Tag: .int file extension

How to remove INT ransomware

INT ransom note: ::: Greetings ::: Little FAQ: .1. Q: Whats Happen? A: Your files have been encrypted. The file structure was not damaged, we did everything possible so that this could not happen. .2. Q: How to recover files? A: If you wish to decrypt your files you will need to pay us. .3. Q: What about guarantees? A: Its just a business. We absolutely do not care about you and your deals, except getting benefits. If we do not do our work and liabilities - nobody will cooperate with us. Its not in our interests. To check the ability of returning files, you can send to us any 2 files with SIMPLE extensions(jpg,xls,doc, etc... not databases!) and low sizes(max 1 mb), we will decrypt them and send back to you. That is our guarantee. .4. Q: How to contact with you? A: You can write us to our mailboxes: integra2022@tutanota.com or insomnia1986@tutanota.com .5. Q: How will the decryption process proceed after payment? A: After payment we will send to you our scanner-decoder program and detailed instructions for use. With this program you will be able to decrypt all your encrypted files. .6. Q: If I don’t want to pay bad people like you? A: If you will not cooperate with our service - for us, its does not matter. But you will lose your time and data, cause only we have the private key. In practice - time is much more valuable than money. :::BEWARE::: DON'T try to change encrypted files by yourself! If you will try to use any third party software for restoring your data or antivirus solutions - please make a backup for all encrypted files! Any changes in encrypted files may entail damage of the private key and, as result, the loss all data. This is the end of the note. Below you will find a guide explaining how to remove INT ransomware.

What is INT ransomware?

INT ransomware is a new strain of the Makop virus. As a ransomware program, it encrypts the files of its victims’ computers in order to demand payment for their decryption. However, these programs tend to do more than that; for example leaving a ransom note is pretty essential to this criminal operation.
INT is not an exception to this rule; it leaves a simple, if somewhat lengthy, note called “+README-WARNING+.txt”. You may read the full text of the note on the image above, if you wish. To recap, the hackers simply tell the victim to contact them, and do not mention any specific sum of money.
Files encrypted by INT have their name changed. The virus adds an ID, one of the hackers’ e-mails, and finally the .INT file extension to the names. This is how the virus got its name.
Paying these hackers is generally a bad idea. You will, obviously, lose money, but also open yourself to more attacks in the future, and might not even get your files back at all. So we’ve prepared a guide explaining other ways to remove INT ransomware and decrypt .INT files.

Scroll to top