Home / Spyware Help / SepSys Ransomware Removal Guide

SepSys Ransomware Removal Guide

by 0 Comments

Do you know what SepSys Ransomware is?

SepSys Ransomware is clearly a very dangerous computer infection that no one wants to deal with first hand. Ransomware infections are draconic – it is very often impossible to restore the affected files. Even if you pay the ransom fee, there is no guarantee that this program would issue the necessary decryption key. Hence, it is important to focus on malware removal.

It is possible to remove SepSys Ransomware manually, although it would be a better idea to invest in a security tool that would delete the infection for you. Please refer to the guidelines below for manual ransomware removal.

As far as the origins of this infection are concerned, SepSys Ransomware is slightly different from the batch of recently discussed programs. It doesn’t belong to the notorious STOP Ransomware or Crysis/Dharma Ransomware families. However, it doesn’t mean that SepSys Ransomware is much different from such programs as BTOS Ransomware or NCOV Ransomware. After all, ransomware programs usually employ the same distribution methods, and they tend to come via spam email attachments. It is actually a rather old malware distribution method, but it clearly still works.

It means that users get tricked into opening spam emails with attached files. These emails might look like business messages, online shopping invoices, or some financial reports. If you are used to dealing with multiple attachments every single day, you might not even question something that looks like a regular PDF file or an Excel file. However, you would most certainly do yourself a favor if you scanned those received files with a security tool of your choice. If the security tool says that the file is dangerous, you need to remove it at once, and then delete the email, too.SepSys Ransomware Removal GuideSepSys Ransomware screenshot
Scroll down for full removal instructions

In fact, it’s not just about spam emails. You should stay away from file-sharing websites and other pages that might be associated with illegal program sharing. You might think that you are downloading a new game or some important program, but it could be a malware installer, and then all of your plans would go down the drain.

When SepSys Ransomware enters your system, the program scans the entire hard drive looking for the files it can encrypt. Encryption starts almost immediately, and the program adds a new extension to all the affected files. The extension is “.sepsys,” and with that, you can easily see which files were affected by the program.

Aside from locking up your files, the program also drops the README.html file in the %PROGRAMDATA% directory. This file runs automatically the moment the encryption is complete. As you can probably guess, it contains the ransom note. Here’s part of what the ransom note has to say:

ATTENTION! Your computer has been infected by sepSys!
Your files have been encrypted with a random key and no decryption tool can save them
To regain access to your files, please make a $100 donation to Silicon Venom
We only accept payments in Bitcoin (BTC).
<…>
Once you have paid, contact us at iaminfected.sac@elude.in to receive your unique password and instructions on how to use it.

As you can see, the ransom fee or the “donation” as they call it, isn’t that high. But it doesn’t mean you should pay it in the first place. As we have already mentioned before, there is no guarantee that these people would decrypt your files. Also, by paying, you would only encourage them to create more malware.

The best way to retrieve your files is to transfer them back into your hard drive from a file backup. Of course, you need to have a file backup in the first place. It could be an external hard drive or a cloud drive. If you don’t have one, you might be able to retrieve the latest files from some cloud drive at work, your mail inbox, or your mobile device. If you feel at your wits’ end, it is necessary to address a professional, who would give you more file recovery options.

As for SepSys Ransomware, you need to remove it immediately. Again, if you do not want to do it manually, get yourself a powerful security application that will terminate this infection for good.

How to Remove SepSys Ransomware

  1. Remove the most recent files from Desktop.
  2. Remove the most recent files from Downloads.
  3. Press Win+R and type %TEMP%. Click OK.
  4. Remove the most recent files from the directory.
  5. Press Win+R and type %PROGRAMDATA%. Click OK.
  6. Delete the README.html file.
  7. Press Win+R again and type regedit. Click OK.
  8. Open HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run.
  9. On the right side, right-click and delete the Service value.
  10. Scan your computer with the SpyHunter free scanner.

In non-techie terms:

SepSys Ransomware is a dangerous infection that can block you from accessing your files. This program wants you to pay $100 for the file recovery. Please keep your money to yourself and remove SepSys Ransomwarer right now. There might be other file recovery options, and for that, you need to address a professional. Not to mention that paying the ransom might not even work, so you should not fall for that trap. It’s better to use that money to invest in a licensed security application.