The IGAL ransomware is a malicious program that encrypts the personal documents found on the victim’s computer with the “.igal” extension, then displays a message which offers to decrypt the data if payment is made. As predecessors, I am looking for information on how to remove this malicious program. Is there any program to remove this program or is it actually impossible to recover files without a unique key?
Asked
Active
Viewed 113 times
0
-
1Does this answer your question? [Help! Ransomware encrypted my files. What do I do now?](https://security.stackexchange.com/questions/225873/help-ransomware-encrypted-my-files-what-do-i-do-now) – user Jan 20 '21 at 16:38
-
This appears to be a variant of STOP(Djvu) ransomware. You may have some luck with Emsisoft Decrypter. – Simpleton Jan 20 '21 at 19:33
1 Answers
0
You don't remove ransomware, because when you know a ransomware is on your system, it's already too late. You either have good backups in place, or you keep from getting infected. What you can do is to recover from the damage.
If you can recover the files without paying, it depends on how the ransomware was built. Earlier versions had issues with the crypto setup and sometimes you could recover the files without paying, but those cases are getting rarer every day.
You can wait to see if someone breaks its encryption, or pay for the key. There's no other way.
ThoriumBR
- 51,983
- 13
- 131
- 149