Jest Ransomware

Posted by Lisa Blanc on April 27, 2020

What is Jest Ransomware?

Jest Ransomware is one of the many ransomware infections that have been terrorizing computer users worldwide. They come stealthily and then turn your entire world upside down. Jest Ransomware will also do the same: the infection will slither into your system, encrypt your files, and then it will demand that you pay a ransom to get your files back. We would like to point out that paying the ransom might not solve anything. These criminals could just collect the money and scram. Hence, you need to remove Jest Ransomware first, and then look for other ways to restore your files.testtest

Where does Jest Ransomware come from?

We have been dealing with big ransomware families for so long that coming across a lone-wolf of a program is somewhat refreshing. Not that it’s a good thing, all ransomware programs are evil, and there’s nothing fascinating about that.

However, Jest Ransomware doesn’t belong to any prominent ransomware infection family, and that is quite new. Of course, it doesn’t mean that the people behind this infection couldn’t have used a prominent ransomware code to make their own infection.

Also, Jest Ransomware clearly employs the most common ransomware distribution methods, like spam email attachments, bundled downloads, and unsafe RDP connections. So, there’s nothing new about that. It is very likely that this infection comes disguised as legitimate documents. For instance, online shopping invoices, financial statements, and even business offers. The files that install Jest Ransomware on your computer might look like something you receive every single day, and it might be challenging to tell these dangerous files apart from something legitimate.

The best way to tell whether you are being targeted by a malware infection is to ask yourself whether you’ve been looking forward to this document. Do you know the sender? Is this something you really have to open? If you can’t tell whether the sender is for real or not, employ a licensed security tool to scan the received files before opening them. This way, you will definitely be able to stop Jest Ransomware from entering your system.

What does Jest Ransomware do?

On the other hand, you probably wouldn’t be reading this description if you didn’t have this ransomware program on your PC already. If that’s the case, you must have noticed that added the “.jest” extension to all the files it encrypted. That’s a bit like a stamp that allows you to know what tampered with your files. Of course, it doesn’t help much because this program doesn’t have a public decryption tool.

Your best bet in this situation is a file backup. If you have one, you can just remove Jest Ransomware from your system, and then delete the encrypted files. From there, you can transfer the healthy copies back into your system. Needless to say, you should ignore this ransom note that Jest Ransomware drops in your system:

Your important files are encrypted.
Many of your documents, photos, videos, databases and other files are no longer accessible because they have been encrypted. Maybe you are
busy looking for a way to recover your files, but do not waste your time. Nobody can recover your files without our decryption service.

The note goes on to say how you are supposed to contact these criminals, and that you need to pay 0.3 BTC for the decryption. FYI, that’s more than 2300 USD, so it’s no small amount of money. You shouldn’t just rake it out of your pocket and give it away to these criminals. Instead, it would be for the best to remove Jest Ransomware today.

How do I remove Jest Ransomware?

You can find the manual removal instructions for Jest Ransomware right at the bottom of this entry. Although if you think that manual removal is too complicated, feel free to invest in a licensed antispyware tool that will help you terminate Jest Ransomware and many other infections.

As for your files, if you do not have a file backup, it would be recommended to address a local professional who would tell you more about potential file recovery options. But please don’t forget that sometimes you have to start building your file library anew. That’s how dangerous a ransomware infection is. So, never overlook the prevention measures.

Manual Jest Ransomware Removal

  1. Remove the file that launched the infection.
  2. Press Win+R and enter regedit. Press OK.
  3. Open HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run.
  4. On the right, right-click and delete the VYCWMR value that points to ProgramData.
  5. Press Win+R again and type %ALLUSERSPROFILE%. Click OK.
  6. Delete these files from the directory:
    1.bmp
    ransomware.exe
    chk.dat
    encryptedfiles.eco
    MSWINSCK.OCX
    note.ini
    recover.exe
    rps.exe
  7. Remove Decryption Note.lnk from Desktop.
  8. Use SpyHunter to run a full system scan. 100% FREE spyware scan and
    tested removal of Jest Ransomware*
Disclaimer
Disclaimer
Trojans

Leave a Comment

Enter the numbers in the box to the right *