Grand_car@aol.com Ransomware

The 'Grand_car@aol.com' Ransomware is a variant of the infamous Crysis ransomware infection, a threat that first appeared in March 2016. Like most ransomware Trojans, the 'Grand_car@aol.com' Ransomware is designed to take over the victim's computer, encrypt the victim's files and demand the payment of a ransom in exchange for a decryption key. The 'Grand_car@aol.com' Ransomware represents a severe threat to computer users. Because of this, steps should be taken to ensure that you and your computer are protected from the 'Grand_car@aol.com' Ransomware and other ransomware Trojan attacks. The best two measures you can take to make yourself safe from the 'Grand_car@aol.com' Ransomware and its variants are to ensure that all of your files are properly backed up on an external device and that a security program that is fully up-to-date is installed on your computer.

How the 'Grand_car@aol.com' Ransomware Infection Works

The 'Grand_car@aol.com' Ransomware uses the AES-128 encryption to encrypt the victim's files, making them inaccessible. Once the victim's files have been encrypted successfully, the 'Grand_car@aol.com' Ransomware demands that the victim pays a large amount of money to provide the decryption key necessary for removing the encryption from the affected files. To alert the victim of the attack, the 'Grand_car@aol.com' Ransomware drops ransom notes that take the form of text files. The 'Grand_car@aol.com' Ransomware may be distributed through corrupted email attachments. The 'Grand_car@aol.com' Ransomware variants are being distributed on P2P (Peer-to-Peer) file sharing networks that may be included in popular torrents.

The 'Grand_car@aol.com' Ransomware Attacks Your Most Cherished Files

When the 'Grand_car@aol.com' Ransomware is installed, it searches the victim's hard drives for files with certain file extensions and then encrypts them using its strong encryption algorithm. The 'Grand_car@aol.com' Ransomware will encrypt the following file types:

.odc, .odm, .odp, .ods, .odt, .docm, .docx, .doc, .odb, .mp4, sql, .7z, .m4a, .rar, .wma, .gdb, .tax, .pkpass, .bc6, .bc7, .avi, .wmv, .csv, .d3dbsp, .zip, .sie, .sum, .ibank, .t13, .t12, .qdf, .bkp, .qic, .bkf, .sidn, .sidd, .mddata, .itl, .itdb, .icxs, .hvpl, .hplg, .hkdb, .mdbackup, .syncdb, .gho, .cas, .svg, .map, .wmo, .itm, .sb, .fos, .mov, .vdf, .ztmp, .sis, .sid, .ncf, .menu, .layout, .dmp, .blob, .esm, .vcf, .vtf, .dazip, .fpk, .mlx, .kf, .iwd, .vpk, .tor, .psk, .rim, .w3x, .fsh, .ntl, .arch00, .lvl, .snx, .cfr, .ff, .vpp_pc, .lrf, .m2, .mcmeta, .vfs0, .mpqge, .kdb, .db0, .dba, .rofl, .hkx, .bar, .upk, .das, .iwi, .litemod, .asset, .forge, .ltx, .bsa, .apk, .re4, .sav, .lbf, .slm, .bik, .epk, .rgss3a, .pak, .big, wallet, .wotreplay, .xxx, .desc, .py, .m3u, .flv, .js, .css, .rb, .png, .jpeg, .txt, .p7c, .p7b, .p12, .pfx, .pem, .crt, .cer, .der, .x3f, .srw, .pef, .ptx, .r3d, .rw2, .rwl, .raw, .raf, .orf, .nrw, .mrwref, .mef, .erf, .kdc, .dcr, .cr2, .crw, .bay, .sr2, .srf, .arw, .3fr, .dng, .jpe, .jpg, .cdr, .indd, .ai, .eps, .pdf, .pdd, .psd, .dbf, .mdf, .wb2, .rtf, .wpd, .dxg, .xf, .dwg, .pst, .accdb, .mdb, .pptm, .pptx, .ppt, .xlk, .xlsb, .xlsm, .xlsx, .xls, .wps.

The 'Grand_car@aol.com' Ransomware drops a text file containing its ransom note in each directory where it encrypted the victim's files. The ransom note will look very similar to the one below:

Attention! Your computer was attacked by virus-encoder.
All your files are encrypted cryptographically strong, without the original key recover is impossible! To get the decoder and the original key, you need to to write us at the email: the 'Grand_car@aol.com' with subject "encryption" stating your id.
Write in the case, do not waste your and our time on empty threats.
Responses to letters only appropriate people are not adequate ignore.
P.S. only in case you do not receive a response from the first email address within 48 hours please use this alternative email goldman0@india.com.