X

Remove program responsible for the .aesir file extension

The ransomware that crypts and modifies your files by adding the .aesir file extension is a new version of Locky, a malware that hijacks your files by crypting them so they could ask for a ransom you need to pay to have your files back. Locky usually crypts files whose extensions could show they are important data, such as .pdf, .ppt, .xls, .doc, .jpeg, etc… Some program files (.exe) especially those that belong to video games might also be affected.

As most ransomware, Locky is distributed through e-mail (sent by a botnet) messages containing a malicious attachment. Locky also deletes all backups (shadow copies) done by Windows’ VSS (Volume Snapshot Service), closing all chances of even getting your data back.

If you visit links given by the ransomware responsible for the .aesir file extension, you’ll be sent to a page filled with instructions to pay something between 0.5 BTC (around 200 euros) and 1 BTC (around 400 euros) to get the program to get your files back. There’s no way to make sure this program will actually work, therefore we strongly advice you not to pay anything.

By the time we’re writing this lines, the main infection source for the version of Locky responsible for the .aesir file extension, is e-mail.

View full solution
Michelle Lopez: