This ransomware is dubbed “Sorry virus” because of the extension it adds to the encrypted files. Yet again, it is another ransomware based on Hidden Tear ransomware project. It is the main source of ransomware infections lately, as viruses like Krypton ransomware or ScammerLocker are also based on this project.
If you are not familiar with ransomware, it is a kind of computer virus that encrypts your files with specific cryptography and then asks for a ransom in order to unlock files, so you could use them again.
In this particular case, Sorry ransomware uses symmetric encryption method, also known as AES. After it is inside of your computer, it will automatically scan all of your files to detect ones that can be encrypted.
Unfortunately, this virus can encrypt all most popular files, so your personal photos, text documents, audio and video files, etc. will be encrypted. What happens when the file is encrypted? Well, first of all, you will sure notice new extension. In this case it is “.sorry”. So if you had a file named “song.mp3”, now it will look like “song.mp3.sorry”. That is a sign that you can’t open or use that file in any other way.
Sorry virus will stop at nothing and encrypt most of your personal files. After that, you will notice a file called “How Recover Files.txt” in every folder that features encrypted files. It is a ransom note – message to you about the ransomware and how to pay the ransom. Original text of the message:
As you can see, there is little to none information about what have happened and what you should do next. They only inform you that you are welcome to contact them via email at [email protected] or [email protected]
Even if you are curious to discover the amount of the ransom or actually try to decrypt your files, we do not recommend contacting cyber criminals – that’s never a good idea. Most probably you will be asked to pay a few hundreds of dollars or even thousands. Moreover, there are no guarantees that your files will be unlocked even if you pay the ransom – we don’t know if they have abilities to encrypt files. Also, they can simply ignore you after you pay the ransom.
How did Sorry ransomware infected your computer?
Now you might be wondering how this virus found a way to your system. Most of the time ransomware is traveling as an attachment to malicious email letters and gets automatically installed once someone opens them. So rule number one – stay away from spam emails.
Rule number two is to keep your computer protected all the time – install anti-malware software with real time protection feature and be sure that no viruses will be able to enter your computer. If you don’t know which one to choose, feel free to take a look at our reviews section.
Removing Sorry Ransomware Virus
Even though removing Sorry Ransomware Virus won’t decrypt your files, you still have to do it. The best method for that is to run a scan with trustworthy anti-malware. Scan your system with Spyhunter and Sorry ransomware should be gone for good automatically.
Unfortunately, there is no way to decrypt files with .sorry extension at the moment, thus the only way you can actually retrieve your files is to restore them from a backup. If you do have a backup copy of your hard drive that wasn’t corrupted by ransomware, follow this system restore guide to get your files back.
Automatic Malware removal tools