Monday, November 17, 2014

Decode@india.com – Removal Guides for Virus-encoder Ransomeware


My server was attacked and lots of files were encrypted yesterday. I sent an email to decode@india.com and they said they want a bitcoin for decoding program. What happened? What can I do to get rid of this?

You should know more about decode@india.com


Let's take a screenshot of decode@india.com first.




Decode@india.com is actually a new ransom Trojan (ransomeware) which encrypts your files and asks you for 1 Bitcoin to get back your files. It can come through various kinds of ways that you can't even notice. You may notice that this ransomeware is a bit different from its fellows. It gives you an email address and asks you to write an email. As you can see from the screenshot, cyber criminals will only response you when you provide them with your IP. What does it want? Probably it wants your unique ID to better attack your PC. We should stop this malicious Trojan horse before it causes serious problems.

Symptoms of being infected



  • Your PC would move as slowly as a snail and crash from time to time.
  • It takes years to stat up your PC and to open a webpage.
  • New programs or icons you haven't download before come to your screen.
  • Your doc files would be changed from xy.doc to xy.doc.id-8173471466-decode@india.com.
  • All your files are encrypted and you can't open them anymore.
  • Decode@india.com would simply send you a message as the screenshot showed you above to let you know.


We'll never advise you to send one bitcoin to get back your files. If you do so, you may lose your files and money at the same time. We suggest you should get rid of this ransomeware firstly.

How to remove decode@india.com effectively?


Solution 1: Manually remove it yourself by following the guides below.
Solution 2: Automatically remove it by using SpyHunter.

Manual Ways

Step 1: Enter Safe Mode.

To achieve a better result, you should enter Safe Mode first. Start up your PC and keep pressing F8 keys before it launches Windows. And then choose "Safe Mode with Networking". If you're not allowed to access to your screen, choose Safe Mode with Command Prompt.


Step 2: End the processes of related ongoing programs.

Use Ctrl+Shift+Esc keys to help you. You can quickly find the processes tab. Select all related or suspicious programs and then end them.


Step 3: Show hidden files and folders.

Click start menu to find Control Panel. Focus on “Appearance and Themes” to get to Folder Options. In View tab, tick “Show hidden files, folders” and deselect “Hide protected operating system files (Recommended), and then confirm your actions.


Step 4: Delete all related or suspicious files.
Since all the hidden files have been shown, you can delete them right now!

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MpCmdRun.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MpUXSrv.exe


Step 5: Remove registry entries.

Click start and find Run. Type "regedit" into the pop-up box and then you can see the Registry Editor. Choose all related or suspicious registries and remove them.




Automatic Ways


If you choose to remove decode@india.com automatically by using SpyHunter, your choice may be the most welcomed way of doing so. For you don't have to worry about the mistaken delete files and you can save your time and energy.

Step 1: Download SpyHunter, and follow the installation guides to install it properly.




Step 2: After you install SpyHunter, run it to scan your whole system.


Step 3: After the scan is over, select all the threats and click "Remove" to fix all the threats.



Options for you to optimize and speed up your PC


RegCure is born with the mission to help computer users to make the most of their computers. With five functions, RegCure is welcomed by people around the world. It can fix system errors, remove malware, improve startup, defrag memory, and clean up your PC.


Step 1: Download RegCure now!





Step 2: Save the files somewhere on your PC.


Follow the installation guides to install RegCure.





Step 3: When the installation is finish, launch RegCure and make a full scan.


Step 4: Automatically optimize your PC by clicking "Fix All".



Special tips for you

1. Backups.
Do you often backup your files?  A local or cloud-based backup may be very helpful. Think about it carefully. Once your files are encrypted, you can get them back through this way. 

You should develop a habit to back up your files to different places in a regular time.

2. Use file recovery software.
Software like R-Studio or Photorec may be helpful for your lost files.

3. Avoid bad surfing habits.
Never visit questionable websites. Never click links with emails and not to divulge your personal information online.
Be wary of attachments of an email from an unknown person.

4. Get a wonderful removal tool.
Get a reliable protector like SpyHunter to block computer threats. And you should update it with the latest version. Software like RegCure may also help you with the left problems. When facing ransomeware like decode@india.com, tools can be very helpful.


No comments:

Post a Comment