Skip to content
  • Active
  • Severity: High
  • Ransomware
  • Windows
  • Verified · Sep 2018

How to remove NOT_OPEN LOCKER ransomware

A step-by-step removal guide for affected devices. Follow the verified procedure below — most readers complete it in under 10 minutes.

Lucia Danes · Virus researcher

NOT_OPEN LOCKER is a ransomware which is classified as a new version of Everbe virus

NOT_OPEN LOCKER ransomware image

NOT_OPEN LOCKER ransomware is a file-encrypting virus which emerged from Everbe ransomware virus. Once it enters the system, this crypto-malware starts encrypting data and files are marked with .[notopen@countermail.com].NOT_OPEN extension. Victims receive !_HOW_RECOVERY_FILES_!.txt ransom note which urges to contact the criminals via notopen@countermail.com email address. 

Name NOT_OPEN LOCKER
Type Ransomware
Danger level High. Makes data unreadable
Precursor Everbe ransomware
Extension .[notopen@countermail.com].NOT_OPEN
Email address notopen@countermail.com
Amount of the ransom Unknown
Ransom note !_HOW_RECOVERY_FILES_!.txt
Decryption tools Official NOT_OPEN LOCKER decryption software is still under development
Distribution It is distributed via infected spam emails
Removal The only way to uninstall NOT_OPEN LOCKER ransomware is to get a robust antivirus. Additionally, you can get rid of the virus damage with FortectIntego

Usually, malicious programs like NOT_OPEN LOCKER virus enter the system if one opens an infected email attachment. Once clicked, it drops the payload and starts encrypting valuable information. After data encryption[1], all files become unusable, and victims merely can see the ransom note. Here is the fraction of it:

2. [ HOW TO RECOVERY FILES? ]
To receive the decryption program write to email: notopen@countermail.com
And in subject write your ID: ID-902d495a94
We send you full instruction how to decrypt all your files.
If we do not respond within 24 hours, write to the email: not.open@mailfence.com

Criminals behind NOT_OPEN LOCKER malware inform people about the infection and urge to contact them via one of the identified email addresses. Additionally, they try to gain users' trust by promising to decrypt up to three files for free. However, experts warn that hackers should not be trusted. 

NOT_OPEN LOCKER ransomware illustration

We advise you to NEVER pay the ransom as there are alternative ways how to decrypt files which are encrypted by NOT_OPEN LOCKER ransomware. Although, first you should remove NOT_OPEN LOCKER virus from your computer with a professional antivirus. 

Researchers have prepared guidelines which can help you restore encoded files after NOT_OPEN LOCKER removal. You can find them at the end of this article or install FortectIntego to fix virus damage. 

Spam emails carry malicious programs inside

It is essential to understand that spam emails might be dangerous and include either malicious scripts or payloads of malware. This is the primary distribution source for ransomware and similar cyber threats. Therefore, you should learn how to identify a potential attempt to infiltrate malware.

Usually, spam emails might look legitimate and innocent. Criminals design them to resemble well-known companies or brands. Likewise, they may even include a logo or other recognizable item. However, malicious emails also try to create urgency to open an attachment or click on the link.

If you have any suspicions, you should contact the company directly and ask to confirm the electronic letter. Furthermore, avoid clicking on unknown commercial content online, such as ads, banners[2], surveys or unverified links. 

NOT_OPEN LOCKER ransomware elimination guidelines

Researchers[3] note that ransomware-type infections are the most dangerous ones. Thus, regular computers might not be able to remove NOT_OPEN LOCKER on their own and even damage their system. The best option is to get professional help to deal with file-encrypting viruses.

You should install a reliable anti-malware for NOT_OPEN LOCKER removal. You can either use one from the list below or pick your own. Run a full systems scan and let it identify ransomware-related files. Later, put them into quarantine and delete permanently.

If you are unable to download and install the security tool, boot your computer into Safe Mode. Instructions showing how to do it are appended below together with alternative file recovery steps. Please, be attentive and follow them strictly to avoid any potential damage to your system.

Be the first to comment

Spyware news
Privacy preferences

We use cookies to improve your experience and analyze traffic. Some cookies enable embedded content like videos and social posts. Choose what you allow — you can change this anytime.