Click on screenshot to zoom
Danger level 7
Type: Trojans
Common infection symptoms:
  • Slow Computer
  • System crashes
  • Connects to the internet without permission
  • Installs itself without permissions
  • Can't be uninstalled via Control Panel

Suspended Ransomware

If you make the mistake of letting in Suspended Ransomware, your files are bound to be encrypted. When that happens, you should find the “.SUSPENDED” extension added to the names. Unfortunately, this threat does not enter the operating system in an obvious manner, and those who let it in do so unknowingly. Many remain oblivious as to how this malware got in even after it reveals itself. Our research team has not yet found out how this malware spreads, but you need to be cautious about spam emails, malware bundles, and malware-downloading Trojans. Yes, it is possible that other threats exist on your operating system, which is why you cannot get back to your usual activities as soon as you remove Suspended Ransomware. Once you eliminate this malware, you need to scan your operating system, and if any other threats are found, you need to delete them as well. The bad news is that the recovery of files might be impossible. Of course, even if you cannot restore your personal files, you still need to clean your operating system.

According to our research, Suspended Ransomware is a new variant of the STOP Ransomware. This infection is just as mysterious as the new version. The creator of the infection was using AES and RSA encryption keys to lock up data and the decryption key. Once the files were encrypted, the infection would demand a ransom of $600. This is the exact sum of the ransom that the creator of the malicious Suspended Ransomware asks as well. The demands are made using the “!!!RestoreProcess!!!.txt” file, which is likely to be created on the Desktop, and copies are likely to be placed in the folders containing the corrupted files. The message represented via this file suggests that the files are encrypted using the RSA-1024 key, and that the only way to obtain a decryption key is by sending the TXT file to cyber criminals at suspendedfiles@bitmessage.ch (or suspendedfiles@india.com). The message also informs that the ransom must be paid within 72 hours. Should you pay it? Our research team does not recommend it. Why? Because cyber criminals can say and promise anything to get your money. Most likely, you would not get a decryption key after you paid the huge ransom.

What can save you in a situation where Suspended Ransomware invades the operating system and makes ridiculous ransom payment demands? The only thing that can save you is the backups of your personal files. Hopefully, you use online storage or an external drive to keep your files safe. Even if you do not face a file-encrypting ransomware ever again, you want to keep data backed up because there are thousands of malicious infections that could affect it. Also, there is always a possibility that your computer could be damaged or lost. In any case, you want to back up files to keep them protected. Hopefully, you have that taken care of, and when you delete Suspended Ransomware, you will be able to recover data. If you are not sure whether or not you have backups of the files that were corrupted by the infection, do not check them using your infected computer. The last thing you want is to have your backups compromised by malware as well.

You want to delete Suspended Ransomware as quickly as possible, and before you do that, you do not want to create any new files or check the backups. Without the backups, it is unlikely that you will be able to recover the files. When it comes to the removal, you need to choose how you will erase this malicious threat. Are you leaning more towards manual removal? If you are, you might choose to follow the instructions below, but do not forget to scan your system afterward. You want to make sure you are not leaving any threats behind because that would continue creating security issues. The best solution in this situation, of course, is to install anti-malware software because it is set to automatically remove Suspended Ransomware along with all other threats. Moreover, it is designed to protect you against malware in the future, and that is your main line of defense.

Suspended Ransomware Removal

  1. Find and Delete the malicious .exe file that launched the ransomware. If you cannot find it yourself, utilize a trusted malware scanner to find it for you.
  2. Delete all copies of the ransom note file, !!!RestoreProcess!!!.txt.
  3. Empty Recycle Bin to get rid of the malicious components completely.
  4. Run a full system scan one more time to check if your operating system is clean.
Download Spyware Removal Tool to Remove* Suspended Ransomware
  • Quick & tested solution for Suspended Ransomware removal.
  • 100% Free Scan for Windows
disclaimer
Disclaimer

Post comment — WE NEED YOUR OPINION!

Comment:
Name:
Please enter security code:
This is a captcha-picture. It is used to prevent mass-access by robots.