Rodentia Ransomware Removal Guide

Do you know what Rodentia Ransomware is?

Rodentia Ransomware shows a message saying: “Every hour some files will be deleted, bye bye, sayonara, adios.” Unfortunately, it looks like this could be true since it seems the malware comes from Jigsaw Ransomware family, and threats from it often erase victims’ data. To stop this process, the cybercriminals behind this threat demand to pay a ransom. Even though the sum is not large, we do not advise paying it if you do not want to risk losing it in vain. Also, we should mention that the malicious application’s warning may claim your files have been encrypted too, but our cybersecurity specialists say they did not notice the malware encrypting any data. Therefore, there might be no need to pay a ransom if your system gets infected with this malware. Instead, we advise eliminating it before it starts erasing your files. The removal guide placed below show how to get rid of Rodentia Ransomware manually, but it might be easier and safer to use a reliable antimalware tool.

It should be explained that Rodentia Ransomware could be distributed with various data one could receive or download while browsing. For instance, the malware could be traveling with email attachments. Therefore, we strongly recommend keeping away from attachments or links that come with Spam emails or from people you do not know. Besides, our computer security specialists advise against visiting P2P file-sharing web page and websites alike that may contain malicious installers, advertisements, etc. If you do obtain data from untrustworthy sources and wish to launch it, it would be best to scan it with an antimalware tool first. The scan might take a couple of moments, and once it is done, you will know whether it is safe or not to open suspicious files. On the other hand, if you accidentally launch malicious data, it might install threats on your computer without you being able to do anything about it to even noticing it.Rodentia Ransomware Removal GuideRodentia Ransomware screenshot
Scroll down for full removal instructions

Our researchers say it looks like Rodentia Ransomware was programmed to encrypt files and add .fucked extension to them and yet it did not do so while we were researching it. As mentioned at the beginning of the article, the malicious application opened a warning containing a ransom note. In it, hackers responsible for the malicious application demand to pay a ransom in 24 hours or else they claim they will start deleting user’s files. It is said that the more time passes the more files will get erased until there is nothing left. To stop this, the threat’s creators demand a payment of 20 US dollars that should be paid in Bitcoins. Needless to say, doing so could end up hazardously, and if your files were not encrypted, you should not waste your money and time. Instead, you could erase Rodentia Ransomware before 24 hours passes so it would not delete any files.

Deleting the malware manually is possible, although it could be difficult for some users. If you are not sure whether you can do it or not, we recommend checking the removal guide placed below. It shows how to locate the malicious application’s file and how to erase them step by step. If you do not think you can remove it yourself, we advise getting a reputable antimalware tool that could do all the work for you.

Erase Rodentia Ransomware

  1. Press Ctrl+Alt+Delete.
  2. Pick Task Manager and check the Processes tab.
  3. Locate a process belonging to the malware.
  4. Choose the process and click End Task.
  5. Exit Task Manager.
  6. Click Windows Key+E.
  7. Navigate to the suggested paths:
    %TEMP%
    %USERPROFILE%Desktop
    %USERPROFILE%Downloads
  8. Find a file opened when the device got infected, right-click the malicious file, and select Delete.
  9. Find these paths:
    %LOCALAPPDATA%\Drpbx
    %USERPROFILE%\Local Settings\Application Data\Drpbx
  10. Find files named Drpbx.exe.
  11. Right-click these files and choose Delete; do the same to Drpbx folders.
  12. Navigate to: %APPDATA%\Frfx
  13. Look for a file titled firefox.exe.
  14. Right-click them and choose Delete; do the same to Frfx folder.
  15. Locate this particular path: %APPDATA%
  16. Search for a folder called System32Work, right-click it, and select Delete.
  17. Exit File Explorer.
  18. Press Windows Key+R, type Regedit and choose OK.
  19. Navigate to this path: HKCU\Software\Microsoft\Windows\CurrentVersion\Run
  20. Look for a value name related to firefox.exe file that you erased from %APPDATA%\Frfx
  21. Right-click the malicious value name and press Delete.
  22. Close the Registry Editor.
  23. Empty Recycle bin.
  24. Restart the computer.

In non-techie terms:

Rodentia Ransomware is a new variant of Jigsaw Ransomware that might be able to erase user’s data. In fact, the malicious application ought to encrypt user’s private files too, but the variant we tested did not encipher any files. Nonetheless, it showed a warning in which the threat’s developers demand to pay around 20 US dollars to decrypt files and stop their deletion. If your system gets infected with this malware, we advise not to panic or rush into anything. First, you should check if your files were encrypted. In case they were, you will be unable to launch them as your computer should say it cannot read such data. Provided you do not need to decrypt your files, we advise not to waste any time and erase Rodentia Ransomware before it starts deleting your data. To eliminate it manually, you should follow the removal guide available above this paragraph. To inexperienced who may find the instructions difficult to follow, we advise employing a reputable antimalware tool instead that could erase the threat for them.