ABC Ransomware

What is ABC Ransomware?

ABC Ransomware is a new variant of Globeimposter Ransomware. Yes, it slightly differs from the original threat, but it still acts as a typical ransomware infection. If it ever slithers onto your computer, you will soon find your files encrypted. This infection locks music, videos, pictures, and other valuable files not without reason. The only purpose ransomware infections are set to perform the encryption of files is to make it easier for crooks to obtain money from users. If you already see .astra at the end of the majority of your files, it means that your data has already been locked. Luckily, ABC Ransomware does not encrypt any system files, so your operating system will continue working normally after its successful entrance. Are you reading this article because you have already encountered ABC Ransomware? If the answer to this question is positive, your files must have been encrypted too. You will be asked to send money to be able to decrypt them, but you should not do that because the chances are high that you could still not unlock them. If you are not going to pay money to crooks, it does not mean you can let this ransomware infection stay active on your computer. If you do not remove its components from your system, you might launch this infection again, and, of course, it will not miss an opportunity to lock your new files when this happens. The last paragraph contains everything you need to know about the removal of this ransomware infection. On top of that, you will find the manual removal guide below this article, so we are sure you will manage to erase it from your computer.testtest

What does ABC Ransomware do?

As you already know, ABC Ransomware enters users’ computers to lock their files. First of all, it finds where all these files are located and then encrypts them all mercilessly. You will see all those files with a new extension .astra. Also, the ransom note here_your_files!.html dropped on your Desktop will inform you about the condition of your files: “All your files have been encrypted due to a security problem with your PC.” You will also find the .onion link in this file. You will need to download the TOR Browser from the web to be able to open this link. When you do this, you will see the message asking you to send the ransom in the Bitcoin cryptocurrency. You will even find websites Bitcoins can be purchased from listed there. You can send 1 file for cyber criminals to get it decrypted for free, but you should not transfer money for the decryption of other files because the chances are high that you could not do this. Yes, crooks tend to take users’ money but do not give anything in exchange. You could not do anything to get your money back in such a situation. Keep in mind that the ransomware infection will not be automatically deleted from your system as well if you make a payment, which means that you might find your files locked one day again if you just send the money required but do not do anything to disable the ransomware infection.

Where does ABC Ransomware come from?

We already know how ABC Ransomware works when it infiltrates victims’ computers, so we should now talk about its distribution. If you are reading this article just out of curiosity, you need to know that this ransomware infection is distributed exactly like similar crypto-threats. Speaking specifically, it usually starts working on users’ PCs when they open malicious attachments from spam emails.  These attachments are masqueraded as ordinary documents, e.g. PDF or DOC files, so it does not surprise us at all that so many users do not know anything about the entrance of the ransomware infection. It might not be enough to ignore spam emails and their attachments. You should also stop downloading software from dubious P2P websites because they often contain malicious software. Finally, there must be an automatic security application installed on all computers connected to the Internet, our security specialists say.

How to remove ABC Ransomware

You need to delete ABC Ransomware from your system as soon as possible because it is a very nasty infection. Luckily, it does not belong to the group of sophisticated ransomware infections, so you should be able to delete it from the system yourself. If you have never deleted a ransomware infection from your system, you should use our manual removal guide you can find below this article. Alternatively, you can scan your system with a powerful antimalware tool to erase malware from your PC.

ABC Ransomware removal guide

  1. Press Ctrl+Shift+Esc.
  2. Click Processes at the top.
  3. Kill all suspicious processes.
  4. Close Task Manager and launch Explorer.
  5. Open the following directories: %USERPROFILE%\Desktop, %USERPROFILE%\Downloads, and %TEMP%.
  6. Remove all files you find suspicious.
  7. Delete the ransom note (here_your_files!.html) from Desktop.
  8. Empty Trash. 100% FREE spyware scan and
    tested removal of ABC Ransomware*

Stop these ABC Ransomware Processes:


Leave a Comment

Enter the numbers in the box to the right *