What is AG88G Ransomware
Today’s subject is about AG88G crypto-virus encrypting user data using the AES algorithm. The virus is produced by the people who made Matrix ransomware family. Like analogs, it encrypts office documents, photos, archives, audio, and more and then turns their extensions to .ag88g. As it becomes already clear, files cease to be usable. Also, it is worth noting that the cryptovirus deletes backup copies of files and system restore points in order to reduce the likelihood of self-decryption or recovery of files to zero. Below we present the image and content of the note Readme_AG88G.rtf that the virus leaves:
SHIT HАPPENS!
WE HАVE TО INFОRM YОU THАT АLL YОUR FILES WERE ENCRYPTED!
PLEАSE BE SURE, YОUR FILES АRE NОT BRОKEN!
Yоur filеs wеrе еnсrуptеd with strоng сrуptо аlgоrithms.
* Plеаsе nоtе thаt thеrе is nо wау tо dесrуpt уоur filеs withоut uniquе dесrуptiоn kеу аnd spесiаl sоftwаrе. Yоur uniquе dесrуptiоn kеу is sесurеlу stоrеd оn оur sеrvеr.
* Tо dесrуpt уоur dаtа уоu nееd оur spесifiс аutоmаtiс dесrуptiоn tооl аnd уоur uniquе dесrуptiоn kеу.
* Аll уоur filеs wеrе rеnаmеd but аftеr dесrуptiоn prосеss filеnаmеs will bе rесоvеrеd tо оriginаl stаtе. Dаtа struсturе will nоt сhаngе.
* Plеаsе bе surе thаt аll thе аttеmpts tо rесоvеr уоur filеs bу уоursеlf оr using third pаrtу tооls саn rеsult in irrеvосаblе lоss оf уоur dаtа!
WHАT DО YОU NEED TО DО?
First оf аll уоu hаvе tо writе us bу е-mаil:
Оur first е-mаil: SantaGman@criptext.com
Оur sесоnd е-mаil: SantaGman22@protonmail.com
Оur third е-mаil: SantaGman22@tutanota.com
АTTENTIОN!
If уоu wаnt tо rесоvеr уоur dаtа plеаsе writе us tо аll оur е-mаil аdrеssеs!
It is rеаllу impоrtаnt bесаusе оf dеlivеrу prоblеms with sоmе mаil sеrviсеs!
Plеаsе bе surе wе аrе аlwауs in tоuсh аnd rеаdу tо hеlp уоu!
If уоu will nоt rесеivе оur аnswеr in 24 hоurs, plеаsе rеsеnd уоur mеssаgе!
Plеаsе аlwауs сhесk SPАM fоldеr!
* Writе оn English оr usе prоfеssiоnаl trаnslаtоr
In subjесt linе writе уоur pеrsоnаl ID: 5C38708BD2981***
Fоr уоur аssurаnсе уоu саn аttасh up tо 3 smаll еnсrуptеd filеs tо уоur mеssаgе. Wе will dесrуpt аnd sеnd уоu dесrуptеd filеs fоr frее.
* Plеаsе nоtе thаt filеs must nоt соntаin аnу vаluаblе infоrmаtiоn аnd thеir tоtаl sizе must bе lеss thаn 5Mb.
Plеаsе dоn’t wоrrу!
Bе surе thаt уоur dаtа саn bе RESTОRED TОDАY!
Wе аrе in tоuсh 24/7 аnd rеаdу tо hеlp уоu!
If уоu nоt rесеivеd оur аnswеr plеаsе rеsеnd уоur mеssаgе tо аll е-mаil аdrеssеs!
In the note, scammers specify an email address by which the user can contact them. As a rule, the sum of redemption can reach several hundred dollars. An important detail is that all operations must be carried out in a cryptocurrency. In this way, attackers try to avoid prosecution. Be that as it may, we do not recommend you to pay, as there is no guarantee that scammers really decrypt your files. Below you can see our guides to try to delete AG88G and decrypt your files.
The lion’s share of penetrations of threats of this type is the unprotected network settings of the user. As a rule, AG88G appears as an attachment in a spam e-mail or as a false update. Anyway, you need to use paid versions of antiviruses to protect your files and the system as a whole. Below are instructions for removing AG88G.
Well, there are 2 options for solving this problem. The first is to use an automatic removal utility that will remove the threat and all instances related to it. Moreover, it will save you time. Or you can use the Manual Removal Guide, but you should know that it might be very difficult to remove AG88G ransomware manually without a specialist’s help.
If for any reason you need to recover deleted or lost files, then check out our article Top 5 Deleted File Recovery Software
AG88G Removal Guide
Remember that you need to remove AG88G Ransomware first and foremost to prevent further encryption of your files before the state of your data becomes totally useless. And only after that, you can start recovering your files. Removal must be performed according to the following steps:
- Download AG88G Removal Tool.
- Remove AG88G from Windows (7, 8, 8.1, Vista, XP, 10) or Mac OS (Run system in Safe Mode).
- Restore .AG88G files
- How to protect PC from future infections.
How to remove AG88G ransomware automatically:
Norton is a powerful antivirus that protects you against malware, spyware, ransomware and other types of Internet threats. Norton is available for Windows, macOS, iOS and Android devices. We recommend you to try it.
If you’re Mac user – use this.
Manual AG88G Removal Guide
Here are step-by-step instructions to remove AG88G from Windows and Mac computers. Follow these steps carefully and remove files and folders belonging to AG88G. First of all, you need to run the system in a Safe Mode. Then find and remove needed files and folders.
Uninstall AG88G from Windows or Mac
Here you may find the list of confirmed related to the ransomware files and registry keys. You should delete them in order to remove virus, however it would be easier to do it with our automatic removal tool. The list:
AG88G.dll
_readme.txt
readme.txt
Windows 7/Vista:
- Restart the computer;
- Press Settings button;
- Choose Safe Mode;
- Find programs or files potentially related to AG88G by using Removal Tool;
- Delete found files;
Windows 8/8.1:
- Restart the computer;
- Press Settings button;
- Choose Safe Mode;
- Find programs or files potentially related to AG88G by using Removal Tool;
- Delete found files;
Windows 10:
- Restart the computer;
- Press Settings button;
- Choose Safe Mode;
- Find programs or files potentially related to AG88G by using Removal Tool;
- Delete found files;
Windows XP:
- Restart the computer;
- Press Settings button;
- Choose Safe Mode;
- Find programs or files potentially related to AG88G by using Removal Tool;
- Delete found files;
Mac OS:
- Restart the computer;
- Press and Hold Shift button, before system will be loaded;
- Release Shift button, when Apple logo appears;
- Find programs or files potentially related to AG88G by using Removal Tool;
- Delete found files;
How to restore encrypted files
You can try to restore your files with special tools. You may find more detailed info on data recovery software in this article – recovery software. These programs may help you to restore files that were infected and encrypted by ransomware.
Restore data with Stellar Data Recovery
Stellar Data Recovery is able to find and restore different types of encrypted files, including removed emails.
- Download and install Stellar Data Recovery
- Choose drives and folders with your data, then press Scan.
- Select all the files in a folder, then click on Restore button.
- Manage export location. That’s it!
Restore encrypted files using Recuva
There is an alternative program, that may help you to recover files – Recuva.
- Run the Recuva;
- Follow instructions and wait until scan process ends;
- Find needed files, AG88G them and Press Recover button;
How to prevent ransomware infection?
It is always rewarding to prevent ransomware infection because of the consequences it may bring. There are a lot of difficulties in resolving issues with encoders viruses, that’s why it is very vital to keep a proper and reliable anti-ransomware software on your computer. In case you don’t have any, here you may find some of the best offers in order to protect your PC from disastrous viruses.
Malwarebytes
SpyHunter is a reliable antimalware removal tool application, that is able to protect your PC and prevent the infection from the start. The program is designed to be user-friendly and multi-functional.