Severity scale:  
  (99/100)

Black Shades ransomware. How to remove? (Uninstall guide)

removal by Ugnius Kiguolis - - | Type: Ransomware

Black Shades virus: is it really so dangerous?

If you use the Internet daily and read IT news from time to time, you might be aware of the current boom of ransomware. Among the new “celebrities” – Black Shades virus. Like other ransomware, CryptXXX, Green_Ray, this virus is also set to encrypt personal data and coax out money for it. Though it employs an exquisite algorithm, the virus asks for a small amount of money. However, this might be an omen for latter severe outcomes. Thus, do not waste time and start preparing for Black Shades removal. For that purpose, Reimage is a useful tool.

The most striking feature of Black Shades ransomware is that it asks for a surprisingly small amount of ransom – only 30$ dollars. However, if your files are of great importance, you might instantly fall into the trap of hackers and pay the money. Instead, you should try to use data recovery tools, such as PhotoRec or R-studio, and think how to remove Black Shades.

Questions about Black Shades ransomware

Moving on, the threat uses the same encryption method as other infamous viruses – RSA-4096. There are suspicions that the malware is just an experiment released by inexperienced hackers. It might explain why the ransom is so ridiculously small in comparison with other greedy ransomware which demand several hundreds of dollars. After finishing its misdeed, Black Shades malware creates YourID.txt and hacked.txt. They are presented in the English and Russian languages. Regarding the language style of the former version, the cyber criminals do not seem to be native English speakers. On the other hand, such manner of addressing victims might be deliberate.

The note of Black Shades virus

When you read the text file with the instructions, Black Shades urges you to contact silentshade@protomail.com. Afterward, you are advised to enter http://daftoraytg.com and follow further payment instructions. After the money is transferred, hackers ensure the return of the files. After you access the web page, you are redirected to the domain containing Black Shades File Decrypter. It is supposed to decode the files. Summing up, you should not play along with hackers and remain vigilant and concentrate on the elimination process instead.

How did the virus invade the system?

It is likely that menacing trojan, called Blackshades, which struck thousands of users worldwide back in 2010, has been revived. There is a probability that the ransomware used the disguise of this malware. Originally, the malware was used as a tool to control victims’ computers remotely. Therefore, due to the technical characteristics, the trojan comes in handy in hiding Black Shades or any other ransomware. After sneaking into the computer, the trojan releases its terrifying content – the ransomware. In addition, the virus may attempt to infect computers via spam email attachments. If you receive an email which asks you to fill a certain governmental form or take a look at the attached invoice, despite how official it may look, do not open the email nor the attached file. Hackers have become really good at deceiving users with false invoices, emails from a post office, etc.

Black Shades removal method

Taking into account the complex algorithm used by Black Shades virus, the most effective way to deal with Black Shades virus is to terminate it using an anti-spyware program. It is specifically programmed to delete malware, trojans, worms and ransomware. You can be sure that it will locate all scattered files of this menace. We would like to remind you that in order to remove Black Shades completely, it is important to download the newest version of the software so that it could obtain latest virus definitions. If by any chance, you struggle to monitor your computer, and it seems that it is fully overtaken by the virus, use the recovery guidelines displayed below.

Offer
We might be affiliated with any product we recommend on the site. Full disclosure in our Agreement of Use. By Downloading any provided Anti-spyware software you agree to our privacy policy and agreement of use.
do it now!
Download
Reimage (remover) Happiness
Guarantee
Download
Reimage (remover) Happiness
Guarantee
Compatible with Microsoft Windows Supported versions Compatible with OS X Supported versions
What to do if failed?
If you failed to remove virus damage using Reimage, submit a question to our support team and provide as much details as possible.
Reimage is recommended to remove virus damage. Free scanner allows you to check whether your PC is infected or not. If you need to remove malware, you have to purchase the licensed version of Reimage malware removal tool.
More information about this program can be found in Reimage review.

If you decided to select another anti-spyware, uninstall Reimage from your computer.
Press mentions on Reimage
Alternate Software
Malwarebytes
Alternate Software
Malwarebytes

To remove Black Shades virus, follow these steps:

Remove Black Shades using Safe Mode with Networking

  • Step 1: Reboot your computer to Safe Mode with Networking

    Windows 7 / Vista / XP
    1. Click Start Shutdown Restart OK.
    2. When your computer becomes active, start pressing F8 multiple times until you see the Advanced Boot Options window.
    3. Select Safe Mode with Networking from the list Select 'Safe Mode with Networking'

    Windows 10 / Windows 8
    1. Press the Power button at the Windows login screen. Now press and hold Shift, which is on your keyboard, and click Restart..
    2. Now select Troubleshoot Advanced options Startup Settings and finally press Restart.
    3. Once your computer becomes active, select Enable Safe Mode with Networking in Startup Settings window. Select 'Enable Safe Mode with Networking'
  • Step 2: Remove Black Shades

    Log in to your infected account and start the browser. Download Reimage or other legitimate anti-spyware program. Update it before a full system scan and remove malicious files that belong to your ransomware and complete Black Shades removal.

If your ransomware is blocking Safe Mode with Networking, try further method.

Remove Black Shades using System Restore

  • Step 1: Reboot your computer to Safe Mode with Command Prompt

    Windows 7 / Vista / XP
    1. Click Start Shutdown Restart OK.
    2. When your computer becomes active, start pressing F8 multiple times until you see the Advanced Boot Options window.
    3. Select Command Prompt from the list Select 'Safe Mode with Command Prompt'

    Windows 10 / Windows 8
    1. Press the Power button at the Windows login screen. Now press and hold Shift, which is on your keyboard, and click Restart..
    2. Now select Troubleshoot Advanced options Startup Settings and finally press Restart.
    3. Once your computer becomes active, select Enable Safe Mode with Command Prompt in Startup Settings window. Select 'Enable Safe Mode with Command Prompt'
  • Step 2: Restore your system files and settings
    1. Once the Command Prompt window shows up, enter cd restore and click Enter. Enter 'cd restore' without quotes and press 'Enter'
    2. Now type rstrui.exe and press Enter again.. Enter 'rstrui.exe' without quotes and press 'Enter'
    3. When a new window shows up, click Next and select your restore point that is prior the infiltration of Black Shades. After doing that, click Next. When 'System Restore' window shows up, select 'Next' Select your restore point and click 'Next'
    4. Now click Yes to start system restore. Click 'Yes' and start system restore
    Once you restore your system to a previous date, download and scan your computer with Reimage and make sure that Black Shades removal is performed successfully.

About the author

Ugnius Kiguolis
Ugnius Kiguolis - The mastermind

If this free removal guide helped you and you are satisfied with our service, please consider making a donation to keep this service alive. Even a smallest amount will be appreciated.

Contact Ugnius Kiguolis
About the company Esolutions