Goofed Ransomware

What is Goofed Ransomware?

Goofed Ransomware is another malicious application based on an open source ransomware known as Hidden Tear. The malware got its name from the extension it appends to its enciphered data, for example, sky.jpg.goofed. If some of your files on the computer where marked by this extension too, we advise you to keep reading this article and learn more details about the threat. As you may already realize, the malicious application’s purpose is to take user's files as hostages, and by creating such an infection, its developers are hoping they will be able to extort money from their victims. Paying the ransom is not something we would advise you to do even if the sum does not look huge or the malware encrypts important data because there is not knowing if its developers will keep up to their promises. In other words, you could be left with nothing. Users who choose to delete Goofed Ransomware instead could follow the instructions available below the text.test

Where does Goofed Ransomware come from?

Our researchers at report they tested one of the Goofed Ransomware’s samples that pretended to be a PDF file. This way the malicious application might trick users into thinking the threat’s launcher is a harmless text document. Nevertheless, since such data would most likely be delivered via Spam emails, you should sense something is not right with it. Email attachments are probably one of the most popular ways to distribute threats like ransomware, so it is no wonder computer security specialists recommend staying away from data sent by someone you are unfamiliar with. Additionally, it would be smart to protect the system by installing a legitimate antimalware tool as it could detect the malicious application in time and eliminate or minimize the damage it could do.

How does Goofed Ransomware work?

As most of the ransomware threats, Goofed Ransomware is programmed to encipher various files belonging to the user. Our researchers say the malware is after data that has the following extensions: .txt, .doc, .docx, .xls, .xlsx, .ppt, .pptx, .odt, .jpg, .png, .csv, .sql, .mdb, .sln, .php, .asp, .aspx, .html, .xml, .psd. However, it seems it can lock only the files located in the %USERPROFILE% directory and its subfolders. It means if the user places his personal data somewhere else, for example, on folders located not on %USERPROFILE% or other drives besides C: disk, such files should not be harmed. Therefore, some users may find it is not worth to pay the ransom or even consider doing so. The hackers’ demands can be found on YOU_DONE_GOOFED.txt that could be dropped on the user’s Desktop.

Needless to explain, paying the ransom would not be advisable in any situation because when dealing with hackers there is always a chance they might trick you. Considering, Goofed Ransomware cannot encipher all files, and it may not even lock any important data the sum it asks to pay seems a bit high, although it could seem small to you. Our researchers say there are ransomware applications that request less than 30 US dollars, so the price of 100 US dollars looks rather large to us. Naturally, it is your choice, but if you do not wish to lose even the smallest amount of your money in vain, we recommend not to put up with any demands and remove the malware at once.

How to erase Goofed Ransomware?

Goofed Ransomware is not supposed to create a lot of data on the infected computer. In fact, our researchers say besides the ransom note there should be a single file belonging to it, and it is the one you might have downloaded via email. If you need any help in removing it manually, the instructions located below will list a few folders where it could have been saved and explain how to get rid of it. The malicious application can also be eliminated with a legitimate antimalware tool too, so if you rather use it than erase the infection manually, you should not hesitate to employ it.

Delete Goofed Ransomware

  1. Tap Ctrl+Alt+Delete.
  2. Launch Task Manager and go to Processes.
  3. Search for a process related to the malicious application.
  4. Mark the suspicious process and click End Task.
  5. Close the Task Manager.
  6. Press Win+E.
  7. Navigate to these directories:
  8. Locate the suspicious file that infected the system.
  9. Right-click this malicious file and press Delete.
  10. Find the ransom note (YOU_DONE_GOOFED.txt) and erase it too.
  11. Close File Explorer.
  12. Empty your Recycle bin.
  13. Restart the computer. 100% FREE spyware scan and
    tested removal of Goofed Ransomware*

Leave a Comment

Enter the numbers in the box to the right *