt may infiltrate additional malware to your system and it will stay even after you pay the ransom. That’s why you should scan your system with a trustworthy anti-malware program, such as Reimage, SpyHunter, Malwarebytes or Stopzilla.
Update: the decrypter is now available at here: link. You can download it for free and successfully decrypt your files.
Important Note: Although it is possible to manually remove SuperCrypt Ransomware, such activity can permanently damage your system if any mistakes are made in the process, as advanced spyware parasites are able to automatically repair themselves if not completely removed. Thus, manual spyware removal is recommended for experienced users only, such as IT specialists or highly qualified system administrators. For other users, we recommend using Reimage or other tools found on 2-viruses.com.