Faizal Ransomware

What is Faizal Ransomware?

If you are not allowed to open a bunch of files, including media files, images, and documents, and they have .gembok at the end, it means that Faizal Ransomware has successfully entered the system. Since it is known to be a crypto-threat, it starts encrypting users’ files right after showing up on their computers. Of course, it scans the computer with the intention of finding those files users consider the most valuable first. Faizal Ransomware is based on Hidden-Tear, an open-source ransomware which was developed for educational purposes, so it should also use the AES (Advanced Encryption Standard) to lock users’ personal data. It is not a simple encryption key, so it is, in most cases, impossible to crack it. Cyber criminals develop ransomware infections using such a strong encryption algorithm not without reason. Their only purpose is to obtain money from users, and they know that the only way to extract money from them is to encrypt important files. Faizal Ransomware demands a ransom after encrypting users’ files too, but you should not make a payment. It is not advisable to transfer the required money, even if it might result in the permanent loss of personal data, because bad people behind Faizal Ransomware might take your money and not send you anything in return. On top of that, by sending cyber criminals what they want, users support the work of the malware development department.

What does Faizal Ransomware do?

Faizal Ransomware is a file-encrypting threat, so it starts working immediately, and, consequently, users find their files encrypted right after its entrance. It might encrypt any file stored on the computer, but it becomes immediately clear which files have been affected by it because those locked ones receive a new extension .gembok. It is appended at the end of the file next to the original filename extension, for example, picture.jpg.gembok. When all files receive a new extension and can no longer be opened by a user, this crypto-threat drops a ransom note PENTING !!!.Htm on Desktop. This ransom note is purely in Indonesian, and there is no English version, so researchers at anti-spyware-101.com have arrived at a conclusion that this ransomware infection targets Indonesian-speaking users primarily. Of course, it does not mean that users who have no command of Indonesian cannot encounter it. Are you reading this article because Faizal Ransomware has already sneaked onto your computer and made files impossible to access? If the answer is yes and you are looking for a solution to the problem here, you need to know first that paying a ransom of 100.000 Rp is not recommended because there are no guarantees that you will get the key to unlock your files. In the opinion of researchers, users should first try to recover files from a backup or use free data-recovery tools. If this does not work, there are only two things left for them. They can either leave those files encrypted and expect specialists to develop a free decryptor soon or risk paying money to cyber criminals behind Faizal Ransomware. You should already know the opinion of our specialists – they are against sending money to malware developers.

Where does Faizal Ransomware come from?

Specialists who have tested Faizal Ransomware are sure that this malicious application enters computers illegally. According to them, this infection might be distributed via malicious attachments in spam emails. Users do not know that a ransomware infection is attached to an email until they open that attachment. Researchers say that cyber criminals might employ other methods to promote this infection too. For example, it might be promoted as a good piece of software/tool/file on dubious third-party pages. Do not download software from dubious pages ever again, and make sure there is a security tool enabled on your computer if your PC is connected to the Internet. If you do as we say, malicious software will not show up on your computer ever again.

How to delete Faizal Ransomware

Faizal Ransomware is not that kind of threat which makes modifications in the system registry or creates files on the affected computer, so all you need to do to erase it is to delete suspicious recently downloaded files. If you cannot remember downloading anything recently, scan your computer with an automatic scanner. Your files will not be automatically unlocked, but you will be sure that Faizal Ransomware will not launch again in the future after its removal.

Remove Faizal Ransomware manually

  1. Press Win+E to open the Windows Explorer.
  2. Go to %USERPROFILE%\Downloads and %USERPROFILE%\Desktop (enter the directory in the URL bar and press Enter to open it).
  3. Delete suspicious files.
  4. Empty the Recycle bin. 100% FREE spyware scan and
    tested removal of Faizal Ransomware*

Leave a Comment

Enter the numbers in the box to the right *