Jigsaw Ransomware Virus Removal (.Fun)

This page aims to help you remove the Jigsaw Ransomware Virus. These the Jigsaw Ransomware Virus removal instructions work for all versions of Windows.

Ransomwares are among the most dangerous things that can happen to your computer that don’t involve physical destruction. What sets them apart from other viruses is the fact that they encrypt the files on your PC and then demand a ransom for them – hence the name.

Unfortunately, there’s little to no way of knowing you’ve been infected before it’s too late and you’ve lost access to your files. If, however, you do suspect there might be something amiss with your PC, it might be because it’s running extremely slow. The best way to check whether you do, in fact, have the Jigsaw Ransomware Virus installed on your computer is to search the Task Manager for processes using the most RAM. In case you notice something suspicious, shut down your computer immediately and seek help from a professional. As pointed out – the Jigsaw Ransomware Virus is an extremely dangerous malware that can cause extensive damage to the data stored on your machine.

How the Jigsaw Ransomware Virus could have entered your computer

Viruses of this type are usually distributed with the help of Trojans. For example, they can be sent as emails with an infected file attached, which, once opened, unleashes the malicious program into your system. Alternatively, there may be a link in them, which leads to a website where the Jigsaw Ransomware Virus would be automatically downloaded from.

Please note that the encryption process may take a while, which is also why there is a possibility of discovering it in time, as described above. The process itself involves encrypting your data storing files with the help of two encryption keys. One is public and shared with you, the other is private and is what the hackers will try to sell to you. Decrypting your files is impossible without access to both keys. There are alternative solutions to this problem, discussed below.

Most times these programs are so stealthy, that you’ll have no idea of their presence until their evil creators finally request a ransom for the key to the encrypted files. As soon as the dirty task has been finished, it is usually followed by a message informing you that your files have been encoded and threatening to dispose of them, if you do not pay the requested amount.

What NOT to do

Of course, deciding how to proceed is entirely up to you, but here are several aspects you should consider before rushing into taking any action. For one – attempting the alternative recovery methods illustrated in this article will not endanger your files in any way, even though that is what they will try and scare you into believing. The methods described in this guide aren’t 100% effective and there is a chance that some of your files might not be recovered. Should this be the case, even after you’ve completed all the steps in this guide, and there are files encrypted worth paying a ransom for, you might decide to go ahead and do that. However, the very reason why hackers create these viruses and send them circulating across the web is to earn money on them. By paying these people – you’d be encouraging them to continue and that is encouragement enough, because they are notoriously difficult to trace and put down by the authorities. Therefore, they don’t exactly fear prosecution.

Additionally, say you’ve paid the money and received the encryption key, there is still no guarantee that it will work flawlessly and all files and data will be restored. That being said, there’s really no guarantee you will receive the key to begin with; which will leave you in the same position, only with a lighter wallet.

the Jigsaw Ransomware Virus’s increasing popularity

Ransomwares have been around for quite some time now – they date back to the nineties and were initially present in Russia only. Today things have taken a turn for the worse in this department. the Jigsaw Ransomware Virus and others like it are gaining increasing popularity each day and part of the explanation is the crypto currency Bitcoin. Bitcoins are impossible to trace, so when hackers are paid in them, it leaves no tracks to follow them by.

With this in mind, it is wise to protect your computer with a good antivirus program and always be alert for suspicious messages and/or emails, especially those with attachments in them. Naturally, avoiding obscure websites and clicking on banners and ads you’re unsure of are simple safety measures you should abide to, in order to prevent harmful programs like the Jigsaw Ransomware Virus from installing themselves on your computer.


Name Jigsaw
Type Ransomware
Danger Level High (Will make your personal data unreadable and blackmail you for its restoration)
Symptoms Your PC may experience a general slowdown while your files are getting encrypted, once that’s over its already too late.
Distribution Method Commonly installed with the help of a trojan horse virus code, that will in turn download the ransomware executable from a remote TOR server.
Detection Tool Ransomware may be difficult to track down. Use SpyHunter – a professional parasite scanner – to make sure you find all files related to the infection.

Keep in mind, SpyHunter’s malware detection tool is free. To remove the infection, you’ll need to purchase the full version.
More information about SpyHunter and steps to uninstall.

Remove the Jigsaw Ransomware Virus

Jigsaw Ransomware Virus Removal (.Fun)

Some of the steps will likely require you to exit the page. Bookmark it for later reference.

Reboot in Safe Mode (use this guide if you don’t know how to do it).

Jigsaw Ransomware Virus Removal (.Fun)


Press CTRL + SHIFT + ESC at the same time and go to the Processes Tab. Try to determine which processes are dangerous. 

Jigsaw Ransomware Virus Removal (.Fun)

Right click on each of them and select Open File Location. Then scan the files with our free online virus scanner:

Each file will be scanned with up to 64 antivirus programs to ensure maximum accuracy
This scanner is free and will always remain free for our website's users.
This file is not matched with any known malware in the database. You can either do a full real-time scan of the file or skip it to upload a new file. Doing a full scan with 64 antivirus programs can take up to 3-4 minutes per file.
Jigsaw Ransomware Virus Removal (.Fun)
Drag and Drop File Here To Scan
Jigsaw Ransomware Virus Removal (.Fun)
Analyzing 0 s
Each file will be scanned with up to 64 antivirus programs to ensure maximum accuracy
    This scanner is based on VirusTotal's API. By submitting data to it, you agree to their Terms of Service and Privacy Policy, and to the sharing of your sample submission with the security community. Please do not submit files with personal information if you do not want them to be shared.

    After you open their folder, end the processes that are infected, then delete their folders. 

    Note: If you are sure something is part of the infection – delete it, even if the scanner doesn’t flag it. No anti-virus program can detect all infections.

    Jigsaw Ransomware Virus Removal (.Fun)

    Hold the Start Key and R –  copy + paste the following and click OK:

    notepad %windir%/system32/Drivers/etc/hosts

    A new file will open. If you are hacked, there will be a bunch of other IPs connected to you at the bottom. Look at the image below:

    Jigsaw Ransomware Virus Removal (.Fun)

    If there are suspicious IPs below “Localhost” – write to us in the comments.

    Type msconfig in the search field and hit enter. A window will pop-up:

    Jigsaw Ransomware Virus Removal (.Fun)

    Go in Startup —> Uncheck entries that have “Unknown” as Manufacturer.

    • Please note that ransomware may even include a fake Manufacturer name to its process. Make sure you check out every process here is legitimate.

    Jigsaw Ransomware Virus Removal (.Fun)

    Type Regedit in the windows search field and press EnterOnce inside, press CTRL and F together and type the virus’s Name. 

    Search for the ransomware  in your registries and delete the entries. Be extremely careful –  you can damage your system if you delete entries not related to the ransomware.

    Type each of the following in the Windows Search Field:

    1. %AppData%
    2. %LocalAppData%
    3. %ProgramData%
    4. %WinDir%
    5. %Temp%

    Delete everything in Temp. The rest just check out for anything recently added. Remember to leave us a comment if you run into any trouble!

    Jigsaw Ransomware Virus Removal (.Fun) 

    How to Decrypt Jigsaw files

    We have a comprehensive (and daily updated) guide on how to decrypt your files. Check it out here.

    If the guide doesn’t help, download the anti-virus program we recommended or try our free online virus scanner. Also, you can always ask us in the comments for help!


    About the author


    Violet George

    Violet is an active writer with a passion for all things cyber security. She enjoys helping victims of computer virus infections remove them and successfully deal with the aftermath of the attacks. But most importantly, Violet makes it her priority to spend time educating people on privacy issues and maintaining the safety of their computers. It is her firm belief that by spreading this information, she can empower web users to effectively protect their personal data and their devices from hackers and cybercriminals.

    Leave a Comment