Troldesh Ransomware

Posted: June 3, 2015
Threat Metric
Threat Level: 10/10
Infected PCs 26

Troldesh Ransomware Description

Troldesh Ransomware Screenshot 1The Troldesh Ransomware is a file encryption Trojan that modifies the personal data of your computer as a preliminary to holding it for ransom. After its initial attacks, the Troldesh Ransomware also displays telltale ransom messages and other, readily visible symptoms, including a request to open direct, e-mail communication with its developers. However, there is a degree of inherent unreliability in purchasing decryption services from the persons responsible for the original attacks. As a result, malware experts discourage it, instead recommending using anti-malware products for deleting the Troldesh Ransomware, along with typical file backup strategies.

An Open Conversation with Ransomware Admins

The Troldesh Ransomware is a Russia-based Trojan that also includes functions intended for targeting English-speaking victims, with e-mail spam serving as its current mode of public distribution. Opening the accompanying threatening file attachments installs the Troldesh Ransomware onto the compromised PC, allowing the Troldesh Ransomware to scan your hard drive for personal files (such as pictures, audio or spreadsheets). The Troldesh Ransomware then encrypts them, rearranging the internal data of the files so that they're unreadable. The Troldesh Ransomware includes a file renaming function that could make it difficult to identify any individual files. However, malware experts have noted that all affected files can be found broadly via the use of the '=.xtbl' suffix.

After attacking your files, the Troldesh Ransomware displays a dual English-Russian warning message that redirects you to any of its multiple, instructional text files. The contents of these instructions provide the Troldesh Ransomware's most noteworthy divergence from file encryptors like the Critoni Ransomware: The Troldesh Ransomware requests that the victim make personal, e-mail-based contact with its perpetrators. Previously, malware experts have seen most communication methods using automated forms and payment methods, such as Ukash and Web pages designed for the Tor browser.

Unsurprisingly, the ensuing conversations include the same, ultimate consequences seen in other attacks. The Troldesh Ransomware's admins demand the payment of a triple digit ransom (although they can, in theory, be bargained down) in exchange for the decryption of your personal files. They also offer to decrypt one file for free, along with implementing a strict time limit for the payment.

Keeping a File Hostage Situation from Turning Lethal

Prior communications with the Troldesh Ransomware's administrators have led to fee demands of nearly 300 USD, regardless of the types of personal content being encrypted. Furthermore, there are no guarantees of any additional file encryption following after a victim's payment of this ransom, which is one reason malware experts don't recommend it. Remote file backups, such as using a 'cloud' storage server, can provide robust protection from attacks like the Troldesh Ransomware's payload, which limits its file-encrypting scans to your PC's personal hard drive.

No matter if you choose or not to do anything to recover your files, deleting the Troldesh Ransomware, like all threats, should use dedicated anti-malware tools whenever possible. While symptoms of a Troldesh Ransomware infection should be relatively straightforward to notice, prevention can save your files from unnecessary harm. Scanning e-mail attachments that you don't trust implicitly is one of the quickest ways to keep a would-be Trojan dropper from installing Trojans like the Troldesh Ransomware.

Use SpyHunter to Detect and Remove PC Threats

If you are concerned that malware or PC threats similar to Troldesh Ransomware may have infected your computer, we recommend you start an in-depth system scan with SpyHunter. SpyHunter is an advanced malware protection and remediation application that offers subscribers a comprehensive method for protecting PCs from malware, in addition to providing one-on-one technical support service.

Download SpyHunter's Malware Scanner

Note: SpyHunter's free version is only for malware detection. If SpyHunter detects malware on your PC, you will need to purchase SpyHunter's malware tool to remove the malware threats. Learn more on SpyHunter. If you would like to uninstall SpyHunter for any reason, please follow these uninstall instructions. To learn more about our policies and practices, visit our EULA, Privacy Policy and Threat Assessment Criteria.

Why can't I open any program including SpyHunter? You may have a malware file running in memory that kills any programs that you try to launch on your PC. Tip: Download SpyHunter from a clean computer, copy it to a USB thumb drive, DVD or CD, then install it on the infected PC and run SpyHunter's malware scanner.

Home Malware Programs Ransomware Troldesh Ransomware

Leave a Reply

Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter. If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.