What is Ransomware?

An Encryption Trojan is a so-called Ransomware Trojan that encrypts the entire PC or individual data. They are also colloquially called cryptotrojans or ransom trojans. The ransom Trojan then asks you to pay a ransom in order to decrypt the data again.

Often you will also be asked to pay the ransom within a short time window, otherwise the ransom will double or the data will remain encrypted forever. In all cases – keep calm and call in experts as quickly as possible!


By loading the video, you agree to YouTube's privacy policy.
Learn more

Load video

How do i know if my system is infected by ransomware?

  • There are a number of signs pointing to a ransomware infection:
  • You receive a message that your data is encrypted and that you have to pay a ransom.
  • The names of your files or file extensions change suddenly
  • Your desktop wallpaper has suddenly disappeared
  • Your CPU utilization is 100%, although you hardly use any applications
  • Your computer reacts very slowly to commands
  • The hard disk seems to process data without pause
  • Your virus protection is deactivated and cannot be started

These are some of the best known encryption trojans. Removing an Encryption Trojan and restoring the data is not possible for all of them, because there are big differences in the versions of the Trojans.

  • GandCrab
  • REvil
  • Locky
  • WannaCry
  • PCLock
  • Maktub
  • TeslaCrypt
  • Cerber
  • DMA Locker
  • Coverton
  • CTB Locker
  • KeRanger
  • LeChiffre
  • Shade
  • Rannoh
  • Marsjoke
  • QNPCrypt
  • Ryuk
  • FBIRansomWare
  • WanaCryptor
  • CrySiS
  • Odin
  • CryptoWall
  • TorrentLocker
  • Goldeneye Ransomware
  • Thor
  • CryptoLocker
  • Zepto
  • CoinVault
  • Wildfire
  • Chimera
  • Rakhni

Ransomware Recovery. What should I do?

Shut down your computer immediately in the normal way. Under no circumstances should you switch off the computer using the POWER button, as this can damage your data. Cryptotrojans work their way from file to file. By switching off your computer immediately, it can be that the just encrypted file is not recoverable.

You should disconnect the network plug immediately and disconnect WLAN connections immediately. This will prevent the file from spreading further over your network. Also remove all data storage devices such as external hard drives, USB sticks and disconnect connections to online cloud storage services such as Google Drive or Dropbox.

Do not try to remove the Ransomware Trojan on your own. Many variants of Ransomware have anti-virus detection. As soon as the Ransomware detects that removal measures are taking place, decryption of your data often becomes impossible.

Do not pay the required ransom. There is no guarantee that your data will be decrypted. First, check carefully which Ransomware needs to be removed.

You should leave the removal of Ransomware and the subsequent Ransomware recovery of your valuable data exclusively to experts.

BeforeCrypt can help you as a serious and sovereign partner with an infection by Ransomware and remove these. Thanks to our experience and knowledge, we are able to recover 100% of your encrypted data in most cases.

Why should i trust BeforeCrypt?

An Ransomware Attack is an unpleasant matter in which we support you professionally.

BeforeCrypt has been around since 2004 and we have been able to help hundreds of private and business customers with their Ransomware data recovery.

  • Comprehensive knowledge and experience in the field of Ransomware and data recovery
  • A personal contact person supports you in the recovery of encrypted data
  • High data protection – We take the protection of your data very seriously and treat it strictly confidential
  • Established since 2004 as an IT service provider.
  • 24/7 Emergency service – In particularly critical cases, recovery can begin immediately
  • Remove Encryption Trojan & Recover Data – We remove the Trojan and decrypt your data

Keep calm! Contact us, we can help you!

Cryptowall - Ransomware Recovery
DMA - Ransomware Recovery
Locky - Ransomware Recovery
Carber Ransomware Recovery
Maktub - Ransomware Recovery
padcrypt - Ransomware Recovery