What is CommonRansom Ransomware?
CommonRansom is a typical ransomware virus and if you are not familiar with such type of malware, you should know that this is a dangerous virus that encrypts data on the infected computer and then demands a ransom. Although the ransom amount is not large = 0.1 BTC (~ $625.38), we still advise you not to pay them. The point is, a lot of people fall into the trap of this type of scam. There are a lot of cases where cybercriminals do not help their victims, even if they pay up. Remember, you are up against fraudsters so nobody will give any guarantees that they will fulfill their commitments. Hence, there is a high risk of being left without decryptor and money. Instead, you may try using this guide to remove CommonRansom Ransomware and decrypt .CommonRansom files without spending any money.
The principle of work of the ransomware is always the same – to encrypt files and then to require payment. CommonRansom Ransomware encodes users’ personal files using AES encryption algorithm. As a result, each infected file will be renamed and appended with “.[email].CommonRansom” extension. At this time, it uses .[old@nuke.africa].CommonRansom extension. For example, file “myfamily.jpg” will turn into “myfamily.jpg.[old@nuke.africa].CommonRansom”. Once all the data is encrypted, the ransomware creates DECRYPTING.txt file, where the user may find the demands of criminals:
===CommonRansom===
Hello dear friend,
Your files were encrypted!
You have only 12 hours to decrypt it
In case of no answer our team will delete your decryption password
Write back to our e-mail: old@nuke.africa
In your message you have to write:
1. This ID-345678901234567
2. [IP_ADDRESS]:PORT(rdp) of infected machine
3. Username:Password with admin rights
4. Time when you have paid 0.1 btc to this bitcoin wallet:
35M1ZJhTaTi4iduUfZeNA75iByjoQ9ibgF
After payment our team will decrypt your files immediatly
Free decryption as guarantee:
1. File must be less than 10MB
2. Only .txt or .lnk files, no databases
3. Only 5 files
How to obtain bitcoin:
The easiest way to buy bitcoins is LocalBitcoins site. You have to register, click ‘Buy bitcoins’, and select the seller by payment method and price.
https://localbitcoins.com/buy_bitcoins
Also you can find other places to buy Bitcoins and beginners guide here:
http://www.coindesk.com/information/how-can-i-buy-bitcoins/
Although CommonRansom is a really dangerous virus, you still have a good chance to get your files back. Before deciphering, you should first stay focused on removing CommonRansom Ransomware to avoid re-infection. Once CommonRansom Ransomware is removed, you can proceed with decryption. Both automatic and manual solution is presented here that we hope will help you remove CommonRansom Ransomware and recover your files.
How CommonRansom ransomware gets on your PC?
This type of virus can be infiltrated through several methods, including freeware software, spam messages, trojans, software from dangerous sources, etc. A process of installation can start hidden and automatically. Besides that, some malware programs can mark CommonRansom Ransomware as a trusted software program.
How to remove CommonRansom ransomware automatically?
To make sure that the ransomware won’t reappear, you need to delete CommonRansom ransomware completely. For this, you need to remove the files and registry entries of the ransomware. We should warn you that performing some of the steps may require above-average skills, so if you don’t feel experienced enough, you may apply to the automatic removal tool.
Performing an antimalware scan with Norton would automatically search out and delete all elements related to CommonRansom ransomware. It is not only the easiest way to eliminate CommonRansom ransomware but also the safest and the most assuring one.
How to decrypt .[old@nuke.africa].CommonRansom files
Restore files with Stellar Data Recovery
Stellar Data Recovery is an essential tool in the fight against ransomware-type viruses that can recover encrypted files.
- Download Stellar Data Recovery and launch it
- Select the drive you want to recover and click START SCAN
- After scanning is finished, you are presented with a list of recoverable files found.
- Select the required files and click the Recover
Decrypt files using our decryption service
You may try using our own service for decrypting files compromised by ransomware-type viruses. The analysis of data takes 3-5 days, after which, we will let you know whether it’s decryptable or not. Note: the service is paid, payment is charged only for decryption, the analysis is free. In order to use our service, you should fill out the form listed below.
Also, please add a log file, created on your PC:
- Click “Start” and type: “cmd.exe” in the search box
- Right-click “cmd.exe” and select “Run as administrator“
- In command line, type or copy/paste following: dir C:\ /a/s > “%userprofile%\dirc.log”
- Find and attach the created “%userprofile%\dirc.log” file to the web form
Please attach encrypted text files according to the following conditions:
- number of files should not exceed 4;
- file size is not more than 8 megabytes;
- files must be from different folders;
- files must be unique.
Restore the system
- Initiate the search for system restore
- Click on the result
- Choose the date before the infection appearance
- Follow the on-screen instructions
Roll the files back to the previous version
- Right-click the file and choose Properties
- Open the Previous Version tab
- Select the latest version and click Copy
- Click Restore
If the above-mentioned methods didn’t help in eliminating the threat, then it’s better to rely on an automatic way of deleting CommonRansom Ransomware.
How to prevent ransomware infection
To prevent infection with ransomware-type viruses, you should have proper antimalware software. This method is convenient because it allows you to detect a virus before it penetrates, and therefore to avoid infection and the loss of all your data. It is capable of protecting not only home computers but also server systems in large organizations. Download antimalware program to secure your system and privacy.