Click on screenshot to zoom
Danger level 7
Type: Trojans
Common infection symptoms:
  • Slow Computer
  • System crashes
  • Connects to the internet without permission
  • Installs itself without permissions
  • Can't be uninstalled via Control Panel

Kill Imme

Kill Imme is a relatively new malicious threat that can surprise you and encrypt your personal files only to shock you with the realization that you may never be able to access them again. As a matter of fact, our research shows that this ransomware infection could be a new variant of the infamous Xorist Ransomware. This could be good news in the sense that it is possible that you may find a working file recovery tool on the web. Unfortunately, we cannot confirm yet that this tool would work for this variant, too, but it might be worth a try if you are an advanced user. If not, we suggest that you ask a friend or a professional to help you out on this one. It could also be a way out of this malicious attack if you had a recent backup on a removable hard disk or cloud storage. In any case, we do not advise you to send the insanely high ransom fee to these criminals because there is only little chance that you would actually receive the promised decryption key and the tutorial. We recommend that you remove Kill Imme immediately if you want to be able to use your computer again.

There are two main methods that may be used to distribute this vicious program on the web. First, it is possible that you infect your system with it via a spam e-mail. This mail contains a file attachment that is the executable malicious file that will activate the moment you download it and open it. You may think that you would never do such a thing and you could spot a spam like this from a mile away. But let us beg to differ. As a matter of fact, cyber criminals are always at least one step ahead of spam filters and malware hunters. Therefore, they can still easily trick you. Such a spam can appear to be urgent and very important. Imagine getting a mail from the local authorities, your bank, or your Internet provider. Could you ignore it?

This spam can make you believe that you need to open the attached file in order to have further details regarding this allegedly urgent matter. This attachment can look like an image, a text document, and sometimes may also be a .zip archive. Since running this attachment initiates this malicious attack, when you delete Kill Imme, your files will all be encrypted already. Obviously, this calls for proper protection and prevention if you want to avoid similar future attacks. You should also be more careful every time you are about to open an e-mail because you may let such dangerous programs on board quite easily.

It is also possible that you infect your system with this ransomware by loading a malicious website that contains malicious code, such as Java and Flash. Cyber criminals use so-called Exploit Kits to infect your computer through such pages. These exploit software bugs and security holes existing in older versions. Therefore, the only easy way for you to prevent such an unfortunate infection from happening is to keep all your browsers and drivers updated. Of course, the best way is always to have a professional anti-malware program to protect your PC from all possible malware infections.

This ransomware program may use the same encryption algorithm (XOR or TEA) as its older version, Xorist Ransomware, does. This infection targets your archives, photos, documents, and other important personal files. The encrypted files each get a new extension (".imme.teras.completecrypt" or ".imme"). This malware infection also creates a ransom note text file called "HOW TO DECRYPT FILES.txt" in every affected folder. This note informs you about the attack and that you have to pay a rather high 2 Bitcoins (around 2,463 US dollars) fee if you want to ever use your files again and get the decryption key and tutorial combo from these crooks. You have 72 hours to transfer this money to the wallet address provided in this note as well as to send an e-mail to supfiles@inbox.im with your private ID you can also find in this note. As we have already mentioned, there is little chance that you will get anything for your money. Looking at this high fee, it is also possible that these criminals mainly target companies because no personal user would have this kind of money to pay for some old pictures and documents. You should also consider the fact that by paying any amount of money, you would support cyber criminals to commit further online crimes. All in all, we advise you to act now and remove Kill Imme from your computer.

In order for you to be able to eliminate this dangerous threat, you should find the malicious file that you downloaded and launched. This file could be in default download folders unless you have a specific one where you save files from the net. If you need help with deleting Kill Imme from your system, please use our guide below this article. Do not forget that the removal of this vicious program may not free up your system entirely and that your encrypted files will not be recovered from this. You either need to use a free file recovery tool for Xorist that might work in this case too or you can transfer back your clean backed up files onto your hard disk. We also recommend that you install a decent anti-malware program so that you can automatically defend your PC from any further attack.

How to remove Kill Imme from Windows

  1. Press Win+E to launch File Explorer.
  2. Check these folders for any suspicious executable files you have downloaded recently and could be related to this attack, and delete them:
    %TEMP%
    %USERPROFILE%\desktop
    %USERPROFILE%\downloads
    %APPDATA%
    %LOCALAPPDATA%
  3. If you may have saved the malicious file to any specific folder, find it, and bin it.
  4. Empty your Recycle Bin.
  5. Restart your PC.
Download Spyware Removal Tool to Remove* Kill Imme
  • Quick & tested solution for Kill Imme removal.
  • 100% Free Scan for Windows
disclaimer
Disclaimer

Post comment — WE NEED YOUR OPINION!

Comment:
Name:
Please enter security code:
This is a captcha-picture. It is used to prevent mass-access by robots.