Spiteful Doubletake Virus - How to remove

Spiteful Doubletake – extremely dangerous computer virus that can completely paralyze your system. It is classified as ransomware, so once inside of your computer it will encrypt all personal files and demand a ransom in an exchange of a decryptor, which can unlock your files and put everything back to normal.

Even though this infection is not so different from other ransomware viruses, this doesn’t make it less dangerous. It can ruin your computer and take away your money. Obviously, it would be best to get ahead of a virus like this and prevent the infection in a first place, but in case it is too late for prevention and your computer is already infected, please stay with us and learn how to solve this problem in the best way possible.

Solving a problem related to ransomware infection consists of two critical phases – you need to remove the virus itself first and then recover the files that were encrypted. You can’t do one without the other, because it would be simply ineffective.

How Can Spiteful Doubletake Ransomware Hurt You

So it’s already clear that the one and only goal of cyber criminals behind Spiteful Doubletake is to make money by taking away files that belong to you. To achieve this goal, cyber criminals need to upload files that are used to execute the encryption algorithm into your computer. Then, they use a military level encryption algorithm to change the structure of your files and make them unusable. I.e. you won’t be able to open them, they will be worthless. However, that doesn’t mean that they are lost forever – the encryption process can be reversed and your files will be good to go once again.

Unfortunately, to reverse the process you need to have access to the special, unique decryption key. This key is generated by cyber criminals and accessed to every infected computer. They store it in a remote server, so there is no other way to get it than by paying the ransom. They will ask you for $500 in Bitcoins, and even if that looks like a reasonable price for your personal files, we encourage you not to pay the ransom. Here’s the original message displayed by Spiteful Doubletake ransomware:

All your files are belong to me!!!
You persn foolish, all youre files have i encrypted and you must pay NOW!
If you dont you fle be gone forever
You must pay now my bitcoin address $500 dollars usd cash.
You will neuer euer see your files again if you do not pay.
Pay bitcoins address: 1FfmbHfnpaZjKFuyilokTjJJusN455paPH
[Pay Now!]
[Okay…]

This message is displayed on a separate window that will be opened automatically once the encryption process is over. If you close this window, the following window will pop-up:

You fool! I’m not going to actually give you your files back!
But I will take your money though.

So they are playing open cards with you – you are provided with Bitcoin wallet address and asked to transfer $500. Again – we do not recommend to do that. We have analyzed various viruses similar to Spiteful Doubletake, such as Healforyou, .adobe ransomware, or Tfudeq and we can assure you that there are other, better alternatives to paying the ransom.

Spiteful Doubletake Virus Removal

As we have mentioned before, you need to remove Spiteful Doubletake ransomware first and then move on to restoring your locked files. If you skip the first step and go straight to restoring your files, the virus will remain active on your system and might perform encryption once again.

The most efficient way to eliminate Spiteful Doubletake malware is to scan your system with Spyhunter.

Then, when the virus already removed from your computer, you can recover your lost files. Probably the best way to do it is performing a system restore. This would set your system back in time to the date when it wasn’t yet infected. However, to be able to do that, you have to have a valid backup, that wasn’t corrupted by the virus.

If you still struggle to solve the problem, please take a look at the instructions provided below. Also, feel free to ask us a question in the comments section below and we will do our best to answer them all.

Automatic Malware removal tools

How to recover Spiteful Doubletake Virus encrypted files and remove the virus

Step 1. Restore system into last known good state using system restore

1. Reboot your computer to Safe Mode with Command Prompt:

for Windows 7 / Vista/ XP

• Start → Shutdown → Restart → OK.
• Press F8 key repeatedly until Advanced Boot Options window appears.
• Choose Safe Mode with Command Prompt.

for Windows 8 / 10

• Press Power at Windows login screen. Then press and hold Shift key and click Restart.
• Choose Troubleshoot → Advanced Options → Startup Settings and click Restart.
• When it loads, select Enable Safe Mode with Command Prompt from the list of Startup Settings.

 

2.Restore System files and settings.

• When Command Prompt mode loads, enter cd restore and press Enter.
• Then enter rstrui.exe and press Enter again.
• Click “Next” in the windows that appeared.
• Select one of the Restore Points that are available before Spiteful Doubletake Virus has infiltrated to your system and then click “Next”.
• To start System restore click “Yes”.

 

Step 2. Complete removal of Spiteful Doubletake Virus

After restoring your system, it is recommended to scan your computer with an anti-malware program, like Spyhunter and remove all malicious files related to Spiteful Doubletake Virus. You can check other tools here.  

Step 3. Restore Spiteful Doubletake Virus affected files using Shadow Volume Copies

If you do not use System Restore option on your operating system, there is a chance to use shadow copy snapshots. They store copies of your files that point of time when the system restore snapshot was created. Usually Spiteful Doubletake Virus tries to delete all possible Shadow Volume Copies, so this methods may not work on all computers. However, it may fail to do so. Shadow Volume Copies are only available with Windows XP Service Pack 2, Windows Vista, Windows 7, and Windows 8. There are two ways to retrieve your files via Shadow Volume Copy. You can do it using native Windows Previous Versions or via Shadow Explorer. a) Native Windows Previous Versions Right-click on an encrypted file and select Properties → Previous versions tab. Now you will see all available copies of that particular file and the time when it was stored in a Shadow Volume Copy. Choose the version of the file you want to retrieve and click Copy if you want to save it to some directory of your own, or Restore if you want to replace existing, encrypted file. If you want to see the content of file first, just click Open.

b) Shadow Explorer It is a program that can be found online for free. You can download either a full or a portable version of Shadow Explorer. Open the program. On the left top corner select the drive where the file you are looking for is a stored. You will see all folders on that drive. To retrieve a whole folder, right-click on it and select “Export”. Then choose where you want it to be stored.

Step 4. Use Data Recovery programs to recover Spiteful Doubletake Virus encrypted files

There are several data recovery programs that might recover encrypted files as well. This does not work in all cases but you can try this:

• We suggest using another PC and connect the infected hard drive as slave. It is still possible to do this on infected PC though.
• Download a data recovery program.
• Install and scan for recently deleted files.

Note: In many cases it is impossible to restore data files affected by modern ransomware. Thus I recommend using decent cloud backup software as precaution. We recommend checking out Carbonite, BackBlaze, CrashPlan or Mozy Home.