Quakeway Ransomware Removal Guide

Do you know what Quakeway Ransomware is?

Quakeway Ransomware may infiltrate your system and pretend that it has encrypted your precious files. However, this malware infection does not really look like a real ransomware program. Our researchers say that this infection does not even seem to want to extort any money from you for the decryption key. It is another thing that this ransomware may not even encrypt your files. There could be a number of reasons for that. It is possible that the Command and Control server has been shut down, the malicious program is not finished, or any other technical reason. Although these crooks ask for no money, they want you to contact them by sending an e-mail in order for you to get the decryption key. However, we do not advise you to do that at all because these cyber criminals might send you a fake security program or other disguised malware infections. We recommend that you do not hesitate and remove Quakeway Ransomware immediately from your PC.

If you find out that this ransomware program has hit you, it is possible that you have recently opened a spam e-mail and launched its attachment. This ransomware may be disguised as a text document or image attached to a spam e-mail. You may believe that your spam filter can do a good job and weed out all the dangerous mails. However, the truth is that sometimes even authentic mails end up in your spam folder. Thus, it is quite likely that you would check this folder from time to time whether important mails have landed there. This is exactly what these criminals count on. Therefore, this spam has to look legitimate and relating to matters that you would definitely not ignore. These subjects are usually about an invoice you have allegedly forgotten to settle, a bank notification about suspicious transactions on your account, wrong credit card or banking details given while shopping online or booking something, and the like. It is quite likely that you would not delete such a mail right away without checking out its content. However, remember that once you save the attached file and run it, you activate this attack. You can only delete Quakeway Ransomware without losing your files because it may not take them hostage this time.

If your browsers and Java and Adobe Flash drivers are not often updated, you may also infect your system with this ransomware program if you get redirected to a malicious webpage that is armed with Exploit Kits. Landing on such a page means direct and immediate infection as soon as the page loads in your browser. All you need to do is click on an unsafe third-party ad or link and you could open a new tab or a new browser window with such a malicious page in it and there you go. You can avoid such attacks by always keeping your browsers and drivers up-to-date. Finally, it is also possible that you click on a misleading third-party advertisement that seems to be a download pop-up. You need to know that these pop-up ads are mostly bogus downloads that can severely damage your computer since you can easily drop a properly working ransomware, too, and lose all your files. No matter how you managed to infect your system, we recommend that you remove Quakeway Ransomware right now.

We cannot confirm what type of encryption algorithm this ransomware used to use to encrypt victims’ files since it does not seem to work anymore. It is likely though that it used to apply the AES-256 algorithm, which is used by most of the ransomware threats out there. This infection appends a “.org” extension to your encrypted files if or when it works. This malicious program drops a text file called “__iWasHere.txt” on your system that is indeed the ransom note. This note tells you in broken English that your files have been encrypted and in order for you to be able to restore normal operations on your computer, you have to send an e-mail to “quakeway@mail.ru”, which helps us understand more about the bad English in this note; the Russian e-mail address that is. This malicious attack definitely tells you that your system security requires some upgrade and you may consider saving backups from now on. All in all, we suggest that you remove Quakeway Ransomware from your system ASAP.

Finally, we can share with you the solution. In fact, it is not even that difficult to eliminate this ransomware since it does not block or lock anything on your system. So all you have to do is identify the related files and delete them all. Please follow our instructions below this article if you want to tackle this threat alone. However, if you want effective and automated protection that could safeguard your PC from future attacks, we recommend that you install a trustworthy anti-malware program like SpyHunter. Should you have any problems with regard to the removal of Quakeway Ransomware, please let us know by leaving a comment below.

Remove Quakeway Ransomware from Windows

  1. Tap Win+E and identify the malicious file you saved from the spam or in other ways.
  2. Bin this suspicious file and any other you may find in your download directory.
  3. Delete “__iWasHere.txt”, the ransom note. (It could be on your desktop.)
  4. Empty the Recycle Bin and reboot your system.

In non-techie terms:

Quakeway Ransomware is probably one of the least dangerous ransomware programs that is not even a real ransomware. In fact, its creators claim that it is not a ransomware since they do not want your money. Supposedly, these criminals only care about your safety and ask you to upgrade your security so that no such attacks can harm you in the future. How noble, right? Well, we do not believe that this is the right way to raise awareness about malicious attacks. Our researchers noticed that this ransomware may not even do any encryption any longer even if it used to take place. So all you need to do is remove Quakeway Ransomware right now because it could be dangerous to leave such a threat on your system. If you need a powerful tool to protect your PC, you can always install a decent anti-malware program.