Zobm Ransomware

What is Zobm Ransomware?

When you discover that your personal files cannot be opened normally, you might automatically think that a system error has occurred, but Zobm Ransomware might be to blame for that. This infection is clandestine at first, and it might be dropped by other infections or slither in using an unpatched vulnerability. Users could be tricked into letting it in by opening spam email attachments or downloading files from unreliable websites too. If the threat manages to remain undetected, it can silently encrypt files, which means that the data is changed. The “.zobm” extension is also added to the names of the encrypted documents, photos, and other types of personal files to help you spot them quickly. At this point, you might still think that some error has occurred, and you might even try to remove the added extension. Soon after, the infection reveals itself so that demands could be made, and it is too late to delete Zobm Ransomware to prevent file damage.

How does Zobm Ransomware work?

Just like Grod Ransomware, Mbed Ransomware, Nakw Ransomware, and hundreds of other threats, Zobm Ransomware was built using the STOP Ransomware source code. Unfortunately, this malware is pretty powerful, and the damage caused by it can be extensive. Personal files, as you can agree, are the most important files, and if they are deleted, stolen, or corrupted, the loss is unfathomable. This is why it is so important to have a copy – or two – for every file that you do not want to lose. It is easiest to create copies of files by backing them up online. There are plenty of cloud storage services to choose from, and you can even find free ones. Alternatively, external hard drives can be used to store backups. It is most important that backup copies are stored away from the original files because you do not want to have both versions corrupted. This is one of the reasons Anti-Spyware-101.com researchers do not recommend using internal backups or relying on system restore features. Hopefully, you have backups right now, and you can focus on removing Zobm Ransomware.

If you do not have backups, you should find a free decryptor for STOP Ransomware. At least one tool exists, but it is not always effective. First of all, it decrypts files that were encrypted with an offline encryption key only. Second, new versions of this malware emerge constantly, and when you need to use the free decryptor, it might not be updated yet. The creator of Zobm Ransomware relies on your inability to restore or replace personal files because that is the only way they can force you into paying a ransom. Using the file named “_readme.txt,” they inform you that you must pay a ransom of $980 (or $490 in the first three days) to obtain a decryptor that, allegedly, would help you restore your files. Before you can even take this risk, you are meant to email datarestorehelp@firemail.cc or datahelp@iran.ir, and that is a huge risk also. If you contact the attackers, they could try to scam you and flood you with new spam emails. If you pay the ransom, you are likely to end up wasting money. Of course, the attackers suggest that a decryptor would come your way after the payment, but Zobm Ransomware was not created by people you can trust. Of course, it is up to you to decide what kinds of risks you want to take.

How to delete Zobm Ransomware

We suggest that you do not pay the ransomware in return for the Zobm Ransomware decryptor because it is unlikely that you would get it anyway. Keep your money to yourself, and, if you want to, invest a small part of it into your virtual security. We recommend investing in a legitimate anti-malware program that could reliably protect your operating system against ransomware and other types of malware. This program could remove Zobm Ransomware automatically, making cleanup quick and easy. Another option is to delete the infection manually but since we cannot point you to the launcher (its location could be random), we suggest this option only to those Windows users who have previous experience with malware.

Removal Instructions

1. If you can locate the launcher of the infection, Delete it.
2. Move to the %HOMEDRIVE% directory (tap Win+E keys and enter into the Explorer bar).
3. Delete a folder called SystemID and then a file named _readme.txt.
4. Move to the %LOCALAPPDATA% directory.
5. Delete the folder that contains malware files. The folder has a random, long name.
6. Empty Recycle Bin and then use a malware scanner to check for leftovers. Download Removal Tool100% FREE spyware scan and
   tested removal of Zobm Ransomware*