The goal of a Ransomware cryptovirus like Londec is to make your data inaccessible to you, so that the hackers behind the infection can force you to make a ransom payment to them by telling you this is the only way you can recover your files. This is a commonly employed money extortion scheme and each day thousands of users face the unpleasant consequences of the Ransomware attacks. Londec is nothing but the latest representative of this malicious software family. Our goal here is to inform you about this characteristics and about the things you can do in order to deal with this threat in the best way possible. However, it must be noted that full recovery of all of your data may not always be an option. Keep in mind that Ransomware uses an advanced file-encryption method as a means of making the files in your computer inaccessible – this file encryption can only be fully removed with the help of the corresponding decryption key. However, this key is held by the hackers who have created the malware. It is this key that you are supposed to pay a ransom for. We must tell you, however, that the ransom payment isn’t really a course of action we’d advise you to take – you may simply lose your money and still not manage to bring your data back.
Fighting the Londec virus
The first thing we advise our readers to do if they face an encryption virus like Londec is to remove the malware. Otherwise, you may not be able to create new files in your machine without them getting locked by the malware. Also, if you connect some external device to your computer, the files in it may get locked up as well, making the matters even worse. This is why it is so important to get rid of the threat before trying to recover your data. The guide below will help you with the quick and effective elimination of the Londec Ransomware – just follow the steps, or use the recommended anti-malware tool for automatic removal of the infection.
What about the .Londec file encryption?
The issue with most Ransomware encryption-viruses like Londec, Masok, Prandel is that their encryption won’t go away even if the malware gets removed. To restore your files, you will need to try some of the suggested alternative restoration methods available in the second part of our guide. However, unfortunately, we can’t guarantee the success of those methods. They may or may not work and it all depends on the specific case of Ransomware infection. The good news is that those methods won’t cost you anything an you won’t have to pay a ransom in order to try them. One thing you may have forgotten due to panic and stress is checking your other devices for some safe and accessible copies of your files. If you find any such copies, simply copy them back onto your computer after you remove the virus.
|Danger Level||High (Londec Ransomware encrypts all types of files)|
|Symptoms||Londec Ransomware is hard to detect and aside from increased use of RAM and CPU, there would barely be any other visible red flags.|
|Distribution Method||Most of the time, Trojans get distributed through spam e-mails and social network messages, malicious ads, shady and pirated downloads, questionable torrents and other similar methods.|
Londec Ransomware Removal
Note: Before you go any further, we advise you to bookmark this page or have it open on a separate device such as your smartphone or another PC. Some of the steps might require you to exit your browser on this PC.
2: Task Manager
Press Ctrl + Shift + Esc to enter the Task Manager. Go to the Tab labeled Processes (Details for Win 8/10). Carefully look through the list of processes that are currently active on you PC.
If any of them seems shady, consumes too much RAM/CPU or has some strange description or no description at all, right-click on it, select Open File Location and delete everything there.
Also, even if you do not delete the files, be sure to stop the process by right-clicking on it and selecting End Process.
3: IP related to Londec
Go to c:\windows\system32\drivers\etc\hosts. Open the hosts file with notepad.
Find where it says Localhost and take a look below that.
If you see any IP addresses there (below Localhost) send them to us here, in the comments since they might be coming from the Londec.
4: Disable Startup programs
Re-open the Start Menu and type msconfig.
Click on the first search result. In the next window, go to the Startup tab. If you are on Win 10, it will send you to the Startup part of the task manager instead, as in the picture:
If you see any sketchy/shady looking entries in the list with an unknown manufacturer or a manufacturer name that looks suspicious as there could be a link between them and Londec , disable those programs and select OK.
5: Registry Editor
Press Windows key + R and in the resulting window type regedit.
Now, press Ctrl + F and type the name of the virus.
Delete everything that gets found. If you are not sure about whether to delete something, do not hesitate to ask us in the comments. Keep in mind that if you delete the wrong thing, you might cause all sorts of issues to your PC.
6: Deleting potentially malicious data – Londec
Type each of the following locations in the Windows search box and hit enter to open the locations:
Delete everything you see in Temp linked to Londec Ransomware. About the other folders, sort their contents by date and delete only the most recent entries. As always, if you are not sure about something, write to us in the comment section.
7: Londec Decryption
The previous steps were all aimed at removing the Londec Ransomware from your PC. However, in order to regain access to your files, you will also need to decrypt them or restore them. For that, we have a separate article with detailed instructions on what you have to do in order to unlock your data. Here is a link to that guide.