Bass-fes Ransomware Removal Guide

Do you know what Bass-fes Ransomware is?

Bass-fes Ransomware may crawl onto your system without your noticing it and encrypt all your important files in no time. While this all sounds like a nightmare, our researchers believe that, in this case, you might even be able to recover your files without paying the huge ransom fee that almost reaches 10 thousand dollars this time. Since this malware program is a new variant based on the well-known Hidden Tear Ransomware, an open-source IT security project, it is quite possible that the existing decryption tools designed to decrypt its variants can also work for this new threat. Unfortunately, we cannot confirm this as yet. Hopefully, you have a backup of your most important files in cloud storage or on a removable hard disk, which you can use now to replace the encrypted files. But before you rush to copy your clean files back onto your hard disk, you should remove Bass-fes Ransomware from your PC immediately.

The most likely way for you to let this malware infection on board is by opening a spam e-mail. In fact, it is not enough to open this e-mail this time, although there are sophisticated threats that can trigger malicious scripts and infect you right away, you also need to save and run the attached file. Sometimes this malicious executable file is presented as a link to a file storage place in the body of the spam mail. When it appears as an attachment, it can look like a document, an image, a video, or even an archive. Once you click to execute this attachment, you may not realize right away that something is off. It may take some time for you to process that the document or image you are looking at is fake or not relating to you at all, or simply does not make any sense. However, by that time this infection will have encrypted all your important files so removing Bass-fes Ransomware will come at a price: You may lose all your files. This is why you need to be more alert when it comes to opening mails. Even if this time you may get lucky and you may be able to decrypt your files using an existing free tool, you may not be able to do so next time. Unfortunately, it is not always possible to decrypt all the files rendered unusable by ransomware threats.Bass-fes Ransomware Removal GuideBass-fes Ransomware screenshot
Scroll down for full removal instructions

This malware infection applies the AES encryption algorithm to encode your files, including your photos, videos, audios, documents, databases, and more. However, this threat only targets your default media folders, such as "%USERPROFILE%\Desktop," "%USERPROFILE%\Downloads," "%USERPROFILE%\Documents," "%USERPROFILE%\Pictures," "%USERPROFILE%\Music," and "%USERPROFILE%\Videos." So if you do not keep your files in these folders and their subfolders, you may just saved your files from encryption. The ransom note file is called "BASS File Encryption Service Notice.txt" and it is placed on your desktop.

This ransom note instructs you to transfer as much as 1 Bitcoin (around 9,821 USD at the time of writing) to "18Cgi9ADqH9NsG6zqW2xEh7w16dQM6Rvix" Bitcoin wallet address. After you make the transfer, you have to send an e-mail to "" along with your Bitcoin address. The problem is that you have no guarantee that these crooks will really send you the decryption key. Therefore, we advise you to delete Bass-fes Ransomware right now.

We have prepared and easy-to-follow guide for you below, which you can use to eliminate this threat. We need to warn you that this may be the most dangerous threat on your computer right now but possibly not the only one. Thus, you need to make sure that there is no infection left on board if you want to safely use your computer. You can try to manually identify all possible threats but we believe this is much more effective if you use a reliable anti-malware program like SpyHunter that can also automatically protect your PC against all known malware infections and potential threats.

Remove Bass-fes Ransomware from Windows

  1. Tap Win+E.
  2. Remove the malicious executable file that you have recently saved.
  3. Search your download folders for other possibly malicious files and delete them all.
  4. Delete the ransom note ("ASS File Encryption Service Notice.txt") from your desktop.
  5. Empty the Recycle Bin.
  6. Restart your computer.

In non-techie terms:

Bass-fes Ransomware can be a dangerous threat to your precious personal and media files because it can encrypt them in a very short time after sneaking onto your system. However, our researchers have found that this new threat is indeed a more or less identical copy of the good old Hidden Tear open-source ransomware. This means that since there may not be too many changes, you may be able to use a Hidden Tear decryption tool to restore your files. We do not claim that it is without risks to download and use such a tool; therefore, we advise you to find a friend or an IT professional who can help you with this. Yet, we cannot say that this will certainly recover all your files. It is best to have a backup that you can use now but only after you remove Bass-fes Ransomware from your system. If you would like to have perfect protection in your virtual world, you should install a reliable anti-malware program as soon as possible.