Remove Prandel Virus Ransomware (+.Prandel File Recovery)

Versato Virus

An attack from a Ransomware virus on your computer would probably not result in any actual damage to the system or to your online virtual security, but it could definitely lead to severe data loss, especially if you have some important files in your computer that haven’t been backed up properly. Here, we will go over the most important traits of this type of nasty infections, focusing our attention on one particular piece of Ransomware malware named Prandel. The reason Prandel will be the central topic of this post is because it is one of the latest representatives of the Ransomware cryptovirus family. Many are the users who have had the misfortune or finding out that all of their data has gotten encrypted by this insidious and sneaky piece of malware. Many of the people reading this are likely among those unfortunate users. Hopefully, by the end of this article, those of you who have had their data sealed by this cryptovirus’ encryption will be able to make an informed and rational decision about how to approach this unpleasant situation in order to deal with it in an optimal way, with as few negative consequences as possible.

The .Prandel virus ransom demands

.Prandel Virus
After the ransomware is done encrypting your files, it will leave a _readme.txt file with instructions.

Of course, the goal of the hackers behind a threat like Prandel, Kovasoh,Cosakos, is none other than making money via blackmailing their victims. Since the only surefire method of opening your encrypted files again is through the use of an access key that corresponds to the specific encryption code placed on your data by the Ransomware, the criminals behind the virus use this to harass and blackmail their victims. They offer you the said key in exchange for a money payment that must be made in some cryptocurrency (usually, in BitCoin). Supposedly, the blackmailers would send you the key the moment they receive your money. Needless to say, you can’t really trust the words of hackers like these. Sending them your money may or may not result in the liberation of your files. The only certain thing if you choose to pay the ransom is that the money you send to the online criminals would be gone for good, and there would be no way of refunding it even if you don’t get to unlock your files afterwards.

.Prandel file recovery – alternative options

.Prandel File
The ransomware will encrypt your files and add .Prandel extension to them.

The biggest problem with Ransomware is that there aren’t really any universal and always-working file-restoration options – as we already pointed out, not even paying the ransom could guarantee that you will get your files back. Still, this doesn’t mean there’s nothing you can try to bring back your data. However, if you are going for some of the alternative methods of data restoration (or even if you aren’t), you will need to first remove the infection. The good news is that, with the aid of the guide we’ve posted below and the advanced removal tool that you will find linked there, you should be able to eliminate the nasty piece of malware. After that, you are advised to visit the second section of the removal guide, where you will learn about several different techniques you can use in order to get some of your data back.

Prandel SUMMARY:

Name Prandel
Type Ransomware
Danger Level  High (Prandel Ransomware encrypts all types of files)
Symptoms Prandel Ransomware is hard to detect and aside from increased use of RAM and CPU, there would barely be any other visible red flags.
Distribution Method  Most of the time, Trojans get distributed through spam e-mails and social network messages, malicious ads, shady and pirated downloads, questionable torrents and other similar methods.


Remove Prandel Ransomware 

1: Preparations

Note: Before you go any further, we advise you to bookmark this page or have it open on a separate device such as your smartphone or another PC. Some of the steps might require you to exit your browser on this PC.

2: Task Manager

Press Ctrl + Shift + Esc to enter the Task Manager. Go to the Tab labeled Processes (Details for Win 8/10). Carefully look through the list of processes that are currently active on you PC.

If any of them seems shady, consumes too much RAM/CPU or has some strange description or no description at all, right-click on it, select Open File Location and delete everything there.

Also, even if you do not delete the files, be sure to stop the process by right-clicking on it and selecting End Process.

3: IP related to Prandel

Go to c:\windows\system32\drivers\etc\hosts. Open the hosts file with notepad.

Find where it says Localhost and take a look below that. 

hosts_opt (1)

If you see any IP addresses there (below Localhost) send them to us here, in the comments since they might be coming from the Prandel.


4: Disable Startup programs

Re-open the Start Menu and type msconfig.

Click on the first search result. In the next window, go to the Startup tab. If you are on Win 10,  it will send you to the Startup part of the task manager instead, as in the picture:

If you see any sketchy/shady looking entries in the list with an unknown manufacturer or a manufacturer name that looks suspicious as there could be a link between them and Prandel , disable those programs and select OK.

5: Registry Editor

Press Windows key + R and in the resulting window type regedit.

Now, press Ctrl + F and type the name of the virus.

Delete everything that gets found. If you are not sure about whether to delete something, do not hesitate to ask us in the comments. Keep in mind that if you delete the wrong thing, you might cause all sorts of issues to your PC.

6: Deleting potentially malicious data – Prandel

Type each of the following locations in the Windows search box and hit enter to open the locations:






Delete everything you see in Temp linked to Prandel RansomwareAbout the other folders, sort their contents by date and delete only the most recent entries. As always, if you are not sure about something, write to us in the comment section.

7: Prandel Decryption

The previous steps were all aimed at removing the Prandel Ransomware from your PC. However, in order to regain access to your files, you will also need to decrypt them or restore them. For that, we have a separate article with detailed instructions on what you have to do in order to unlock your data. Here is a link to that guide.

Daniel Sadakov has a degree in Information Technology and specializes in web and mobile cyber security. He harbors a strong detestation for anything and everything malicious and has committed his resources and time to battling all manners of web and mobile threats. He has founded, a website dedicated to covering the top tech stories and providing useful tips for the everyday user, in an effort to reach and help more people.

Leave a Reply

Your email address will not be published. Required fields are marked *