Prodecryptor spreads by bad torrents, corrupted websites and email attachments, and other misleading techniques.
Once inside a computer, will encrypt the computer users' files, which will provide its perpetrators with an argument to demand a ransom payment if its victims want their files back.
To display its ransom message, Prodecryptor uses a pop-up window containing a text file named 'ReadME-Prodecryptor@gmail.com.txt,' which has the following, short message:
All your files have been encrypted due to security problem with your PC. if you want to restore them, write us to the E-mail Prodecryptor@gmail.com You have ti pay for decryption in Bitcoins. The price depend on how fast your write us. After payment we will send you the decryption tool that will decrypt all your files.
The Prodecryptor Ransomware can compromise various file types and extensions. Some of the most targeted files by the Prodecryptor Ransomware attack include:
.1c, .3fr, .accdb, .ai, .arw, .bac, .bay, .bmp, .cdr, .cer, .cfg, .config, .cr2, .crt, .crw, .css, .csv, .db, .dbf, .dcr, .der, .dng, .doc, .docm, .docx, .dwg, .dxf, .dxg, .eps, .erf, .gif, .htm, .html, .indd, .iso, .jpe, .jpeg, .jpg, .kdc, .lnk, .mdb, .mdf, .mef, .mk, .mp3, .mp4, .mrw, .nef, .nrw, .odb, .ode, .odm, .odp, .ods, .odt, .orf, .p12, .p7b, .p7c, .pdd, .pdf, .pef, .pem, .pfx, .php, .png, .ppt, .pptm, .pptx, .psd, .pst, .ptx, .r3d, .rar, .raw, .rtf, .rw2, .rwl, .sql, .sr2, .srf, .srw, .tif, .wb2, .wma, .wpd, .wps, .x3f, .xlk, .xls, .xlsb, .xlsm, .xlsx, .zip.