Faizal Ransomware Removal Guide

Do you know what Faizal Ransomware is?

Faizal Ransomware is a computer infection targeting Indonesian-speaking computer users. Although it is based on the source code of Hidden Tear, an open-source ransomware infection created for educational purposes, it seems that it has been developed by amateurs because it is far from sophisticated ransomware-type threats our team of experienced specialists encounters from time to time. It might not even work very well. Either way, Faizal Ransomware is still a dangerous infection because it enters your computer with the intention of locking the personal data. All ransomware infections share the same goal – they seek to extract money from users. They know that people are not going to let go of their money easily, so these infections give them the reason to pay money. Users are told that they will get the key to decrypt their files only if they pay a ransom. You are the one who can make a final decision, but you should first try other decryption methods before going to make a payment to cyber criminals behind Faizal Ransomware. If none of your important files have been encrypted, it would be smart to leave them as they are and just remove Faizal Ransomware from the system so that it could not strike again.

No matter you live in Indonesia or somewhere on the other side of the world, your files will all be encrypted right after the entrance of Faizal Ransomware. It targets the most valuable files, so there is basically no doubt that you will find your images, documents, videos, and music files all encrypted. It will become clear immediately which of the files stored on the computer have been encrypted by Faizal Ransomware – they will get a new filename extension .gembok. The old one will not disappear too, so you will definitely notice them. To tell users what has happened to their files and how they can change that, this malicious application drops a file PENTING !!!.Htm on Desktop. It is a ransom note of Faizal Ransomware. It tells users in Indonesian that their files and documents have been locked, and they could gain access to those files only if they send a code of a voucher worth of Rp 100.000. This code needs to be sent to leprogrames777@gmail.com. Users should receive an answer with a decryption key from this email too, but, as you already know, there are no guarantees that cyber criminals will really send the tool to users. Before you send the voucher code, you should try out all alternative decryption methods. For example, if you have ever backed up your files, you might be able to recover the encrypted data from a backup.

Needless to say, users do not download and install Faizal Ransomware willingly on their computers. As research carried out by our experienced specialists has shown, people are usually tricked into doing that. For example, they might allow this ransomware infection to enter their computers by clicking on the Download button to get useful software from a third-party website. Additionally, cyber criminals might employ the good old method to spread this threat – they might use spam emails. The malicious file travels in the place of an email attachment, and, of course, it goes without saying that users are not told about that. They do not always understand that they have allowed malware to enter their computers after opening a malicious spam email attachment too. Of course, without a doubt, they notice a bunch of encrypted files soon.

You cannot crack the AES encryption used by Faizal Ransomware easily and thus decrypt your files, but you can uninstall this ransomware infection from your PC quite easily. Your one and only job is to find a malicious file downloaded recently and then remove it. Instructions provided below this article should help you, but if you cannot find a suspicious file anywhere, scan your computer with an automatic malware remover.

Delete Faizal Ransomware

  1. Open the Windows Explorer (tap Win+E).
  2. Type %USERPROFILE%\Downloads at the top and look for a suspicious file.
  3. Delete it.
  4. Check %USERPROFILE%\Desktop and remove suspicious files too.
  5. Clean the Trash bin.

In non-techie terms:

It does not mean that your computer is perfectly clean now if you have managed to delete Faizal Ransomware from your system manually. Other infections could have entered the system together with it too. Threats which have been actively working on your computer for a long time might be present too – they might be responsible for the entrance of Faizal Ransomware. It is not an easy task to find and erase all those infections manually, so the full system scan with a reputable tool is highly recommended.