Home / Spyware Help / Sorryforthis Ransomware Removal Guide

Sorryforthis Ransomware Removal Guide

by 0 Comments

Do you know what Sorryforthis Ransomware is?

Some time ago, we researched a threat called Noblis Ransomware that was still in development, and today, we are discussing another infection based on it that is called Sorryforthis Ransomware. Same as the malware it was based on, the malicious application encrypts files and shows a red pop-up window with a picture of a black lock. The window should also contain a text displayed in a white background. In short, it explains that all your files became encrypted and can only be restored with a unique decryption key purchased from the threat’s developers. Needless to say that the hackers may not send the promised decryption key even if you pay the ransom. Thus, putting up with their demands is risky and could make things even worse. If you do not like taking chances, you may want to delete Sorryforthis Ransomware instead of putting up with the hackers’ demands. In such a case, we can offer our removal guide available below this report.

If you came to learn more about Sorryforthis Ransomware, you should read our full report. The first thing we wish to discuss is where it might come from. Most of the ransomware applications are spread through Spam emails, malicious file-sharing websites, or other untrustworthy channels alike. Also, some of them are capable of entering a system by exploiting its weaknesses, for example, outdated software, unsecured RDP connections, and so on. Consequently, we advise not only to keep away from files that might be coming from unreliable sources, but also to make sure that your computer has no vulnerabilities. Also, it is highly recommendable to keep a reputable antimalware tool. A reliable security tool can guard your system against various threats, and you could use it to scan suspicious data before opening it to make sure it is safe to do so.Sorryforthis Ransomware Removal GuideSorryforthis Ransomware screenshot
Scroll down for full removal instructions

After entering a system, Sorryforthis Ransomware should encrypt private files, such as pictures, photos, various documents, and so on. Once encrypted, they should all receive a second extension called .sorryforthis, for example, cat.jpg.sorryforthis. Next, the malicious application ought to display a pop-up window that we described at the beginning of this article. It might demand you to pay a ransom of 0.08134 Bitcoins or a similar sum. Also, their ransom note should stress that the payment has to be made in 24 hours. If not, hackers may threaten to erase encrypted files permanently. As said earlier, paying a ransom could end up hazardously as hackers might not deliver the promised decryption key. As a result, you would lose the money you transferred, and your files would be still encrypted. If you do not want to risk this happening, we advise not to pay the ransom and eliminate Sorryforthis Ransomware.

To erase Sorryforthis Ransomware manually, you should follow our removal guide available below this paragraph. If the process seems complicated or you want to scan your system and check if there are no other threats, we recommend installing a reputable antimalware tool. Scan your computer with it, and after the scan, you should be able to remove Sorryforthis Ransomware as well as other possible threats by pressing the tool’s displayed deletion button.

Eliminate Sorryforthis Ransomware

  1. Close the malware’s window.
  2. Press Ctrl+Alt+Delete.
  3. Pick Task Manager and check the Processes tab.
  4. Locate a process belonging to the malware.
  5. Choose the process and click End Task.
  6. Exit Task Manager.
  7. Click Windows Key+E.
  8. Navigate to the suggested paths:
    %TEMP%
    %USERPROFILE%Desktop
    %USERPROFILE%Downloads
  9. Find a recently downloaded suspicious file that is likely to be the malware’s source.
  10. Then right-click the malicious file and select Delete.
  11. Exit File Explorer.
  12. Empty Recycle bin.
  13. Restart the computer.

In non-techie terms:

Sorryforthis Ransomware is a threat that encrypts files and shows a ransom note. Usually, encrypted data can only be decrypted with a decryptor and a unique decryption key. In this case, victims only need a key because it looks like the malware’s window might work as a decryptor itself. However, the hackers behind the malicious application ask for a payment in exchange for a decryption key. The worst part is that there are no guarantees that they will still have the needed key once the payment is made or that they will bother to send it. Therefore, for those who do not want to risk losing their money, we recommend against paying the ransom. Keep in mind that some or all of your files could be replaced with backup copies if you have them somewhere on cloud storage or removable media devices. In such a case, all that might be left to do is eliminate Sorryforthis Ransomware and start transferring the backup copies. To delete the threat manually, you could use the removal guide available above. If you prefer using security tools, we recommend employing a reputable antimalware tool instead.