Serpico Ransomware

What is Serpico Ransomware?

Serpico Ransomware is a malicious program that encrypts data and lets its victims know about it by playing a record in which a computer generated voice is reading the ransom note. Unfortunately, the text is not in English, so you may be unable to understand it. It says that you have to pay 50 euros to get a decryptor. Instead of giving the instructions on how to transfer the money, the infection’s developers demand users to email them. However, putting up with their demands could be a bad idea since there are no assurances that Serpico Ransomware’s will deliver the promised tool. Luckily, there is no need to make any rash decisions. Therefore, you should read more about the malware first and then if you decide to erase it, have a look at the removal instructions below.testtest

Where does Serpico Ransomware come from?

It appears to be that the malicious application might be spread through Spam emails. Unfortunately, the infected files could look like PDF, Microsoft Word, or other documents, so users can easily launch it without even realizing it. You should never open an attachment that comes from an unknown source or is classified as Spam. Before you launch it, the file should be scanned with a reliable antimalware tool.

How does Serpico Ransomware work?

As soon as the malicious file is opened, Serpico Ransomware could create a copy of itself on user’s Desktop. The rest of its data should appear under the folder named as Serpico in the %USERPROFILE% directory. Since this folder is hidden, users cannot see it until they enable the Show hidden files, folders, and drives feature.

Afterward, the malicious application should begin the encryption process for which it uses a cryptosystem called AES. Serpico Ransomware can encrypt your videos, music files, images, and other types of personal data. What is unusual about this threat is that it does not apply any extensions to the files it locks. Thus, you might realize that something is wrong with data on the computer only after trying to launch a couple of your personal files. Unless, you understand the ransom note, which is written in the Serbo-Croatian language. The note appears on Desktop wallpaper, and the user can also hear it through his speakers or headphones. That is because the malware plays a record titled as sound.wav. It is one of the five files located in the hidden folder.

According to the text, you have to contact the malware’s creators to find out how to transfer the requested 50 euros and receive the decryption tools. If you are thinking about this option, you have to realize that the money will have to be transferred first. In other words, you would have to depend on a promise made by some cyber-criminal, so there are no reassurances that the tool will be actually delivered.

How to eliminate Serpico Ransomware?

Serpico Ransomware might place some of its data in a hidden folder, so for you to be able to remove it manually, it is essential to enable Show hidden files, folders, and drives. Besides the hidden folder, there could be a few other files that users should be erased. For more detailed instructions, check the instructions below. The provided steps will list all files that you should delete and their directories too. Plus, the instructions will show you how to make hidden data visible. There is also another option that might be easier for inexperienced users. What we have in mind, is legitimate antimalware software with a scanning tool. Just install it on the infected computer, set it to scan the system, and click the removal button once it appears.

Enable Show hidden files, folders, and drives

Windows 8/10

  1. Press Windows Key+E and chose the View tab.
  2. Click Options and press Change folder and search options.
  3. Select the View tab, mark Show hidden files, folders and drives.
  4. Press OK.

Windows 7/Vista/XP

  1. Navigate to Start and open Control Panel.
  2. Select Appearance and Personalization or Appearance and Themes for Windows XP.
  3. Choose Folder Options and click the View tab.
  4. Select Show hidden files, folders and drives or Show hidden files and folders for Windows XP.
  5. Click OK.

Erase Serpico Ransomware

  1. Press Ctrl+Alt+Delete and select the Task Manager.
  2. Find a process called MotoxUnlocker.exe or Serpico.exe.
  3. Mark this process and press the End Task button.
  4. Close the Task Manager.
  5. Press Windows Key+E to open the Explorer.
  6. Locate this path %USERPROFILE%\Desktop
  7. Look for a file named as MotoxUnlock.exe, right-click it and press Delete.
  8. Navigate to this directory %USERPROFILE%
  9. Locate a folder titled as Serpico (it should contain listed files: bg.jpg, key.pkm, Serpico.exe, sound.wav, total.pkm).
  10. Right-click the folder and press Delete.
  11. Locate and erase the malicious file that infected the computer.
  12. Close the Explorer.
  13. Empty the Recycle bin.
100% FREE spyware scan and
tested removal of Serpico Ransomware*

Leave a Comment

Enter the numbers in the box to the right *