Silenced Ransomware

What is Silenced Ransomware?

Ransomware is extremely dangerous because it can cause irreversible damage to your personal files. This is why Silenced Ransomware must be taken seriously. According to Anti-Spyware-101.com research team, this infection was not active at the time of analysis, but that is because it was not fully complete yet. That means that this malicious threat was caught before it was executed, and that is a rare luxury. That gives us all time to prepare, and you need to do your part as well. It is most important that you install all updates that you might have postponed in the past because you want to make sure that no vulnerabilities can be exploited by attackers silently. You also need to be more vigilant about spam emails, fake security warnings, and third parties trying to connect to your system remotely. If you are cautious, our hope is that you can evade all ransomware infections. If it is too late, you need to think about removal, and the tips presented in this report should help you delete Silenced Ransomware.

How does Silenced Ransomware work?

Silenced Ransomware is similar to Nemty Ransomware, Dragon Ransomware, Masodas Ransomware, and many other malicious file-encryptors. They all serve the same purpose, which is to make your personal files unreadable. If they succeed, the attackers behind them can make ridiculous demands. The malicious Silenced Ransomware is set to encrypt files in %USERPROFILE%\Desktop, %USERPROFILE%\Documents, %USERPROFILE%\Music, and %USERPROFILE%\Pictures folders, and after it encrypts them, you should find the “.try” extension appended to their names. When files are encrypted, the data is changed within, and it cannot be restored back to normal, unless a decryptor exists. Theoretically, the attackers should have the decryptor, but we cannot guarantee that you would be able to obtain it, even if you fulfilled the demands. Based on our research, these demands are made using an image file that replaces the set background wallpaper. This image displays an image of a cartoon character as well as a quick message. It is up to you what you do with it, but we do not recommend paying close attention to it.

Are you familiar with the Bitcoin cryptocurrency? That is the currency that you would have to pay the ransom in return for the Silenced Ransomware decryptor if you decided to take the risk. According to the ransom note we obtained during research, the attackers should demand 0.05 BTC (~$500-550) to be paid to a unique Bitcoin Wallet, and then they would ask you to send a confirmation to a specific email address. Interacting with cybercriminals is always risky because they could expose you to malicious files and scams. Furthermore, that could happen later on, when you least expect it. So, if you are thinking about sending the attackers a message, at least create a new email account, one that you could remove afterward. When it comes to paying the ransom, we cannot recommend taking this step because we doubt that the decryptor would be offered to you in return. Sure, the attackers promise to make the exchange, but can you really trust them?

How to delete Silenced Ransomware

The manual removal of Silenced Ransomware can be complicated or even impossible. That depends on your level of experience. Although the threat does not consist of multiple different components, it can terminate cmd, processhacker, regedit, and taskmgr processes, and if you cannot use the Registry Editor, you might be unable to delete a Run registry value set by the infection. If you decide that the manual removal path is not for you, you might want to install an anti-malware program. If it is legitimate and versatile, it will have no trouble deleting Silenced Ransomware automatically. Even better, it will have no trouble securing your operating system, which is extremely important if you want to make sure that new threats cannot invade and corrupt your personal files again and again. Speaking of personal files, it is important to create backups outside the original location to ensure that you have replacements in case something goes wrong. Remember that ransomware is not the only kind of malware that can affect your files. You could also delete them by accident, and your computer could be stolen.

Removal Guide

1. Delete the launcher of the infection (name/location unknown).
2. Launch Windows Explorer by tapping keys Win+E at the same time.
3. Enter %APPDATA%\Microsoft\Windows\Start Menu\Programs\Startup\ into the field at the top.
4. Right-click and Delete the malicious file (in our case, it was named windows update.exe).
5. Launch Run by tapping Win+R keys at the same time and enter regedit into the dialog.
6. In Registry Editor, go to HKCU\Software\Microsoft\Windows\CurrentVersion\Run.
7. Right-click and Delete the malicious value (in our case, it was named windows update and it pointed to the malicious .exe file in %APPDATA%\Microsoft\Windows\Start Menu\Programs\Startup\).
8. Close all windows and then Empty Recycle Bin.
9. Install a legitimate malware scanner and then perform a full system scan. Download Removal Tool100% FREE spyware scan and
   tested removal of Silenced Ransomware*