.actin Files Virus (Phobos) – WHAT IS IT + Remove It
THREAT REMOVAL

.actin Files Virus (Phobos) – WHAT IS IT + Remove It

What are .actin files? What is the .actin files virus? How to remove Phobos ransomware and try to restore .actin encrypted files?

A new variant of Phobos ransomware has been recently detected, using the .actin file extension. Phobos ransomware is very similar to Dharma ransom variants. It’s main goal is to encrypt the files on your computer adding the .actin extension in the process and making them unopenable, until you pay the criminals a ransom fee. The virus also ads a ransom note similar to the older Dharma ransomware variants, containing the ransom instructions. If your computer was recently infected by the Phobos variant of Dharma ransomware, then we recommend that you read this article thoroughly.

Threat Summary

Name.actin Files Virus
TypeRansomware, Cryptovirus
Short DescriptionA variant of Phobos ransomware. Encrypts files and denies access to them until the victim pays ransom.
SymptomsFiles are encrypted and have the .actin extension.
Distribution MethodSpam Emails, Email Attachments, Executable files
Detection Tool See If Your System Has Been Affected by .actin Files Virus

Download

Malware Removal Tool

User ExperienceJoin Our Forum to Discuss .actin Files Virus.
Data Recovery ToolWindows Data Recovery by Stellar Phoenix Notice! This product scans your drive sectors to recover lost files and it may not recover 100% of the encrypted files, but only few of them, depending on the situation and whether or not you have reformatted your drive.

.actin Files Virus – How Did I Get It and What Does It Do?

Usually, ransomware viruses, like the .actin one use one very cunning method to spread – by sending e-mails that contain virus e-mail attachments. These attachments have the primary goal of getting victims to open them In order to get infected. To reach it’s end goal, the attachment in question may seem like it is an important invoice, receipt or a document of utmost urgency to be opened.

Either way, once a victim becomes compromised, the .actin virus may begin to change the file extensions of the following file types:

  • Documents.
  • Pictures.
  • Videos.
  • Images.
  • Audio files.
  • Archives.
  • Files, used by installed programs.

Once the files are encrypted, they are appended the .actin file extension along which is also a unique victim id and the e-mail of the crooks. The files start to look like the following:

In addition to the files, the Phobos virus adds the old Dharma ransom note:

In addition to this, Phobos ransomware also performs the following malicious acitivites on the computers, compromised by it.

  • Creates mutexes.
  • May add registry values in the following registry sub-keys.
  • May check if it is running on a virtual or a real environment.

Remove .actin Ransomware and Try to Restore Files

To remove .actin ransomware, it is strongly reccomended to follow the removal instructions underneath this article. They have been created with the main idea to help you remove this virus either manually or automatically. If the first two manual removal steps do not seem to work, then we recommend that you remove .actin automatically with the aid of an advanced anti-malware software. Such tool will scan your computer and remove any viruses currently present on it.

If you want to try and restore .actin files, you should first back them up on a USB stick or some other external drive and then try the alternative file recovery methods below. They might work for some of your files, but not every file.

Ventsislav Krastev

Ventsislav has been covering the latest malware, software and newest tech developments at SensorsTechForum for 3 years now. He started out as a network administrator. Having graduated Marketing as well, Ventsislav also has passion for discovery of new shifts and innovations in cybersecurity that become game changers. After studying Value Chain Management and then Network Administration, he found his passion within cybersecrurity and is a strong believer in basic education of every user towards online safety.

More Posts - Website

Leave a Comment

Your email address will not be published. Required fields are marked *

Time limit is exhausted. Please reload CAPTCHA.

Share on Facebook Share
Loading...
Share on Twitter Tweet
Loading...
Share on Google Plus Share
Loading...
Share on Linkedin Share
Loading...
Share on Digg Share
Share on Reddit Share
Loading...
Share on Stumbleupon Share
Loading...