Manifestus Ransomware

The Manifestus Ransomware is a ransomware Trojan that has been associated with several variants in December 2016. The Manifestus Ransomware uses a lock screen that attempts to trick computer users into believing that their files have been encrypted by an encryption ransomware Trojan. The Manifestus Ransomware demands a payment of 0.3 BitCoin (approximately $240 USD) to 'decrypt' the victim's files. However, the Manifestus Ransomware does not have the capacity to encrypt files or carry out these attacks. It is clear that the Manifestus Ransomware threat is poorly implemented and the work of amateurs. The Manifestus Ransomware may be delivered through corrupted spam email attachments or attack websites that use exploit kits to deliver threats to the victims' computers.

The Tricks Used by the Manifestus Ransomware to Block a Computer

The Manifestus Ransomware changes how Windows starts up to display a lock screen and prevent computer users from accessing their computers. As soon as Windows starts up, the Manifestus Ransomware displays the following lock screen, blocking access to keyboard shortcuts and Windows services that can be used to bypass these attacks:

'I want to play a game with you. Let me explain the rules:
Your personal files are being deleted. Your photos, videos, documents, etc...
But, don't worry! It will only happen if you don't comply.
However I've already encrypted your personal files, so you cannot access them.
Every hour I select some of them to delete permanently,
therefore I won't be able to access them, either.
Are you familiar with the concept of exponential growth? Let me help you out.
It starts out slowly then increases rapidly.
During the first 24 hour you will only lose a few files,
the second day a few hundred, the third day a few thousand, and so on,
If you turn off your computer or try to close me, when i start the next time
you will have 1000 files deleted as punishment.
Yes you will want me to start next time, since I am the only one that
is capable to decrypt your personal data for you.
Now, let's start and enjoy our little game together!"
[wallet address]
Send 0,3 bitcoins to this address to unlock your Pc with your email address.
Your can purchase bitcoins from localbitcoins'

The entirety of the Manifestus Ransomware message is a lie. The Manifestus Ransomware cannot delete or encrypt files. The message is simply lying to threaten computer users and trick them into paying large amounts of money. Although it is possible that a future implementation of the Manifestus Ransomware threat could include these features, PC security researchers do not believe that its creators have the capacity or sophistication to produce more advanced threats.

Recovering from the Manifestus Ransomware Attack

A victim of the Manifestus Ransomware will be asked for an unlock code, which should be entered into the lock screen. The Manifestus Ransomware prevents computer users from using keyboard shortcuts or accessing the Windows Command Prompt, Task Manager, Registry Editor, or other similar services that could help in the recovery. However, starting up Windows in Safe Mode will prevent the Manifestus Ransomware from loading during startup. Like its predecessors, the Manifestus Ransomware's unlock code is 'suckmydicknigga.' Entering this string (without the quotation marks) will remove the Manifestus Ransomware lock screen and cause a pop-up screen to appear. The Manifestus Ransomware pop-up screen reads: 'JUST DELETE IT TO REMOVE IT HAHA YOU HAVE BEEN FOOLED.'

To stop the Manifestus Ransomware from loading automatically, you should remove it from the startup programs. The Manifestus Ransomware files are installed in different places depending on the iteration of the attack. However, a strong security program that is fully updated will be capable of removing the Manifestus Ransomware Trojan entirely. Future infections can be prevented by being careful with unsolicited email attachments and avoiding potentially risky websites and online content.