Home / Spyware Help / Silenced Ransomware Removal Guide

Silenced Ransomware Removal Guide

by 0 Comments

Do you know what Silenced Ransomware is?

Silenced Ransomware looks like a test version of a malicious file-encrypting application. Therefore, it is likely that once its developers finish it, the malware might be renamed. Further, in the text, we discuss how the threat works and what it is capable of for now. Also, if you keep reading our article, you can learn how the malicious program might be spread once it gets finished as well as how to erase Silenced Ransomware if you encounter it. For detailed step-by-step instructions showing how to eliminate this particular version, we recommend checking the removal guide available at the end of this article. Of course, if you have any questions about the malware or need more help with its deletion, you could leave us a message at the end of this page.

The first thing we wish to discuss about Silenced Ransomware is its possible distribution channels. Most of the malicious applications similar to it travel with questionable emails attachments, malicious software installers, fake updates, and data alike. It might be enough to launch a file or a link carrying the malware, and the system could get infected. The worst part is that the user may not realize his system got infected until the encryption process is over since it is often performed silently in the background. Therefore, if you do not want to lose your files or endanger your system and privacy, you should always scan suspicious data with a reputable antimalware tool. You should do this with all data that comes from unreliable sources and with all files that you are not sure you can trust.Silenced Ransomware Removal GuideSilenced Ransomware screenshot
Scroll down for full removal instructions

The test version of Silenced Ransomware seems to be targeting files in the following %USERPROFILE%\ subfolders: Desktop, Music, Pictures, Pictures, and Documents. If its creators wish, they could add more directories for the malware to encrypt, so it is possible the finished version could ruin more data. The encrypted files become unreadable and cannot be opened again without a unique decryption key that gets generated during the encryption process, and a unique decryption tool. For now, the sample we tested marked such files with .try extension, which could be changed with any other words or random characters. Another thing we noticed was that the malware adds a copy of itself in the %APPDATA%\Microsoft\Windows\Start Menu\Programs\Startup location and creates a Registry entry related to it. This should make an infected device relaunch Silenced Ransomware after each system restart.

Lastly, the malicious application ought to show a ransom note. Sometimes such messages appear on a text document or, as in this case, on a picture displayed on a victim’s screen. Silenced Ransomware’s note starts with: “This computer has been hacked.” Then it explains that the malware encrypted personal files and users who wish to get them back have to pay for decryption. The mentioned sum is 0.05 BTC, which currently is about 500 US dollars. As you probably realize there are no guarantees the malicious application’s developers will provide you with the needed decryption means even if you pay what they ask for.

For those who do not want to risk their money, we recommend ignoring the malware’s note and erasing Silenced Ransomware. Once it is gone, you could restore files from backup copies if you have any. To delete it manually, you could follow the instructions available below. However, keep in mind that while they ought to work for this version of the threat, they might be useless if the malicious application gets upgraded. Thus, it might be safest to employ a reputable antimalware tool that could remove Silenced Ransomware for you.

Erase Silenced Ransomware

  1. Restart your computer in Safe Mode with Networking.
  2. Click Windows Key+E.
  3. Navigate to the suggested paths:
    %TEMP%
    %USERPROFILE%Desktop
    %USERPROFILE%Downloads
  4. Find a file opened when the device got infected, right-click the malicious file and select Delete.
  5. Find this path: %APPDATA%\Microsoft\Windows\Start Menu\Programs\Startup
  6. Find a malicious .exe file that could be named windows update.exe.
  7. Right-click the malicious .exe file and choose Delete.
  8. Exit File Explorer.
  9. Press Windows Key+R, type Regedit and choose OK.
  10. Navigate to this path: HKCU\Software\Microsoft\Windows\CurrentVersion\Run
  11. Look for a value name that could be related to the malicious application, for example, windows update.
  12. Right-click the malware’s value name and press Delete.
  13. Close the Registry Editor.
  14. Empty Recycle bin.
  15. Restart the computer.

In non-techie terms:

Silenced Ransomware is a file-encrypting threat that appears to be still in the development stage. It means the malware is probably not yet finished and its developers could always add more features to it before they are done with testing it. Usually, such threats receive new names before hackers start spreading them to targeted victims. Just as other similar malicious applications, this version encrypts user’s files and displays a ransom note asking to pay for decryption. We always recommend against paying cybercriminals since there are never guarantees that they will deliver the promised tools. Instead, we advise users to look for backup copies they could use to replace encrypted files. Naturally, before transferring any data, it is vital to erase Silenced Ransomware since it can restart with a system and encrypt files it did not encipher yet. To delete it you can either try the removal guide available above or employ a reputable antimalware tool of your choice.