Ransomware is growing rapidly and CryptoViki Ransomware is another member of this family. This dangerous ransomware is discovered by a well known malware researcher known as Marcelo Rivero. As reported by security experts the ransomware mostly target computer based in Russian region but it doesn’t means that user of other countries care free from its attack. It is designed to infiltrate its targeted computer silently and start its malicious work. This ransomware can easily encrypt files stored on the hard drive of compromised system as well as connected external storage media. To encrypt its targeted files the threat use a fusion of RSA and AES encryption algorithm. The encrypted files become completely inaccessible and user who doesn’t have backup get stuck badly. To decrypt files you will need an unique decryption key which is stored on criminals server and to provide that hackers will demand ransom.
CryptoViki Ransomware : How It Carry Out Its Atack?
After infiltrating the system, CryptoViki Ransomware modify its setting to make it eligible to start its process automatically whenever the PC boot. To start its encryption process the ransomware make index of all the targeted files on compromised computer. It is also known for deleting the shadow volume copies which make the decryption more complex. You should know that it can easily encrypt large number of file types including image, video, documents, PDF, spreadsheet etc. Upon completing its encryption process the threat add an unique extension to all the encrypted files which read as .viki. So if you also see files in blank icon having the .viki extension then remember it is ransomware attack. Here you can see the number of extension which the ransomware can encrypt.
Following a successful encryption, CryptoViki Ransomware drops a ransom note which inform victim about encryption and also contain instruction about decryption. The ransom note is known as readme.txt which is places in each of the folder that contain encrypting files. The ransom note is written in Russian which want user to contact on firstname.lastname@example.org if they want to restore the data. But user are not suggested to contact on the email and follow anything stated in the ransom note. According to a security report after contacting such email the criminals can demand $500 and $1500 in Bit-coins from user in exchange of the decryption tool. But there is no gurantee that you will get the decryptor even after the payment. Here you can see the text written in ransom note.
How CryptoViki Ransomware Infiltrate My PC?
There are several ways through which a ransomware can attack your system but the most common one is spam email campaign. The targeted user will receive an email from criminals which contain an attachment. The email is crafted so that it appear genuine email send by some reputed person or company. But remember the attachment of such email contain code which can activate the threat in your system. So if you also get any suspicious email then never try to open it without proper verification.
Removal Instructions Of CryptoViki Ransomware
Removing the ransomware is more important that restoring files because if the threat remains on your system then it again encrypt your files. In order to remove it manually you can use the below given steps.
Step 1 : Start your PC in Safe Mode with Networking
- Click on Start menu > Shutdown button.
- Then click on Restart > click OK.
- Start pressing F8 key once system become active.
- It launch Advanced Boot Options window.
- Select Safe Mode with Networking and press enter.
Step 2 : Remove ransomware related Entries From registry
- Press Windows + R button at once.
- It will bring the Run Box on screen.
- Type “regedit” to start the Windows registry.
- Search for ransomware related entries.
- Click on Disable option, to remove them.
Step 3 : Remove suspicious files from control panel
- Close all the programs and select control panel.
- Choose uninstall a program option.
- You will get all the installed program.
- Find out program related to Ransomware .
- Click on Uninstall option to remove them.
Ransomware create several files which is not easy to remove manually. So if you want complete removal of this ransomware then use Free scanner.