Enjey Ransomware – Remove It and Restore .Enjey Files
THREAT REMOVAL

Enjey Ransomware – Remove It and Restore .Enjey Files

OFFER

SCAN YOUR PC
with SpyHunter

Scan Your System for Malicious Files
Note! Your computer might be affected by Enjey and other threats.
Threats such as Enjey may be persistent on your system. They tend to re-appear if not fully deleted. A malware removal tool like SpyHunter will help you to remove malicious programs, saving you the time and the struggle of tracking down numerous malicious files.
SpyHunter’s scanner is free but the paid version is needed to remove the malware threats. Read SpyHunter’s EULA and Privacy Policy

The article will help you remove Enjey ransomware efficiently. Follow the ransomware removal instructions at the bottom of this article.

Enjey is a ransomware cryptovirus. Malware researchers see a relation to the RemindMe ransomware and it might be based on it, too. Your files will become encrypted and the Enjey cryptovirus will leave a ransom message with demands for payment. Keep on reading below to see how you could try to restore some of your data.

Threat Summary

NameEnjey
TypeRansomware
Short DescriptionThe ransomware encrypts files on your computer and demands payment for unlocking them.
SymptomsThe ransomware will encrypt your files and put the extension .enjey after it completes its encryption process.
Distribution MethodSpam Emails, Email Attachments
Detection Tool See If Your System Has Been Affected by Enjey

Download

Malware Removal Tool

User ExperienceJoin Our Forum to Discuss Enjey.
Data Recovery ToolWindows Data Recovery by Stellar Phoenix Notice! This product scans your drive sectors to recover lost files and it may not recover 100% of the encrypted files, but only few of them, depending on the situation and whether or not you have reformatted your drive.

Enjey Ransomware – Infection

Enjey ransomware could spread its infection via different methods. The payload file that initiates the malicious script for this ransomware, which in turn infects your computer machine, is circling the Internet and a malware sample has been found by malware researchers. You can see the VirusTotal detections for different security programs of that sample by checking the screenshot below:

Enjey ransomware might also distribute its payload file on social media websites and networks for file-sharing. Freeware that is found on the Web could be presented as useful but at the same time could hide the malicious script for the cryptovirus. Refrain from opening files just as you have downloaded them, especially if they come from suspicious sources such as links or e-mails. Instead, you should scan them beforehand with a security tool, while also checking the size and signatures of these files for anything that seems out of the ordinary. You should read the tips for ransomware prevention topic in our forum.

Enjey Ransomware – Overview

Enjey ransomware is also a cryptovirus. Some malware researchers think that the virus is related or based on the RemindMe ransomware virus. Major similarities in the ransom note can be seen as well. Files will get encrypted with a custom-made extension, that ends in .enjey, while also containing the contact e-mail inside it.

Enjey ransomware could make entries in the Windows Registry to achieve persistence, launch and repress processes in Windows. Some entries are designed in a way that will start the virus automatically with each launch of the Windows Operating System, such as the example given right here below:

→“HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run”

The ransom note will show up after the encryption process is complete. The note is written in English and gives details about what the ransom is, along with other instructions about what it will take to restore your files. The note is inside a file named README_DECRYPT.txt ransomware developers. You can view the ransom message that loads after file encryption down here:

That ransom note reads the following:

//============================================= [ ENJEY CRYPTER ] =============================================\
Hello, your personal identity:
All of your documents, photos, databases and other important data has been encrypted.
To get a decoder, please contact me by e-mail: [email protected]
In the message write the following: ‘ ‘ Hey, I need a decoder + your personal identifier ‘ ‘
You will receive Bitcoin wallet, which will need to pay.

If you have no Bitcoin wallet
– Create a Bitcoin wallet https://blockchain.info/wallet/#/signup~~dobj
– Buy cryptocurrency.
– Https://en.bitcoin.it/wiki/Help:FAQ (for beginners),
Attention!
– Do not try to do something on their own, you can lose all your data!
– Do not rename all files are encrypted!
\>//============================================= [ ENJEY CRYPTER ] =============================================//

The note of the Enjey ransomware states that your files are encrypted and to get them back you have to pay in Bitcoin. You should NOT in any circumstance pay these cybercriminals. Your files may not get restored, and nobody could give you a guarantee for that. Furthermore, giving money to these criminals will likely motivate them to create more ransomware or do other criminal activities.

Enjey Ransomware – Encryption Process

A list with file extensions that the Enjey ransomware seeks to encrypt is not available yet. However, the article will get duly updated if such one is found. The extensions which are most likely to get encrypted are the following:

→.7z, .bmp, .doc, .docm, .docx, .html, .jpeg, .jpg, .mp3, .mp4, .pdf, .php, .ppt, .pptx, .rar, .rtf, .sql, .tiff, .txt, .xls, .xlsx, .zip

Every file that gets encrypted will receive the same extension appended to each one of them, and that is .enjey or more precisely, the [email protected] extension.

The Enjey cryptovirus is quite likely to delete the Shadow Volume Copies from the Windows operating system by utilizing the following command:

→vssadmin.exe delete shadows /all /Quiet

Read on through and check out what type of ways you can try to potentially restore some of your data.

Remove Enjey Ransomware and Restore Your Files

If your computer got infected with the Enjey ransomware virus, you should have a bit of experience in removing malware. You should get rid of this ransomware as quickly as possible before it can have the chance to spread further and infect other computers. You should remove the ransomware and follow the step-by-step instructions guide provided below.

Note! Your computer system may be affected by Enjey and other threats.
Scan Your PC with SpyHunter
SpyHunter is a powerful malware removal tool designed to help users with in-depth system security analysis, detection and removal of threats such as Enjey.
Keep in mind, that SpyHunter’s scanner is only for malware detection. If SpyHunter detects malware on your PC, you will need to purchase SpyHunter’s malware removal tool to remove the malware threats. Read our SpyHunter 5 review. Click on the corresponding links to check SpyHunter’s EULA, Privacy Policy and Threat Assessment Criteria.

To remove Enjey follow these steps:

1. Boot Your PC In Safe Mode to isolate and remove Enjey files and objects
2. Find files created by Enjey on your PC

Use SpyHunter to scan for malware and unwanted programs

3. Scan for malware and unwanted programs with SpyHunter Anti-Malware Tool
4. Try to Restore files encrypted by Enjey

Berta Bilbao

Berta is a dedicated malware researcher, dreaming for a more secure cyber space. Her fascination with IT security began a few years ago when a malware locked her out of her own computer.

More Posts

Leave a Comment

Your email address will not be published. Required fields are marked *

Time limit is exhausted. Please reload CAPTCHA.

Share on Facebook Share
Loading...
Share on Twitter Tweet
Loading...
Share on Google Plus Share
Loading...
Share on Linkedin Share
Loading...
Share on Digg Share
Share on Reddit Share
Loading...
Share on Stumbleupon Share
Loading...