Remove .guesswho Files Virus

Remove .guesswho Files Virus

Have your files been encrypted with the .guesswho extension? The .guesswho files virus is a new ransomware threat that is currently infecting users.

Threat Summary

Name.guesswho Files Virus
TypeRansomware, Cryptovirus
Short DescriptionThe ransomware encrypts the user’s files and drops a ransom note with instructions.
SymptomsFiles are encrypted and have the .guesswho extension appended to them.
Distribution MethodNot Known
Detection Tool See If Your System Has Been Affected by .guesswho Files Virus


Malware Removal Tool

User ExperienceJoin Our Forum to Discuss .guesswho Files Virus.
Data Recovery ToolWindows Data Recovery by Stellar Phoenix Notice! This product scans your drive sectors to recover lost files and it may not recover 100% of the encrypted files, but only few of them, depending on the situation and whether or not you have reformatted your drive.

.guesswho Files Virus – More Details

Because of the email addresses provided by the cybercriminals behind .guesswho files virus[email protected] or [email protected] – there may be a connection between this ransomware and

Remove Scarab ransomware totally. Follow the .GEFEST Scarab files virus ransomware removal instructions provided at the end of the article.
Gefest Scarab ransomware. The latter used the [email protected] email. However, we cannot confirm that the ransomware viruses are related as we need further details.

What we know so far is that the ransomware utilizes the .guesswho extension which is appended to encrypted files. A victim of the ransomware who got in touch with us shared that the ransom note says the following:

Hello, dear friend!
All your files have been ENCRYPTED
Do you really want to restore your files?
Write to our email – [email protected] or [email protected]
and tell us your unique ID – ID-94PB343W

We will update this article once we know more about the ransomware and we can provide a more detailed analysis. In the meantime, infected users can back up their encrypted files and remove the ransomware via an anti-malware program. The removal of the ransomware is recommended as it will stop the virus of spreading further, and it will also prevent encryption of more files.

Milena Dimitrova

An inspired writer and content manager who has been with SensorsTechForum for 4 years. Enjoys ‘Mr. Robot’ and fears ‘1984’. Focused on user privacy and malware development, she strongly believes in a world where cybersecurity plays a central role. If common sense makes no sense, she will be there to take notes. Those notes may later turn into articles!

More Posts

Leave a Comment

Your email address will not be published. Required fields are marked *

Time limit is exhausted. Please reload CAPTCHA.

Share on Facebook Share
Share on Twitter Tweet
Share on Google Plus Share
Share on Linkedin Share
Share on Digg Share
Share on Reddit Share
Share on Stumbleupon Share