Hey you,

35,000 ransomware infections per month and you still believe you are protected?

Sign up to receive:

  • alerts
  • news
  • free how-to-remove guides

of the newest online threats - directly to your inbox:

Remove Decryptallfiles@india.com Ransomware and Restore Encrypted Files

data-encryption-stforumA ransomware virus using the .decryptallfiles@india.com file extension has appeared recently. The virus is widely believed to be a part of the ransomware viruses which are part of the CrySiS ransomware family. Not only this but this malware is also the reason for many users reporting that their files were no longer able to be opened and upon contacting the e-mail, to be asked for payoff to restore their files. We strongly urge you not to conduct any payoffs related to Decryptallfiles@india.com ransomware and to attempt and use the information in this article to remove the ransomware successfully from your computer and to restore your files.

Threat Summary



Type Ransomware
Short Description The malware encrypts users files using a strong encryption algorithm, making direct decryption possible only via a unique decryption key available to the cyber-criminals.
Symptoms The user may witness the files encrypted with the ransomware e-mail address as correspondence.
Distribution Method Via an Exploit kit, Dll file attack, malicious JavaScript or a drive-by download of the malware itself in an obfuscated manner.
Detection Tool See If Your System Has Been Affected by Decryptallfiles@india.com


Malware Removal Tool

User Experience Join our forum to Discuss Decryptallfiles@india.com.
Data Recovery Tool Data Recovery Pro by ParetoLogic Notice! This product scans your drive sectors to recover lost files and it may not recover 100% of the encrypted files, but only few of them, depending on the situation and whether or not you have reformatted your drive.

Decryptallfiles@india.com – How Does It Infect

In order to attack as high as possible amount of users, the ransomware, identifying itself with the e-mail Decryptallfiles@india.com may use e-mails related to persuasive topics that aim to convince users that their bank accounts are being suspended or have other issues.

The primary target of cyber-crooks is to get users to focus on clicking either a malicious web link or an e-mail attachment which only seems to be consisting of:

  • Microsoft Office type of documents.
  • Adobe Reader files.
  • Photos or archives.

Not only this, but as soon as several users click on such web links and e-mail attachments, the payload of the ransomware might be downloaded from the command and control servers belonging to the cyber-criminals onto the computer of the user.

Decryptallfiles@india.com – More Information about The Virus

After the virus has infected the user, decryptallfiles@india.com may drop the payload in several different folders, among which are the:

  • %User’s Profile%
  • %System32%
  • %Temp%
  • %AppData%

Similar to systemdown@india.com ransomware, the virus may have files like the decryption instructions in a text and .jpg file formats dropped on the %Startup% folder so that these files run every time Windows has started.

In addition to this, the malware might also delete several different types of files which are primarily related to the shadow copies and backups of windows. This is achievable by executing the vssadmin command for shadow copy deletion:

→ vssadmin delete shadows /all /quiet

Not only this, but when the Decryptallfiles@india.com virus begins to encrypt user files, it is pre-programmed to look for a different set of file extensions amongst which are:

  • Video types of files.
  • Image data.
  • Audio files.
  • Database type of files.
  • Microsoft Office and Adobe documents.

After having encrypted all the files on the compromised computer, the virus appends it’s e-mail address as a file extension for the encrypted files, making them appear like the following:


Remove Decryptallfiles@india.com Ransomware and Restore Encrypted Files

Experts strongly advise against contacting the cyber-criminals who have encrypted your files for several obvious reasons:

  • You are helping cyber-crooks infect more users and generate profit.
  • There is no guarantee the files will be decrypted.

To remove this ransomware virus completely from your computer, you may follow the removal instructions after this article. However, experts strongly advise that you focus on removing the ransomware automatically with an advanced anti-ransomware tool and try the alternative file restoration methods below until a free decryptor is released after which we will update this article with a download URL.

Manually delete Decryptallfiles@india.com from your computer

Note! Substantial notification about the Decryptallfiles@india.com threat: Manual removal of Decryptallfiles@india.com requires interference with system files and registries. Thus, it can cause damage to your PC. Even if your computer skills are not at a professional level, don’t worry. You can do the removal yourself just in 5 minutes, using a malware removal tool.

1. Boot Your PC In Safe Mode to isolate and remove Decryptallfiles@india.com files and objects
2.Find malicious files created by Decryptallfiles@india.com on your PC

Automatically remove Decryptallfiles@india.com by downloading an advanced anti-malware program

1. Remove Decryptallfiles@india.com with SpyHunter Anti-Malware Tool and back up your data
2. Restore files encrypted by Decryptallfiles@india.com
Optional: Using Alternative Anti-Malware Tools

Vencislav Krustev

A network administrator and malware researcher at SensorsTechForum with passion for discovery of new shifts and innovations in cyber security. Strong believer in basic education of every user towards online safety.

More Posts - Website

Share on Facebook Share
Share on Twitter Tweet
Share on Google Plus Share
Share on Linkedin Share
Share on Digg Share
Share on Reddit Share
Share on Stumbleupon Share
Please wait...

Subscribe to our newsletter

Want to be notified when our article is published? Enter your email address and name below to be the first to know.