How to remove Goba ransomware

What is Goba ransomware?

Goba is a ransomware-type virus discovered only a few days ago. It belongs to the STOP/Djvu ransomware family, which means it is similar to other STOP/Djvu viruses, like Qotr. That is because all these viruses share the same template.
As a ransomware program, Goba attempts to make money by encrypting the files on the infected computer. These files cannot be opened or edited in any way unless they’re decrypted. The hackers behind Goba demand money to perform this procedure. The amount of money they demand is quite significant, 980 or 490 US dollars. Evidently, the hackers are hoping that the victim would have enough valuable files to justify this price.
These demands are communicated to the victim through a text file called “_readme.txt”, which you can read on the image above. Please note, however, that this note is not unique to Goba ransomware. All Djvu viruses use the same note. As such, the note can’t be used to identify the ransomware. To do that, you need to check the extension of the encrypted files. Those encrypted by Goba have .goba file extension.
After reading all this, you’re probably wondering whether it’s possible to avoid paying the hackers. And the answer is yes. The guide below will explain how to remove Goba ransomware and decrypt .goba files without even talking to the criminal. Not all files may be recoverable, however.

Scroll to top