The article will help you remove Enjey ransomware efficiently. Follow the ransomware removal instructions at the bottom of this article.
Enjey is a ransomware cryptovirus. Malware researchers see a relation to the RemindMe ransomware and it might be based on it, too. Your files will become encrypted and the Enjey cryptovirus will leave a ransom message with demands for payment. Keep on reading below to see how you could try to restore some of your data.
|Short Description||The ransomware encrypts files on your computer and demands payment for unlocking them.|
|Symptoms||The ransomware will encrypt your files and put the extension .enjey after it completes its encryption process.|
|Distribution Method||Spam Emails, Email Attachments|
|Detection Tool|| See If Your System Has Been Affected by Enjey |
Malware Removal Tool
|User Experience||Join Our Forum to Discuss Enjey.|
|Data Recovery Tool||Windows Data Recovery by Stellar Phoenix Notice! This product scans your drive sectors to recover lost files and it may not recover 100% of the encrypted files, but only few of them, depending on the situation and whether or not you have reformatted your drive.|
Enjey Ransomware – Infection
Enjey ransomware could spread its infection via different methods. The payload file that initiates the malicious script for this ransomware, which in turn infects your computer machine, is circling the Internet and a malware sample has been found by malware researchers. You can see the VirusTotal detections for different security programs of that sample by checking the screenshot below:
Enjey ransomware might also distribute its payload file on social media websites and networks for file-sharing. Freeware that is found on the Web could be presented as useful but at the same time could hide the malicious script for the cryptovirus. Refrain from opening files just as you have downloaded them, especially if they come from suspicious sources such as links or e-mails. Instead, you should scan them beforehand with a security tool, while also checking the size and signatures of these files for anything that seems out of the ordinary. You should read the tips for ransomware prevention topic in our forum.
Enjey Ransomware – Overview
Enjey ransomware is also a cryptovirus. Some malware researchers think that the virus is related or based on the RemindMe ransomware virus. Major similarities in the ransom note can be seen as well. Files will get encrypted with a custom-made extension, that ends in .enjey, while also containing the contact e-mail inside it.
Enjey ransomware could make entries in the Windows Registry to achieve persistence, launch and repress processes in Windows. Some entries are designed in a way that will start the virus automatically with each launch of the Windows Operating System, such as the example given right here below:
The ransom note will show up after the encryption process is complete. The note is written in English and gives details about what the ransom is, along with other instructions about what it will take to restore your files. The note is inside a file named README_DECRYPT.txt ransomware developers. You can view the ransom message that loads after file encryption down here:
That ransom note reads the following:
//============================================= [ ENJEY CRYPTER ] =============================================\
Hello, your personal identity:
All of your documents, photos, databases and other important data has been encrypted.
To get a decoder, please contact me by e-mail: [email protected]
In the message write the following: ‘ ‘ Hey, I need a decoder + your personal identifier ‘ ‘
You will receive Bitcoin wallet, which will need to pay.
If you have no Bitcoin wallet
– Create a Bitcoin wallet https://blockchain.info/wallet/#/signup~~dobj
– Buy cryptocurrency.
– Https://en.bitcoin.it/wiki/Help:FAQ (for beginners),
– Do not try to do something on their own, you can lose all your data!
– Do not rename all files are encrypted!
\>//============================================= [ ENJEY CRYPTER ] =============================================//
The note of the Enjey ransomware states that your files are encrypted and to get them back you have to pay in Bitcoin. You should NOT in any circumstance pay these cybercriminals. Your files may not get restored, and nobody could give you a guarantee for that. Furthermore, giving money to these criminals will likely motivate them to create more ransomware or do other criminal activities.
Enjey Ransomware – Encryption Process
A list with file extensions that the Enjey ransomware seeks to encrypt is not available yet. However, the article will get duly updated if such one is found. The extensions which are most likely to get encrypted are the following:
→.7z, .bmp, .doc, .docm, .docx, .html, .jpeg, .jpg, .mp3, .mp4, .pdf, .php, .ppt, .pptx, .rar, .rtf, .sql, .tiff, .txt, .xls, .xlsx, .zip
Every file that gets encrypted will receive the same extension appended to each one of them, and that is .enjey or more precisely, the [email protected] extension.
The Enjey cryptovirus is quite likely to delete the Shadow Volume Copies from the Windows operating system by utilizing the following command:
→vssadmin.exe delete shadows /all /Quiet
Read on through and check out what type of ways you can try to potentially restore some of your data.
Remove Enjey Ransomware and Restore Your Files
If your computer got infected with the Enjey ransomware virus, you should have a bit of experience in removing malware. You should get rid of this ransomware as quickly as possible before it can have the chance to spread further and infect other computers. You should remove the ransomware and follow the step-by-step instructions guide provided below.