Decrypt Files Encrypted by Merry Christmas Ransomware - How to, Technology and PC Security Forum |

Decrypt Files Encrypted by Merry Christmas Ransomware


with SpyHunter

Scan Your System for Malicious Files
Note! Your computer might be affected by Merry Christmas Ransomware and other threats.
Threats such as Merry Christmas Ransomware may be persistent on your system. They tend to re-appear if not fully deleted. A malware removal tool like SpyHunter will help you to remove malicious programs, saving you the time and the struggle of tracking down numerous malicious files.
SpyHunter’s scanner is free but the paid version is needed to remove the malware threats. Read SpyHunter’s EULA and Privacy Policy

This article aims to help you decrypt files encrypted by the Merry Christmas virus with the following file extensions: .PEGS1, .MRCR1, .RARE1 or .RMCM1.

Merry Christmas ransomware hit us around 3rd of December last year and ever since then, the virus has been infecting unsuspecting users via spam e-mails. What this particular ransomware does is it takes advantage of unexperienced users and applies encryption on their computers to extort them for their files. The victims of both versions of the virus were asked to pay a hefty sum to get their files back. However, those who did not pay can now successfully restore their files for free, using the below-stated decryption and removal instructions.

Disclaimer! Make sure to backup your files in multiple copies before beginning this procedure because if the decryption is unsuccessful, they may be damaged.

Merry Christmas Ransomware – Removal

First, before begging to decrypt your files, it is very important to try and remove the virus. One method to do it is if you follow the manual decryption instructions below. However, bear in mind that experts strongly advise using and advanced anti-malware software to remove everything associated with Merry Christmas permanently.

Note! Your computer system may be affected by Merry Christmas Ransomware and other threats.
Scan Your PC with SpyHunter
SpyHunter is a powerful malware removal tool designed to help users with in-depth system security analysis, detection and removal of threats such as Merry Christmas Ransomware.
Keep in mind, that SpyHunter’s scanner is only for malware detection. If SpyHunter detects malware on your PC, you will need to purchase SpyHunter’s malware removal tool to remove the malware threats. Read our SpyHunter 5 review. Click on the corresponding links to check SpyHunter’s EULA, Privacy Policy and Threat Assessment Criteria.

To remove Merry Christmas Ransomware follow these steps:

1. Boot Your PC In Safe Mode to isolate and remove Merry Christmas Ransomware files and objects
2. Find files created by Merry Christmas Ransomware on your PC

Before starting the Automatic Removal below, please boot back into Normal mode, in case you are currently in Safe Mode.
This will enable you to install and use SpyHunter 5 successfully.

Use SpyHunter to scan for malware and unwanted programs

3. Scan for malware and unwanted programs with SpyHunter Anti-Malware Tool
4. Try to Restore files encrypted by Merry Christmas Ransomware

Ventsislav Krastev

Ventsislav has been covering the latest malware, software and newest tech developments at SensorsTechForum for 3 years now. He started out as a network administrator. Having graduated Marketing as well, Ventsislav also has passion for discovery of new shifts and innovations in cybersecurity that become game changers. After studying Value Chain Management and then Network Administration, he found his passion within cybersecrurity and is a strong believer in basic education of every user towards online safety.

More Posts - Website


  1. Mike Stanley

    What do we do if I have no original files left? I have no unencrypted original files that are the same as the encrypted ones to drag onto the decryptor.

    1. Vencislav Krustev

      Hey Mike, please try to find original Windows files from the same version of Windows on another PC. They are usually the same for everyone. The wallpapers are the easiest to find.


      1. Vencislav Krustev

        You can also check the red box in the article above : )

  2. Teodor Chirileanu

    What if the virus was so smart that it only encrypted just a couple of my documents, while leaving the others untouched? For example none of my photos are encrypted. How can I still get my files back? (I really need them)


Leave a Comment

Your email address will not be published. Required fields are marked *

Time limit is exhausted. Please reload CAPTCHA.

Share on Facebook Share
Share on Twitter Tweet
Share on Google Plus Share
Share on Linkedin Share
Share on Digg Share
Share on Reddit Share
Share on Stumbleupon Share