Do you know what Basecrypt@aol.com Ransomware is?
Basecrypt@aol.com Ransomware is a regular computer infection that intends to encrypt your files and then push you into paying the ransom. Needless to say, you should never pay a single cent to these criminals. Although this program can seriously encrypt your files, there should always be other options. Not to mention that there is never a guarantee that these criminals would issue the decryption key even if you do pay. Hence, remove Basecrypt@aol.com Ransomware from your computer, and then look for ways to restore your files. If you feel lost, do not hesitate to address a professional.
This infection probably reached your computer through spam. We do not think much about spam and phishing emails that land in our inboxes every single day. For the most part, those spam emails get filtered into your Junk folder. However, it is also possible for a spear-phishing attack to reach your main inbox, too. The problem here is that these phishing emails often look like the real deal. They may even have logos from reputable companies, and they will have attachments that look like real documents. To view those documents, you will often have to “enable content.”
This is usually where users enable macros (in the case the ransomware installer file poses as an MS office document), and the main payload is downloaded onto the target system. So, you clearly download Basecrypt@aol.com Ransomware onto your PC willingly, although you are not aware of that. To avoid such dangerous infections, you have to be careful about the emails you open and the attachments you download. Of course, sometimes it is hard to say whether the content is reliable or not, but if you are in doubt, you can scan the downloaded files with a security tool before opening them.Basecrypt@aol.com Ransomware screenshot
Scroll down for full removal instructions
As far as the origins of this infection are concerned, our research lab team says that it is another version of Crysis or Dharma Ransomware. We have covered a lot of similar programs before. Karlosdecrypt@outlook.com Ransomware, audit24@qq.com Ransomware, admin@decryption.biz Ransomware, and many other programs are based on the same malicious code. It means that they employ similar distribution methods, and they exhibit similar behavioral patterns. However, we cannot apply the same decryption tool across different infections, and that is unfortunate. Although there is a bigger chance that a public decryption tool will be available for Basecrypt@aol.com Ransomware, seeing how it comes from a prominent ransomware family.
Upon the installation, this program scans the affected system. This way, it locates all the files it is coded to encrypt. You can be sure that most of the files in the %USERPROFILE% directory will be affected by the encryption. The affected files will also have an additional extension added to their filenames. This extension will contain the infection ID that is different for every single affected user. You will also see the same ID in the ransom note that Basecrypt@aol.com Ransomware drops on your Desktop. Supposedly, you need to use that ID when you contact the criminals. Here’s what they say about it:
All FILES ENCRYPTED "RSA1024"
All YOUR FILES HAVE BEEN ENCRYPTED!!! IF YOU WANT TO RESTORE THEM, WRITE US TO THE E-MAIL basecrypt@aol.com
IN THE LETTER WRITE YOUR ID, YOUR ID B4500913
IF YOU ARE NOT ANSWERED, WRITE TO EMAIL:basecrypt@aol.com
YOUR SECRET KEY WILL BE STORED ON A SERVER 7 DAYS, AFTER 7 DAYS IT MAY BE OVERWRITTEN BY OTHER KEYS, DON'T PULL TIME, WAITING YOUR EMAIL
Unfortunately, we don’t know how much the people behind Basecrypt@aol.com Ransomware expect to receive from you for the decryption key. But when the ransom amount is not indicated, it is very easy for these criminals to ask users for different amounts.
Again, you should NEVER pay the ransom. Just remove Basecrypt@aol.com Ransomware from your computer, and then invest in a legitimate security tool that would protect your system from harm. As for your files, if you have copies of your data saved on a cloud drive or an external hard drive, you can simply switch the encrypted files with the healthy ones. We do realize that not everyone is that lucky, but if you go through all of your options, we’re sure you will find some ways to get at least some of your files back.
How to Remove Basecrypt@aol.com Ransomware
- Press Win+E to open Windows Explorer.
- Enter the following directories in the address bar and remove the Info.hta file from them:
%APPDATA%\Microsoft\Windows\Start Menu\Programs\Startup\
%ALLUSERSPROFILE%\Microsoft\Windows\Start Menu\Programs\Startup\
%ALLUSERSPROFILE%\Application Data\Microsoft\Windows\Start Menu\Programs\Startup\
%WINDIR%\System32\
%APPDATA%\ - Press Win+R and the Run prompt will open.
- Type regedit into the Open box and click OK.
- On the right side, delete the values with the Info.hta file in its path from this key:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run - In the same key, find a random EXE file value and delete it.
- Remove the same random EXE file from these directories:
%WINDIR%\System32\
%APPDATA%\Microsoft\Windows\Start Menu\Programs\Startup\
%ALLUSERSPROFILE%\Microsoft\Windows\Start Menu\Programs\Startup\
%ALLUSERSPROFILE%\Application Data\Microsoft\Windows\Start Menu\Programs\Startup\ - Use SpyHunter to run a full system scan.
In non-techie terms:
Basecrypt@aol.com Ransomware might not seem like a very dangerous infection, but this program can easily encrypt your files, thus blocking you from accessing your data. Please do yourself a favor and remove Basecrypt@aol.com Ransomware from your computer as soon as possible. Also, you have to employ multiple security measures to protect yourself and your information from a ransomware infection in the future. Should you have more questions, feel free to leave us a comment.