BeethoveN Ransomware

Posted by Lisa Blanc on June 16, 2017

What is BeethoveN Ransomware?

The hackers behind BeethoveN Ransomware are suggesting the user can negotiate the amount of ransom that is supposed to be paid in exchange for the means to unlock the malware’s damaged files. However, we are here to warn you that despite their friendly tone these hackers cannot be trusted, and so we advise you not to contact them at all. Even if you manage to get a smaller price, who is to say these cyber criminals will not ask for more money once they receive the ransom. Not to mention it could appear they cannot provide the needed decryption key or they simply might not bother to send it to the user. Thus, instead of putting up with any demands, our researchers at Anti-spyware-101.com recommend erasing BeethoveN Ransomware at once. Afterward, you could gather the copies you have on removable media devices, cloud storages, or other places, and switch the encrypted files with them.testtesttest

How does BeethoveN Ransomware work?

In the beginning, the infected computer should be searched for targeted data (valuable information to the computer’s user, e.g. his photos, pictures, videos, documents, and so on). Then the malicious application should lock these files with a secure cryptosystem and mark each one of it with .BeethoveN extension. For instance, a locked desktop wallpaper named as flower.jpg would be called flower.jpg.BeethoveN after its encryption. The malware should drop a document with a list of encrypted files too, so there are two ways to check how much damage was done.

At this point, we should say that there are two versions of BeethoveN Ransomware. The first one did not drop any ransom notes or placed a text file with grammar mistakes in the title (FILEUST.txt), while the updated variant should drop a note called FILELIST.txt. There are also differences in the provided messages. The first version did not say how much the user is supposed to pay or how can he contact the hackers to ask for payment instructions. The mistake was fixed in the updated version as it now displays the cyber criminal’s email address (SK1CU3SE3FI7L@yandex.ru) and demands users to pay 400 US dollars in Bitcoins. The same message should be available not only on the ransom note but also on the malicious application’s window, which is supposed to be opened after the encryption process is over.

Just as we said at the beginning of the text, you are welcome to negotiate the price according to the cyber criminals themselves. The problem is, these people cannot be trusted; plus, there are no reassurances and no way to get your money back if they do not deliver the promised decryption key. Therefore, our advice to our readers would be not to risk with savings and remove BeethoveN Ransomware without any hesitation. If you have copies of at least most important files that got encrypted, there is nothing to worry about. As for the rest of your data, perhaps it is not so valuable, and you do not have to risk your money.

How to erase BeethoveN Ransomware?

Before encryption and after it the malicious application should create a couple of files. To remove BeethoveN Ransomware manually, users should erase this data as it is shown in the instructions located below. Note that the infection’s launcher, you most likely downloaded yourself, so we cannot say where it is on your computer. In any case, if you do recall how this file was named, there should be no trouble in finding it. Of course, we can offer another way to get rid of the malware. If the manual deletion looks too complicated, the user could download a legitimate antimalware tool and complete the task with its automatic features. Such software could be of use to you in the future as well because if you keep it up to date it might be able to guard the system even against newer malicious threats.

Eliminate BeethoveN Ransomware

  1. Press Ctrl+Alt+Delete.
  2. Access the Task Manager.
  3. Look for a questionable process related to the malware.
  4. Select this process and press the End Task button.
  5. Leave Task Manager and click Windows key+E.
  6. Search for the infection’s launcher, e.g. in the Desktop, Temporary Files, and Downloads folders.
  7. Right-click the file you suspect to be the threat’s launcher and press Delete.
  8. Go to your Desktop and find files called BeethoveN.exe and FILELIST.txt/FILEUST.txt.
  9. Right-click them separately and click Delete.
  10. Close the File Explorer.
  11. Press Window key+R, insert Regedit and choose OK.
  12. Navigate to HKEY_CURRENT_USER
  13. Look for a key called Environment; it should have a key titled as SAVETHETREES.
  14. Right-click Environment key and select Delete.
  15. Leave the Registry Editor.
  16. Empty the Recycle bin.
  17. Reboot the system. 100% FREE spyware scan and
    tested removal of BeethoveN Ransomware*
Disclaimer
Disclaimer
Trojans

Leave a Comment

Enter the numbers in the box to the right *