Avaddon Ransomware

What is Avaddon Ransomware?

Avaddon Ransomware could be your worst nightmare if you’ve never dealt with a ransomware infection before. Just like most of the other programs in the same category, the program infects you quietly, encrypts your files, and then expects you to pay for the decryption. Unfortunately, paying may not even solve anything, and so, cybersecurity experts say you should remove Avaddon Ransomware instead, and then look for other methods to restore your files. Maybe you have most of your files saved someplace else, and the file recovery won’t even be challenging. The most important is not to panic.testtesttest

Where does Avaddon Ransomware come from?

It seems that Avaddon Ransomware is a new player in the field, as it doesn’t look like this program belongs to any of the prominent infection groups. However, it doesn’t mean it is any less dangerous. In fact, dealing with completely new infections is sometimes more troublesome because it is harder to predict what they want or what they will do. Of course, we all know that ransomware wants money in exchange for your files, but new programs always pose new challenges because it is clear that there isn’t a public decryption tool intended for this infection yet.

Other than that, we do know for sure that Avaddon Ransomware spreads through spam email attachments. What’s more, the installer file that installs this program on the target computer looks like a JPG picture file. So, users are tricked into opening the install the ransomware thinking they are about to open some pictures.

This just means that you have to be really careful about the emails you receive from unknown parties. Sometimes the spam might also come from familiar accounts, but if the topic is odd or the content of the message is not something you would usually receive from that person, you should definitely remove that email at once. Finally, if you still think that the received file could be important, please scan it with a security tool before opening it. At least, this way, you will know whether the file is safe.

What does Avaddon Ransomware do?

Apart from the fact that the infection seems to be new, it functions like most of your ransomware programs out there. So, when it enters the target system, it runs a full system scan locating all the types of files it can encrypt, and then it runs the encryption algorithm. Once the encryption is complete, all the affected files receive the “.avdv” extension, and your system can no longer read them. Aside from encrypting your files, Avaddon Ransomware also drops a ransom note in all the folders that contain encrypted files. The ransom note is in an HTML file, and it opens in your browser. Here’s an extract from the ransom note:

-          What’s the matter?
Your computer has been infected with Avaddon Ransomware. All your files have been encrypted and you are not able to decrypt it by yourself. To decrypt your files, you have to buy the Avaddon General Decryptor.

-          What can I do to get my files back?
You should buy the software Avaddon General Decryptor. It will scan your PC, network share, all connected devices and check for encrypted files and decrypt them. Current price: 700 USD. We accept the Bitcoint cryptocurrency.

The ransom note actually looks professional, and some users might think that they really have to contact these criminals, or else there is no other way to restore their files. However, if you have copies of your files saved somewhere else, you don’t need to worry about paying the ransom or contacting the ransomware owners.

How do I remove Avaddon Ransomware?

It might be quite bothersome to remove Avaddon Ransomware on your own, so don’t hesitate to get yourself a powerful security tool that will terminate the infection for you automatically. It will also scan your computer and delete other malicious files that could’ve been downloaded on your system.

Finally, you have to go through various file recovery options. You could’ve saved your files on your mobile device, or maybe you have a cloud storage drive without even realizing it. Either way, the possibility of starting to build your file library anew is always there, but don’t make that the reason to pay the criminals. Don’t let them win.

Avaddon Ransomware Removal

  1. Press Win+R and the Run prompt will open.
  2. Type regedit into the Open box. Click OK.
  3. Open HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree.
  4. Under Tree, delete the update entry.
  5. Open HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run.
  6. On the right, right-click and remove the update value.
  7. Open HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run.
  8. On the right, right-click and remove the update value.
  9. Close Registry Editor and press Win+R.
  10. Type %WinDir% into the Open box and click OK.
  11. Navigate to System32\Tasks and remove the update folder.
  12. Press Win+R again and enter %AppData%. Click OK.
  13. Open the Microsoft folder and remove the EXE file with a 4-character name.
  14. Use SpyHunter to run a full system scan. 100% FREE spyware scan and
    tested removal of Avaddon Ransomware*

Leave a Comment

Enter the numbers in the box to the right *