.acc File Virus – Remove and Recover Files - How to, Technology and PC Security Forum | SensorsTechForum.com

.acc File Virus – Remove and Recover Files

This article aims to help you remove the .acc file extension ransomware virus from your computer completely and show you how to successfully restore encrypted files.

A ransomware virus, carrying the “Learn how to recover your files.txt” ransom note has been reported to cause numerous issues for victims. The malware encrypts the files on the compromised computers, after which adds the .acc file extension at their end, making them no longer openable. If you have become a victim of the .acc file virus, we recommend that you read this material carefully.

Threat Summary

Name.acc ransomware
TypeRansomware, Cryptovirus
Short DescriptionEncrypts the files and demands ransom in BitCoin.
SymptomsFiles encrypted with the .acc file extension. A ransom note, named Learn how to recover your files.txt dropped on the computer, affected by it.
Distribution MethodSpam Emails, Email Attachments, Executable files
Detection Tool See If Your System Has Been Affected by .acc ransomware


Malware Removal Tool

User ExperienceJoin Our Forum to Discuss .acc ransomware.
Data Recovery ToolWindows Data Recovery by Stellar Phoenix Notice! This product scans your drive sectors to recover lost files and it may not recover 100% of the encrypted files, but only few of them, depending on the situation and whether or not you have reformatted your drive.

.acc File Virus Distribution

Judging by the methods via which this virus infects, it’s distribution is most likely conducted via malicious spam e-mails otherwise known as malspam. Such messages are of particular interest because they aim to trick the victim into opening them which results in a successful infection. Victims are often deceived into opening various different types of e-mail attachments pretending to be legitimate invoices, documents and other types of files. The messages used to convince them usually do a very good job a hiding their devious character, for example:

Other methods by which one could become a victim of this virus is if it’s malicious files are uploaded online as files that only pretend to be legitimate setups, updates, key generators, cracks or executables of programs.

More Information on .acc File Ransomware

The .acc file ransomware is a virus that does not fool around and as soon as it Is connected to the victim’s computer, the malware immediately begins to download it’s payload from a malicious server belonging to the cyber-criminals. From there the files may be located in one of the following Windows folders under different file names:

After the malicious files are dropped on the infected computer, the .acc ransomware infection will execute several malicious activities before it actually gets down to the direct file encryption. One of those may be to delete any file recovery possibilities and shadow volume copies (backed up files by Windows). This is done by executing the following Windows commands which interact with the vssaddmin and bcedit Windows services without you noticing it:

→ process call create “cmd.exe /c vssadmin.exe delete shadows /all /quiet & bcdedit.exe /set {default} recoveryenabled no & bcdedit.exe /set {default} bootstatuspolicy ignoreallfailures”

In addition to this, the .acc file virus may also interfere with the Windows Registry Editor, modifying the Run and RunOnce registry sub-keys. The .acc file virus also drops It’s ransom note on the compromised computer, named Learn how to recover your files.txt. It has the following message:

“It looks like your files have been encrypted.
If you are interested in your recovery, please contact us by email: contatoaac@vpn.tg
Send your code to: {unique ID code}
Your request will be answered as soon as possible, and if necessary to guarantee recovery.”

.acc File Ransomware – Encryption Process

To encrypt the files on the compromised computer systems, the .acc ransomware may attack all often used files, besides ones located in:

→ %Windows%

After doing so, the ransomware infection sets .acc as file extension to all the encrypted documents, videos, images, audio files, archives and other files types by it. The files no longer appear the same:

Remove .acc File Virus and Restore Your Files

For the removal process of .acc file ransomware, we recommend that you focus on backing up the encrypted files beforehand. After this, we also recommend that you follow the removal instructions below, that are separated on manual and automatic. Manual removal may work for you, but if you want to be confident in the full removal of the .acc ransomware, we strongly advise you to perform an automatic removal.

If you are interested In restoring files encrypted by this ransomware, we have suggested several alternative file recovery options in step “2. Restore files encrypted by .acc ransomware” below.


Ventsislav Krastev

Ventsislav has been covering the latest malware, software and newest tech developments at SensorsTechForum for 3 years now. He started out as a network administrator. Having graduated Marketing as well, Ventsislav also has passion for discovery of new shifts and innovations in cybersecurity that become game changers. After studying Value Chain Management and then Network Administration, he found his passion within cybersecrurity and is a strong believer in basic education of every user towards online safety.

More Posts - Website

Follow Me:

Leave a Comment

Your email address will not be published. Required fields are marked *

Time limit is exhausted. Please reload CAPTCHA.

Share on Facebook Share
Share on Twitter Tweet
Share on Google Plus Share
Share on Linkedin Share
Share on Digg Share
Share on Reddit Share
Share on Stumbleupon Share