BigEyes Ransomware Add ".Lime" Extension To The Encrypted Files
BigEyes Ransomware is detected as yet another file encrypting ransomware by the malware researchers. Its detection was announced by the security experts recently on 15th January 2018. It follows smart infecting technique to penetrate into your PC to do noxious activities to endanger your most important files. The malware is responsible for encrypting your valuable files such as images, audio, videos, spreadsheets, official doc files, e-books, pdfs, notes and databases etc. The malicious group of developers behind the malicious ransom virus start following the encryption on system after collecting all the mentioned file types. This malware is found to follow standard data encryption on the system to mentioned files. The encoded files can be easily identified with their white color icon and with the file names with added ".Lime" extension along with their originals file names. Then it demand a ransom of $100 USD in Bitcoin (equals to 0.009430 BTC) to "1PNh6dmaUtv96C7ezTdUqVvfWBUYuCBbUM" wallet address. The hackers also send an email address "[email protected]" to the victims to make contact to the hackers to get payment instruction.
| Name | BigEyes Ransomware |
| Ransom Note | 'All your files have been encrypted But You can still recover your files Just send us 100$ Bitcoin, And we will give you your files back After you pay us, send us email [email protected] include your transaction number This is Ransomware, It's not a joke Thanks Bye' |
| Target Files | photo files, music, videos, office files, notes, eBooks and databases |
| Hacker Email | [email protected] |
What Are The Main Reasons Behind The Penetration of BigEyes Ransomware?
Generally the hackers uses several smart infiltration tricks to get into your system and drop infections of BigEyes Ransomware. The hackers uses "BigEyesexe" automatic executable files that might send along with the crafted emails that seems as legitimate comes from a famous company or an official mail. When you download on your system the the hidden executable start running on the system and got infected with the malware. It rapidly spread on entire system. This kind of infections distribution is very common these days so you should always be aware while checking your emails and you are highly suggested to avoid suspicious or spam looking emails because these are the main source of infection distribution on system.
What Should You Do To Deal With BigEyes Ransomware Next?
If system got infected with BigEyes Ransomware then you can not stop it to do their malicious activities. You can only do it by following a successful removal of ransomware. You should use a strong anti-malware to remove BigEyes Ransomware from infected system. Hackers also provide a fake decryptor tool to tricks you but you should not get into their traps. You can follow recovery by running kept backup on the affected system to get all your damaged file back to work on machine with ease.
Free Scan your Windows PC to detect BigEyes Ransomware
Remove BigEyes Ransomware From Your PC
Step 1: Remove BigEyes Ransomware in Safe Mode with Command Prompt
- First of all disconnect your PC with network connection.
- Click restart button and keep pressing F8 key regularly while system restart.
- You will see “Windows Advanced Options Menu” on your computer screen.
- Select “Safe Mode with Command Prompt” and press Enter key.
- You must login your computer with Administrator account for full privilege.
- Once the Command Prompt appears then type rstrui.exe and press Enter
- Now follow the prompts on your screen to complete system restore.
Step 2: Remove BigEyes Ransomware using MSConfig in Safe Mode:
- Power off your computer and restart again.
- While booting press the “F8 key” continuously to open “Windows Advanced Options Menu”.
- Use the arrow keys to select “Safe Mode” option and press Enter key.
- Once system get started go to Start menu. Type “msconfig” in the search box and launch the application.
- Go to the Startup tab and look for files from %AppData% or %Temp% folders using rundll32.exe. See an example below:
C:\Windows\System32\rundll32.exe C:\Users\username\appdata\local\temp\regepqzf.dll,H1N1
- Disable all the malicious entries and save the changes.
- Now restart your computer normally.
Step 3 : Kill Malicious Process Related To BigEyes Ransomware
- Press Alt+Ctrl+Del buttons together.
- It will open the Task manager on your screen.
- Go to Process Tab and find BigEyes Ransomware related process.
- Click the End Process Now button to stop the running process.
Step 4 : Remove BigEyes Ransomware Virus From Registry Entry
- Press “Windows + R” key together to open Run Box.
- Type “regedit” and click OK button.
- Find and remove BigEyes Ransomware related entries.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnceEx
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServicesOnce
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Runonce
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunServices
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunServicesOnce
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run
Now hopefully you have completely removed the BigEyes Ransomware virus from your computer. If you are still get ransom message from the threat or unable to access your files, then it means that virus still remain into your computer. In such situation you don’t have any other option except removing this virus using any powerful malware removal tool.
Whereas if you have any backup of your infected or encrypted files, then you can also reinstall your Windows OS. This will erase all your files and data as along with the BigEyes Ransomware infection. You will get a completely empty computer system with no files. Now you can use your backup to get your files. If you don’t have any backup then using malware removal tool is a better option for you.
If you have any query or question regarding your computer, then you can easily ask your problem to our experts. Go to the Ask Any Question page and get the answer for your query directly from out experts.
Related Posts
Tips To Uninstall Howareyou Ransomware- Dusk Ransomware Deletion: Easy Guide To Uninstall Dusk Ransomware Completely
- Guide To Delete YAYA Ransomware
- Tips For Deleting Bepabepababy Ransomware from Windows 10
- Complete Guide To Uninstall Hupstore Ransomware from Windows 8
- Uninstall F0x ransomware from Windows 10