Kill Jeeperscrypt Ransomware

What is Kill Jeeperscrypt Ransomware?

Kill Jeeperscrypt Ransomware is one of the recently created file-encrypting applications. What makes it rather unique is that the malware seems to be targeted only at users who speak the Portuguese language. The infection’s developers ask to make a payment of 0.02 Bitcoins or approximately 30 US dollars. The sum might look insignificant, and yet our researchers at Anti-spyware-101.com advise against paying it. That is because there are other ways to unlock the damaged files without spending any money. We will list the available options further in the article, so if you want to learn how to get your files back, you should read the rest of our report. At the end of the text we will add deletion instructions too, so you would know how to get rid of Kill Jeeperscrypt Ransomware manually.

How does Kill Jeeperscrypt Ransomware work?

Like most of the ransomware applications, Kill Jeeperscrypt Ransomware is after user’s private files. This is why it may lock files in the C:\Users\User\Desktop, C:\Users\User\Pictures, C:\Users\User\Music, and C:\Users\User\Videos folders. Besides files on your C: disk, the threat could also encrypt various private documents, photographs, pictures, and other valuable files located on D: disk. Then it may open a pop-up window called after the malware. The pop-up contains instructions written in Portuguese and telling you how to purchase a decryption key to unlock all damaged files, bus as it was mentioned earlier it could be a waste of your money.

Apparently, the malicious program was written in .NET framework language. Since the threat’s creators did not bother to obfuscate their code, our specialists were able to read it and find out more information about Kill Jeeperscrypt Ransomware. This is how we learned the infection might not store the decryption key users are supposed to purchase on a secret server or somewhere else outside the affected device because our specialists were able to find it in the malware’s code. What is interesting is that the threat creates a single decryption key, which can be used by any user who infected his device with the same malicious program.

The sample we researched provided the following decryption key Y29uaGVjaW1lbnRvIG5hbyBlIGNyaW1lIGNyaW1lIHNlciBidXJybyBlIGJhaXhhciBxdWFscXVlciBtZXJkYSBuYSBpbnRlcm5ldCBhY2hhbmRvIHF1ZSB2YWkgc2UgDQpkYXIgYmVtIGlzc28gZSBwcmEgdm9jZXMgYXByZW5kZXIgYSBuYW8gYmFpeGFyIG1haXMgbWVyZGEgbmEgaW50ZXJuZXQgc2V1cyBvdGFyaW9z. If Kill Jeeperscrypt Ransomware gets updated this key may no longer work; thus, we cannot guarantee it will work for everyone. The only way to find out is probably to just insert it into the given box and click the Desencriptar button. Files that were locked should be marked with .jeepers extension (e.g. panda.jpg.jeepers), so its disappearance might mean the decryption was successful or you could simply try to open such data.

Another way to get your data back is to use decryption software. This tool was created by volunteers, so it should be available for anyone to download. If the decryption key does not work, you could search for this tool instead. However, you should concentrate not only on restoring the encrypted data but also on how to clean your system from this malicious program.

How to get rid of Kill Jeeperscrypt Ransomware?

To eliminate Kill Jeeperscrypt Ransomware manually, users should kill its process to stop it from running and remove the malicious program’s installer. Since you probably downloaded and launched it yourself, you should look for any suspicious recently downloaded files. If it sounds a little bit complicated take a look at the instructions added below this paragraph. On the other hand, if deleting the infection manually appears to be too difficult, you could acquire a legitimate antimalware tool instead to use its automatic features. The best part is that while doing so, you could erase both the ransomware and other possible threats. Besides, the tool would strengthen the system as it could guard it against future threats as well.

Remove Kill Jeeperscrypt Ransomware from the system

1. Use this combination Ctrl+Alt+Delete to launch the Task Manager.
2. Click the Processes tab and locate a suspicious process belonging to the malware.
3. Select it and press the End Task button.
4. Exit the Task Manager and click Win+E to open the File Explorer.
5. Check the following locations: %TEMP%, %USERPROFILE%\desktop, %USERPROFILE%\downloads
6. Search for the malicious program’s launcher.
7. Select the doubtful file and press Shift+Delete.
8. Close the File Explorer.
9. Then restart the system. Download Removal Tool100% FREE spyware scan and
   tested removal of Kill Jeeperscrypt Ransomware*