File Spider Ransomware

What is File Spider Ransomware?

File Spider Ransomware is a new malicious application that belongs to the crypto-malware category. As research conducted by specialists at has revealed, it mainly spreads in Croatia, Serbia, and Bosnia and Herzegovina. If you reside in any of these countries, you should be very cautious all the time because you might allow this nasty infection to enter your system by simply clicking on some kind of malicious link, opening a malicious email attachment, or downloading software from a hacked website. Of course, it does not mean that users living in other countries cannot encounter this malicious application either. Even though users usually do not know anything about the entrance of the ransomware infection, it turns out quickly that such a threat has infiltrated the computer because it encrypts files right away and appends a new extension to them all. You cannot unlock these files by removing this extension. You need to have a unique key “generated specifically for this PC” to decrypt them. The reason ransomware infections are developed is to obtain money from users, so we are sure you will not be given this decryption key for free. Do not send Bitcoins to cyber criminals because they will never stop developing new threats if they always get what they want from victims. Additionally, the promise to send you the decryptor right away after receiving money might be a lie. To be honest, the chances are quite high that you will not get anything from crooks behind File Spider Ransomware, so you should delete this threat from your system immediately. Once this infection is gone from your computer, you could try alternative data recovery methods. Unfortunately, we cannot promise that you will find a way to unlock your files for free.testtesttest

Where does File Spider Ransomware come from?

File Spider Ransomware is mainly distributed via spam emails. Specifically speaking, users usually allow it to enter their computers by opening a malicious attachment that looks like an ordinary Microsoft Word document from an email with a subject line “Potrazivanje dugovanja.” Many ransomware infections are spread via malicious spam emails, but it does not mean that it is the only method used by cyber criminals to spread malicious software. Ransomware-type infections might be spread in other ways too, for example, they might pretend to be ordinary software, so there is only one piece of advice we have for you – keep your security software enabled on your computer all the time. Not all security applications can prevent malware from entering your computer, so make sure you use only powerful antimalware software.

What does File Spider Ransomware do?

If you are reading this article from the beginning, you should already know that File Spider Ransomware goes to lock files on users’ computers right away after slithering onto them. It locks all files except for those located in directories with Application Data, Program Files, Videos, Windows, Temp, Spider, Recycle, and some other words in their path addresses. Even though the encryption of files is the main activity it performs on compromised machines, research has shown that it might also kill the following processes: taskmgr, procexp, msconfig, Starter, regedit, cdclt, cmd, OUTLOOK, WINWORD, EXCEL, and MSACCESS. After encrypting users’ personal files, it also places HOW TO DECRYPT FILES.url to affected folders. On top of that, you will find DECRYPTER.url on Desktop. When this file is opened, it runs a file dec.exe located in %APPDATA%\Spider. As can be seen, File Spider Ransomware has a few components. You will need to delete them all yourself to erase this threat from your computer fully. The last paragraph of this article focuses on the removal of this malicious application, so read it all before you take action.

How to remove File Spider Ransomware

Unlike some other ransomware infections, File Spider Ransomware does not work from the place it has been launched. Instead, it creates a folder in %APPDATA%. As mentioned previously, it also drops HOW TO DECRYPT FILES.url and DECRYPTER.url following the successful encryption of victims’ personal data. If you decide to erase File Spider Ransomware manually, you will need to delete all components it has by yourself, one by one. Of course, it is easier to erase malware automatically. If you do not know much about the removal of malware, choose the automatic method over the manual one. Sadly, your files will stay locked no matter how you erase ransomware from your PC.

File Spider Ransomware removal guide

  1. Open Windows Explorer.
  2. Type %APPDATA% in the Explorer’s URL bar and press Enter.
  3. Locate the Spider folder and delete it.
  4. Open %USERPROFILE%\Desktop.
  5. Delete DECRYPTER.url.
  6. Remove HOW TO DECRYPT FILES.url from all affected folders.
  7. Delete all suspicious files downloaded recently.
  8. Empty Trash. 100% FREE spyware scan and
    tested removal of File Spider Ransomware*

Leave a Comment

Enter the numbers in the box to the right *