Remove Troldesh Ransomware without Paying the Ransom

Remove Troldesh Ransomware without Paying the Ransom


Important for Troldesh victims!

Files, encrypted by Troldesh could not be the only harm done to your computer. Troldesh may still be active on your machine and may spread to other computers on your network. To detect if you are still at risk and eliminate the threat, we recommend downloading SpyHunter.

Download SpyHunter 5

Further information on SpyHunter and uninstall guide. Before proceeding, please see SpyHunter’s EULA and Threat Assessment Criteria. The Privacy Policy of SpyHunter can be found on the following link. Bear in mind that SpyHunter scanner is completely free. If the software detects a virus, you can also remove it with a delayed removal or by purchasing SpyHunter’s full version. Also, keep in mind that SpyHunter cannot restore your files and is simply an advanced malware removal software.

Troldesh is ransomware that infiltrates your computer via an infected email, encrypt your files and demands payment in order to provide a decryption code. What’s unique about that virus, however, is that a security researcher succeeded in bargaining the ransom fee with the hacker who has created Troldesh.


How Does Troldesh Ransomware Work?

Troldesh is also known as Encoder.858 or Shade, and once inside your system, it automatically locks your files. An extension .xbtl is added to each encrypted file.

Unlike other ransomware programs that display a warning message the minute they get activated on your system, Troldesh generates a message with instructions only after you try to open any of your encrypted files.

The message usually tells your files are not available until you pay the required amount. Paying the ransom, however, is not the solution. There are reported cases when the ransom has been paid, but the victim never received a decryption fee, or the files have been temporarily unlocked and soon after that the victim received the same warning – that their files are blocked and a payment is required.

Troldesh Hacker Open to Negotiations

Soon after Troldesh gained popularity, Natalia Kolesova, a Russian anti-bot analyst at Check Point, managed to initiate contact with the Russian hacker behind Troldesh.

The ransom fee she was asked to pay was €250. However, she wrote an email to the provided email address and pleaded for a discount. To her surprise, the hacker was open to a discussion and replied.

“By the end of our correspondence, I managed to get a discount of 50 percent,” Kolesova said. “Perhaps if I had continued bargaining, I could have gotten an even bigger discount.”

How to Remove Troldesh without Paying the Ransom

The best way to stay safe against any type of threat is to have your files backed up and to have a powerful anti-malware tool installed.

If your system has already been infected by Troldesh, however, you can still remove it and have your files decrypted without paying the ransom. Simply download a trustworthy anti-virus program that will perform a full system scan, detect the infection and remove it permanently for you.

The free version of SpyHunter will only scan your computer to detect any possible threats. To remove them permanently from your computer, purchase its full version. Spy Hunter malware removal tool additional information.

Leave a Reply

Your email address will not be published. Required fields are marked *

Time limit is exhausted. Please reload the CAPTCHA.