AnonPop Ransomware (supportfile@yandex.com) Removal Guide

AnonPop ransomware is a malicious program, belonging to the category of win-lockers. The virus was developed to make proceeds by forcing users to pay a ransom. It locks most of the files on the victim’s computer and displays a pop-up window on his screen. There is a text version of the same message. It is titled Payment_Instructions.txt. AnonPop ransomware places it on the desktop. This kind of message is called a ransom note. The notification explains what your situation is. It gives instructions on how to conduct the payment. The graphic also pictures the Guy Fawkes mask. AnonPop ransomware encrypts documents, databases, archives, images, audio, video and other file types. To give you a better idea of the win-locker’s penetration capability, we will list some of the most common file types it infects. This includes .doc, .docx, .txt, .pdf, .odt, .mdb, .db, .zip, .rar, .wps, .srf, .ai, .xls, .xlsx, .ppt, .pptx, .asp, .aspx, .dmp, .exif, .mp3, .wav, .wma, .mid, .flac, .ogg, .sql, .raw, .qic, .lnk, .reg, .wsc, .iff, .sln, .exe, .bkp, .pfx, .jpg, .jpeg, .gif, .png, .bmp, .tif, .tiff, .psd, .js, .m3u, .m4a, .bin, .ini, .vb, .crw, .csv, .bat, .eps, .avi, .mkv, .wmv, .mp4, .mpg, .mpeg, .mov, .xml, .bdf, .arw, .ps1, .html, .dll, .sys, .sct, .dat and others. The ransom note elaborates that the program has crypted your files and moved them to a hidden encrypted partition on your computer. It states that the only way to recover your data is with a unique decryption key.

AnonPop ransomware travels within spam e-mails. Research has revealed that the source e-mail for the clandestine program is the same in every case. The subject of the bogus message is: “The Office of The Attorney General Complaint”. The account compl.dept@outlook.com has been cited as the address of the unreliable sender. AnonPop ransomware targets firms in most cases. The letter notifies the recipient that a complaint has been filed against his business. It informs him that he can file a rebuttal within 10 days. The message states that you have to give a response. A link to an enclosed copy of the complaint is provided in the e-mail. The name of the file is complaint376878.pdf. If you are not a business owner, you would consider the message a mistake and ignore it. In all likelihood, the distributors of AnonPop ransomware do not send messages at random. Finding the official e-mail address of a company is easy. The concept of the message is well thought out. Spam e-mails are often on a random topic. In this case, the sender addresses a precise matter which is in fact relevant to you. This could mislead you to access the file. To avoid elaborate schemes, check the e-mail address. Spam letters come from fake accounts.

AnonPop Ransomware (supportfile@yandex.com)
Download Removal Tool for AnonPop Ransomware (supportfile@yandex.com)

AnonPop ransomware does not introduce itself with a given name. Security specialists have assigned a name to the virus for identification purposes. It comes from a process the program runs which appears as anonpop in the task manager. The developers of AnonPop ransomware have decided to assign an ID number to each user for the same reason. They have provided their bitcoin address in the ransom note. This is all the information you need to conduct the payment. The ransom is $125 USD within 24 hours after the encryption. Then it becomes $199 USD. Users have only 72 hours to perform the transaction. The hackers threaten to delete all your files and your entire operating system if you refuse to pay them. For any inquiries, the user can contact them per e-mail. Their address is supportfile@yandex.com. The cyber criminals have chosen to receive ransoms through the bitcoin cryptocurrency because it protects their anonymity. AnonPop ransomware performs a task which is uncharacteristic of other win-lockers. Through an executable, the virus logs off other users within 60 seconds. It displays a brief ransom note and informs the user he is about to be logged off. This helps prevent intervention from admin accounts and further plays with the victim’s psyche. Be advised that you cannot trust cyber criminals. They may not complete their end of the deal. You would have no one to turn to in this event.

The best of course of action is to delete AnonPop ransomware on your own. You can uninstall the virus with the help of a professional AV program. There is a removal guide below to assist you. Research has revealed that AnonPop ransomware does not delete shadow volume copies. If you have a backup, you can recover your files. A tool called Shadow Explorer may be useful: shadowexplorer.com/downloads.

AnonPop Ransomware (supportfile@yandex.com) Removal Instructions

Windows 8

1. Navigate to the Start menu and click on the Windows key.
2. Open the web browser.
3. Type: http://www.xp-vista.com/download-instructions in the search bar of your web browser.
4. Download SpyHunter and install it on your PC.
5. Scan the system with the antimalware tool and erase any infected files and viruses.

Windows Vista and Windows 7

1. Reboot your PC computer and press the F8 key.
2. Go to Windows Advanced Options and select Safe Mode with Networking, press Enter.
3. Type: http://www.xp-vista.com/download-instructions in the search bar of your web browser.
4. Download SpyHunter and install it on your PC.
5. Scan the system with the antimalware application and erase any infected files and viruses.

Windows XP

1. Reboot your PC and press the F8 key.
2. Go to Windows Advanced Options and select Safe Mode with Networking, press Enter.
3. Type: http://www.xp-vista.com/download-instructions in the search bar of your web browser.
4. Download SpyHunter and install it on the computer.
5. Scan your system with the antimalware tool and delete any infected files and viruses.
6. Go to the Start Menu and then click Run.
7. Type “msconfig” in the search bar and click OK.
8. In the System Configuration Utility go to the “Startup” tab and select the option “Disable All”.
9. Press OK and reboot your PC.

By

Speak Your Mind

*