What is StrutterGear Ransomware?
StrutterGear Ransomware seems to be a dangerous malicious threat in progress so it may not spread too widely just yet. Still, it is important for us to report what we have found out about this malicious program that could be your next nightmare once it is finished. Our malware specialists at anti-spyware-101.com say that this new threat is a new variant of the infamous Jigsaw Ransomware. We have seen a few infections rise from this malware, including Anonymous Ransomware and Payms Ransomware. Although this new version has all the capabilities of the original ransomware, right now it does not seem to encrypt any of your files. This means that you do not need to panic because whatever the rather obscene ransom note say may only describe a future version. So you can forget about paying hundreds of dollars for the decryption key. But even if this ransomware does not harm your files, you cannot leave this attack unaddressed. We recommend that you remove StrutterGear Ransomware ASAP if you do not want to risk any further security issues related to this threat.
Where does StrutterGear Ransomware come from?
Since this is most likely only a trial version, we cannot really be sure how it is spread. There are obviously two possible channels, which we will share with you now so that you can possible avoid the next malicious attack. First of all, it is quite possible that you infect your computer with this ransomware after you click on a spam e-mail and launch its attachment. This malware infection may spread as an attached file that could pose as an image, a video, a text document, or even a .zip archive. When you click to view this file, you practically activate this malicious attack. This means that it will be too late to delete StrutterGear Ransomware when you realize that it has hit you, because you cannot actually stop the encryption. The only way to save your files is to prevent such a ransomware program from entering your computer. You can either become more careful when it comes to opening your e-mails or install a trustworthy anti-malware program.
Your clicks do matter a lot and not only in the case of e-mails. You can, for example, easily end up on one of the malicious pages that are set up as a trap by cyber criminals using Exploit Kits. You may click on a corrupt link on a modified search results page presented by a browser hijacker or you may click on an unsafe third-party ad on a shady website (torrent, freeware, online gaming, or porn). One click and you can be redirected to such a malicious page that simply loads and drops this infection right away. Since this takes place without your knowledge, you definitely cannot nip this attack in the bud; not that you could anyway. In any case, you should keep all your browsers updated along with your Java and Flash drivers so that cyber criminals cannot take advantage of older security holes and drop infections.
How does StrutterGear Ransomware work?
When you run the downloaded malicious file, it makes a copy of itself as “StrutterGear.exe” in the %APPDATA% folder. It also creates a folder on your desktop called "FileSystemSimulation" and adds two files: “NotTxtTest.nottxt” and “TxtTest.txt.” Instead of targeting your most precious files, this infection simply encrypts the “TxtTest.txt” and appends the extension “.tax” to its original name. After 60 seconds, this ransomware deletes the file. Yet another file called “Address.txt” is created on your desktop, which seems to contain the Bitcoin wallet address you are supposed to use to transfer the ransom fee.
Once the supposed and claimed damage is done, the ransom note window covers your screen. This note is quite unique because of its tone, which is rather obscene using slang. You are threatened that more and more of your files will be deleted irrevocably as time passes unless you pay At least $500 worth of Bitcoins to the given address. But as we have mentioned, there is no need to worry unless you are infected with the finished version because this one does not touch your files at all. All you need to do is remove StrutterGear Ransomware as soon as possible. So here is what you can do.
How can I delete StrutterGear Ransomware?
If you want to put an end to this almost-dangerous threat, first you need to kill the malicious process via Task Manager. Then, you can delete the related files. If you need help with this, please follow our guide below this article. Hopefully, you understand now why it is so vital that you try to prevent such attacks from happening instead of cleaning up the mess after them. If you do not feel skilled enough, we suggest that you start using a proper anti-malware program, such as SpyHunter.
How to remove StrutterGear Ransomware from Windows
- Press Ctrl+Shift+Esc to launch the Task Manager.
- Find and select the malicious process. Press End task.
- Exit the Task Manager.
- Press Win+E.
- Delete the malicious file (“StrutterGear.exe”) from the %APPDATA% folder.
- Delete the malicious file you possibly saved from the spam.
- Remove the test folder called “FileSystemSimulation” and the "Address.txt" text file from the desktop.
- Empty your Recycle bin and restart your PC.
100% FREE spyware scan and
tested removal of StrutterGear Ransomware*
0 Comments.