How to remove Prometheus ransomware


What is Prometheus ransomware

Prometheus is a ransomware that encrypts files found on user`s device using the AES + RSA encryption algorithm, in order to then demand a ransom in BTC to get the files back. The extension is added to encrypted files (MS Office documents, OpenOffice, PDF, text files, databases, photos, music, videos, image files, archives). [XXX-XXX-XXXX]
Each encrypted file has the word GotAllDone at the end of the code. Prometheus ransomware spreads by hacking via email spam and malicious attachments, fake updates.

decrypt gotalldone

After encrypting files, virus creates a file RESTORE_FILES_INFO.txt , which contains a note from the developers:

YOUR COMPANY NETWORK HAS BEEN HACKED
All your important files have been encrypted!
Your files are safe! Only modified.(AES)
No software available on internet can help you.
We are the only ones able to decrypt your files.
——————————————————————————–
We also gathered highly confidential/personal data.
These data are currently stored on a private server.
Files are also encrypted and stored securely.
——————————————————————————–
As a result of working with us, you will receive:
Fully automatic decryptor, all your data will be recovered within a few hours after it’s run.
Server with your data will be immediately destroyed after your payment.
Save time and continue working.
You will can send us 2-3 non-important files and we will decrypt it
for free to prove we are able to give your files back.
——————————————————————————–
!!!!!!!!!!!!!!!!!!!!!!!!
If you decide not to work with us:
All data on your computers will remain encrypted forever.
YOUR DATA ON OUR SERVER AND WE WILL RELEASE YOUR DATA TO PUBLIC OR RE-SELLER!
So you can expect your data to be publicly available in the near future..
The price will increase over time.
!!!!!!!!!!!!!!!!!!!!!!!!!
——————————————————————————–
It doesn’t matter to us what you choose pay us or we will sell your data.
We only seek money and our goal is not to damage your reputation or prevent your business from running.
Write to us now and we will provide the best prices.
Instructions for contacting us:
_________________________________________________________________
You have two ways:
1) [Recommended] Using a TOR browser!
a. Download and install TOR browser from this site: https://torproject.org/
b. Open the Tor browser. Copy the link: http://promethw27cbrcot.onion/ticket.php?track=141-5D9-Y*** and paste it in the Tor browser.
c. Start a chat and follow the further instructions.
2) If TOR blocked in your country, try to use VPN! But you can use our secondary website. For this:
a. Open your any browser (Chrome, Firefox, Opera, IE, Edge)
b. Open our secondary website: http://prometheusdec.in/ticket.php?track=141-5D9-Y***
c. Start a chat and follow the further instructions.
Warning: secondary website can be blocked, thats why first variant much better and more available.
_________________________________________________________________
Attention!
Any attempt to restore your files with third-party software will corrupt it.
Modify or rename files will result in a loose of data.
If you decide to try anyway, make copies before that
Key Identifier:
WMl+7qUDjFv06R+4Mn7wwRJLGABA4jRM*** [всего 684 знака]

remove prometheus ransomware

With the help of such a note, developers are trying to lure money by promising to decrypt the affected files. However, such a letter cannot be trusted because it creates a note to illegally extort money. There is no guarantee that the virus will return the files to you as they were. Prometheus needs to be removed.
There are 2 options for solving this problem. The first is to use an automatic removal utility that will remove the threat and all instances related to it. Moreover, it will save you time. Or you can use the Manual Removal Guide, but you should know that it might be very difficult to remove Prometheus ransomware manually without a specialist’s help.
If for any reason you need to recover deleted or lost files, then check out our article Top 5 Deleted File Recovery Software

Prometheus Removal Guide

Warning alert
Remember that you need to remove Prometheus Ransomware first and foremost to prevent further encryption of your files before the state of your data becomes totally useless. And only after that, you can start recovering your files. Removal must be performed according to the following steps:

  1. Download Prometheus Removal Tool.
  2. Remove Prometheus from Windows (7, 8, 8.1, Vista, XP, 10) or Mac OS (Run system in Safe Mode).
  3. Restore Prometheus files
  4. How to protect PC from future infections.

How to remove Prometheus ransomware automatically:

NORTON3
Orientation: 1
I want to remove it

Norton is a powerful antivirus that protects you against malware, spyware, ransomware and other types of Internet threats. Norton is available for Windows, macOS, iOS and Android devices. We recommend you to try it.

If you’re Mac user – use this.

Manual Prometheus Removal Guide

Here are step-by-step instructions to remove Prometheus from Windows and Mac computers. Follow these steps carefully and remove files and folders belonging to Prometheus . First of all, you need to run the system in a Safe Mode. Then find and remove needed files and folders.

Uninstall Prometheus from Windows or Mac

Here you may find the list of confirmed related to the ransomware files and registry keys. You should delete them in order to remove virus, however it would be easier to do it with our automatic removal tool. The list:

Prometheus .dll
_readme.txt
readme.txt

Windows 7/Vista:

  1. Restart the computer;
  2. Press Settings button;
  3. Choose Safe Mode;
  4. Find programs or files potentially related to Prometheus by using Removal Tool;
  5. Delete found files;

Windows 8/8.1:

  1. Restart the computer;
  2. Press Settings button;
  3. Choose Safe Mode;
  4. Find programs or files potentially related to Prometheus by using Removal Tool;
  5. Delete found files;

Windows 10:

  1. Restart the computer;
  2. Press Settings button;
  3. Choose Safe Mode;
  4. Find programs or files potentially related to Prometheus by using Removal Tool;
  5. Delete found files;

Windows XP:

  1. Restart the computer;
  2. Press Settings button;
  3. Choose Safe Mode;
  4. Find programs or files potentially related to Prometheus by using Removal Tool;
  5. Delete found files;

Mac OS:

  1. Restart the computer;
  2. Press and Hold Shift button, before system will be loaded;
  3. Release Shift button, when Apple logo appears;
  4. Find programs or files potentially related to Prometheus by using Removal Tool;
  5. Delete found files;

How to restore encrypted files

You can try to restore your files with special tools. You may find more detailed info on data recovery software in this article – recovery software. These programs may help you to restore files that were infected and encrypted by ransomware.

Restore data with Stellar Data Recovery

Stellar Data Recovery is able to find and restore different types of encrypted files, including removed emails.

  1. Download and install Stellar Data Recovery
  2. Choose drives and folders with your data, then press Scan.
  3. Select all the files in a folder, then click on Restore button.
  4. Manage export location. That’s it!
Download Stellar Data Recovery

 

Aiseesoft Data Recovery

Download Aiseesoft Data Recovery Aiseesoft Data Recovery recovers deleted files (like photos, documents, emails, audio, video), and also recovers from a computer, hard drive, flash drive, memory card, digital cameras. Recover from accidental deletion, formatted partition, hard drive problem, RAW hard drive, computer crash

We hope this guide was helpful to you. Feel free to leave a comment and tell us what recovery software was (or wasn’t) effective in your case.

How to prevent ransomware infection?

It is always rewarding to prevent ransomware infection because of the consequences it may bring. There are a lot of difficulties in resolving issues with encoders viruses, that’s why it is very vital to keep a proper and reliable anti-ransomware software on your computer. In case you don’t have any, here you may find some of the best offers in order to protect your PC from disastrous viruses.

Malwarebytes

NORTON3
Orientation: 1
I want to remove it

SpyHunter is a reliable antimalware removal tool application, that is able to protect your PC and prevent the infection from the start. The program is designed to be user-friendly and multi-functional.

Leave a Reply

Your email address will not be published. Required fields are marked *