.Cry File Virus Removal

.Cry File Virus Removal.Cry File Virus Removal.Cry File Virus Removal

This page aims to help you remove .Cry for free. Our instructions also cover how any .Cry file can be recovered.

Harmful viruses and other threatening programs are all over the internet and sometimes keeping your PC and files could prove to be a very challenging task. One specific piece of malicious software that stands out from the rest by being so widely spread and difficult to deal with is the infamous .Cry file virus. This is one example of a harmful program/virus that falls under the Ransomware category – those are capable of encrypting your files and documents, which makes you unable to access them. The problem with the Ransomware type is getting bigger with each passing day, as it seems to be very popular among all sorts of hackers and cyber criminals. Newer and more advanced viruses of this kind are being created on a daily basis and .Cry file virus is one of the latest of the type. On top of that, most anti-virus programs are not suited for dealing with Ransomware. This means that if such a virus gets inside your PC, your security software might not be able to detect it, especially if you are not using a high quality anti-virus program. Here, in this article, we will attempt to help our readers get a better grasp of this malicious type of software so that they can fend them off in future. Below this article there is also a possible Ransomware removal guide, however, keep in mind that what works with one virus of this kind might not prove to be as effective with another. There are just no guarantees when it comes to Ransomware.

How do they function?

Probably most of the viruses you have heard of either aim to lay waste to one’s system and PC, spy on them or steal money from their bank accounts. None of these traits apply to a typical Ransomware virus. This type of malicious programs has a somewhat unique agenda, which is also one of the reasons why they are so difficult to deal with. Once .Cry virus penetrates your system’s defenses, it actually starts to copy your files into encrypted copies. This allows it to modify the copies, which in this case means encrypt them. After everything has been copied and locked by a sophisticated encryption, the virus deletes the original files. Sure, they all have been copied, but you cannot access those copies in order to use them. That is where the ransom part comes into play. After .Cry has made sure everything has been encrypted and locked, it displays a message on your screen which demands ransom in return for the code that your PC needs so as to read through the encryption. Detailed instructions on how to make the money transfer are also provided within the message. In most cases, the payment is made in the form of bitcoins. Since this cyber-currency is known for being untraceable, the hackers are able to retain their full anonymity without fear of being exposed. This also means that if you think that you can pay the ransom and later on somehow get your money back through lawsuits, you are gravely mistaken. Once the transfer is made, your money is gone for good.


Obviously, there are not many options to choose from if your files have already fallen prey to the malicious .Cry. Some might think that paying the ransom might not be such a bad idea after all. However, remember that nothing guarantees you that you’d actually get the code from the hacker. After all, it is an anonymous criminal that you’re dealing with. Besides, paying money to a blackmailer would only further encourage them to terrorize more and more people. Thus, our advice for you is to try out our removal guide and even if it does not solve all problems caused by the virus, it is still a much better alternative, as opposed to the Ransom payment.

Additional tips

Whatever the outcome of your current situation, you need to make sure that your machine stays clean and safe in the future. First thing you need to do in order to achieve that is to back all your important data up. Use a separate device that has no connection to the internet such as a flash memory or a portable hard-drive. Next, get yourself a high quality anti-virus program – Ransomware programs often get inside people’s computers with the help of some other nasty virus such as a Trojan Horse. Also, do not visit or download software from any shady or potentially illegal websites and delete without opening any suspicious-looking letters in your e-mail inbox. Last but not least, keep an eye of your PC’s behavior and if you notice anything odd such as unusually high CPU and RAM consumption along with less-than-normal free disk space, shut your PC down ASAP, without attaching any other devices to it, and bring it to a professional – there might be a Ransomware infection.


Name .Cry
Type Ransomware
Danger Level High (Ransomware are by far the worse threat you can encounter)
Symptoms  Increased CPU and RAM consumption for no apparent reason along with unusually little free disk space.
Distribution Method Junk mail, shady/illegal sites and with the help of other malicious viruses.
Detection Tool

Keep in mind, SpyHunter’s malware detection tool is free. To remove the infection, you’ll need to purchase the full version.
More information about SpyHunter and steps to uninstall.

.Cry File Virus Removal


.Cry File Virus Removal

Some of the steps will likely require you to exit the page. Bookmark it for later reference.

Reboot in Safe Mode (use this guide if you don’t know how to do it).

.Cry File Virus Removal

Hold the Start Key and R –  copy + paste the following and click OK:

notepad %windir%/system32/Drivers/etc/hosts

A new file will open. If you are hacked, there will be a bunch of other IPs connected to you at the bottom. Look at the image below:

.Cry File Virus Removal

If there are suspicious IPs below “Localhost” – write to us in the comments.

Type msconfig in the search field and hit enter. A window will pop-up:

.Cry File Virus Removal

Go in Startup —> Uncheck entries that have “Unknown” as Manufacturer.

  • Please note that ransomware may even include a fake Manufacturer name to its process. Make sure you check out every process here is legitimate.

.Cry File Virus Removal

Press CTRL + SHIFT + ESC simultaneously. Go to the Processes Tab. Try to determine which ones are a virus. Google them or ask us in the comments.


Right click on each of the virus processes separately and select Open File LocationEnd the process after you open the folder, then delete the directories you were sent to.

.Cry File Virus Removal

.Cry File Virus Removal

Type Regedit in the windows search field and press EnterOnce inside, press CTRL and F together and type the virus’s Name. 

Search for the ransomware  in your registries and delete the entries. Be extremely careful –  you can damage your system if you delete entries not related to the ransomware.

Type each of the following in the Windows Search Field:

  1. %AppData%
  2. %LocalAppData%
  3. %ProgramData%
  4. %WinDir%
  5. %Temp%

Delete everything in Temp. The rest just check out for anything recently added. Remember to leave us a comment if you run into any trouble!

.Cry File Virus Removal 

How to Decrypt files infected with .Cry

We have a comprehensive (and daily updated) guide on how to decrypt your files. Check it out here.

Did we help? Share your feedback with us so we can help other people in need!


About the author


Brandon Skies

Brandon is a researcher and content creator in the fields of cyber-security and virtual privacy. Years of experience enable him to provide readers with important information and adequate solutions for the latest software and malware problems.

Leave a Comment