.PLEASE_CONTACT_1398456099@qq_com' Ransomware Description
Recently, malware researchers came across a new and rather peculiar ransomware threat. It is called '.PLEASE_CONTACT_1398456099@qq_com' Ransomware and does not appear to belong to any of the popular ransomware families. It is speculated that the author is a Chinese high-school student, but this has not been confirmed.
It is not uncovered with certainty what the propagation method of this file-locking Trojan is, but it is very likely that the creator has been spreading this threat via pirated software, mass spam email campaigns and faux updates. When the '.PLEASE_CONTACT_1398456099@qq_com' Ransomware penetrates a system it initiates a scan immediately. This is done to locate all the file types, which this data-encrypting Trojan is programmed to go after. Usually, to achieve maximum damage, the files targeted are the most popular file types that any users will have on their computers such as .jpeg, .png, .gif, .ppt, .doc, .mp3, .mov, etc. After going through the encryption of the '.PLEASE_CONTACT_1398456099@qq_com' Ransomware, the data affected will have an additional extension - '.PLEASE_CONTACT_1398456099@qq_com'. Instead of dropping a ransom note in a text file as most ransomware threats do, the '.PLEASE_CONTACT_1398456099@qq_com' Ransomware presents the victim with a pop-up window containing the ransom message. The text is available in English, German, Chinese and Japanese. The headline reads 'Ooops, your homework has been encrypted!' The attacker claims that you will not be able to retrieve your files unless you pay them. Then, they state that the ransom fee will be increased periodically. On a somewhat ironic note, the text states (in broken English) that 'even if God comes' you will not be able to reclaim your data for free. The author of the '.PLEASE_CONTACT_1398456099@qq_com' Ransomware also claims that all the data will be deleted permanently a week after the attack unless the victim pays up.
We recommend you not to give in to the demands of cybercriminals. A much safer approach would be to download and install a reputable anti-malware suite and utilize it in wiping the '.PLEASE_CONTACT_1398456099@qq_com' Ransomware off your system.
Do You Suspect Your PC May Be Infected with .PLEASE_CONTACT_1398456099@qq_com' Ransomware & Other Threats? Scan Your PC with SpyHunterSpyHunter is a powerful malware remediation and protection tool designed to help provide PC users with in-depth system security analysis, detection and removal of a wide range of threats like .PLEASE_CONTACT_1398456099@qq_com' Ransomware as well as a one-on-one tech support service. Download SpyHunter's FREE Malware Remover
Security Doesn't Let You Download SpyHunter or Access the Internet?Solutions: Your computer may have malware hiding in memory that prevents any program, including SpyHunter, from executing on your computer. Follow to download SpyHunter and gain access to the Internet:
- Use an alternative browser. Malware may disable your browser. If you're using IE, for example, and having problems downloading SpyHunter, you should open Firefox, Chrome or Safari browser instead.
- Use a removable media. Download SpyHunter on another clean computer, burn it to a USB flash drive, DVD/CD, or any preferred removable media, then install it on your infected computer and run SpyHunter's malware scanner.
- Start Windows in Safe Mode. If you can not access your Window's desktop, reboot your computer in "Safe Mode with Networking" and install SpyHunter in Safe Mode.
- IE Users: Disable proxy server for Internet Explorer to browse the web with Internet Explorer or update your anti-spyware program. Malware modifies your Windows settings to use a proxy server to prevent you from browsing the web with IE.
This article is provided "as is" and to be used for educational information purposes only. By following any instructions on this article, you agree to be bound by the disclaimer. We make no guarantees that this article will help you completely remove the malware threats on your PC. Spyware changes regularly; therefore, it is difficult to fully clean an infected machine through manual means.