SNTG is a sophisticated ransomware variant which aims at encrypting user files in order to demand a ransom for their decryption key. SNTG informs the attacked users about the required ransom amount by displaying a warning on their screens.


The SNTG Ransomware will show you this message when it is finished encrypting your files.

This ransomware begins the file encryption process as soon as you have been infected and typically doesn’t show any symptoms of its activity until it completes its agenda. SNTG typically targets different file  types including documents, databases, archives, personal audio and video files, images and more. Once they become encrypted, the malware shows a .txt notification on the computer’s screen to inform the victims about the attack. The hackers behind this infection usually ask you to send some money to their cryptocurrency account. In exchange for that, they promise to give you the corresponding decryption key for your data. The crooks normally have clear instructions on how to pay them and set a firm deadline after which you won’t be able to “purchase” the decryption key anymore.

Unfortunately, as a result of the SNTG attack, users can permanently lose access to important information that they store on their computers. Moreover, this can also trigger significant personal or business-related losses, especially if the encrypted files contain specific details or are of great value to the user and their business. Fortunately, this does not always have to be the case because there are some methods that may help you minimize the negative consequences to some extent.

In the removal guide below you will find some of these methods explained, and will also find instructions on how to remove SNTG from your computer. A big note to remember here is that you first need to carefully remove the ransomware if you’ve decided to follow the file-recovery steps of the guide. This is critical because any attempt to recover data without eliminating the infection would be unsuccessful. Not to mention that even if you manage to retrieve some of your files, they may get encrypted again if the virus is present on the device.

The SNTG Ransomware

The SNTG virus is a ransomware infection which puts pressure on its victims to pay ransom to retrieve their files. The SNTG virus functions in absolute secrecy and when it is running, it’s almost impossible to identify and delete it.

Unfortunately, most antivirus programs are not very successful in detecting ransomware variants such as SNTG either, because the malware-induced file encryption is not a process that causes destruction, corruption or system malfunction. The targeted files have no real harm done to them and, respectively, there is nothing that can cause an antivirus response. This helps the malware to successfully complete its agenda without being interrupted and take its victims by surprise. Unfortunately, out of fear, many people opt for the ransom payment demanded by the crooks behind SNTG. Sadly, many of them never get a decryption key but only lose their money and get fooled.

The SNTG file encryption

The SNTG file encryption is an elaborate process that turns digital files into unreadable bits of data. The SNTG file encryption process runs in secrecy and normally does not trigger response from most antivirus programs.

Our “How to remove” team has published a free SNTG removal guide below, where we recommend some ways to avoid paying the ransom the anonymous hackers are asking for and some instructions for recovery of your encrypted data. Of course, we must warn you that our suggestions cannot guarantee that everything will be back to normal after the ransomware’s attack. However, we invite you to give them a try in case you wish to explore some roundabouts to the ransom payment.


Type Ransomware
Danger Level High (Ransomware is by far the worst threat you can encounter)
Symptoms Very few and unnoticeable ones before the ransom notification comes up.
Distribution Method From fake ads and fake system requests to spam emails and contagious web pages.
Data Recovery Tool [banner_table_recovery]
Detection Tool

Not Available

SNTG Virus Removal


Some of the steps will likely require you to exit the page. Bookmark it for later reference.

Reboot in Safe Mode (use this guide if you don’t know how to do it).



Press CTRL + SHIFT + ESC at the same time and go to the Processes Tab. Try to determine which processes are dangerous.


Right click on each of them and select Open File Location. Then scan the files with our free online virus scanner:

Drag and Drop Files Here to Scan
Maximum file size: 128MB.

This scanner is free and will always remain free for our website's users. You can find its full-page version at:

Scan Results

Virus Scanner Result

After you open their folder, end the processes that are infected, then delete their folders.

Note: If you are sure something is part of the infection – delete it, even if the scanner doesn’t flag it. No anti-virus program can detect all infections.


Hold the Start Key and R copy + paste the following and click OK:

notepad %windir%/system32/Drivers/etc/hosts

A new file will open. If you are hacked, there will be a bunch of other IPs connected to you at the bottom. Look at the image below:


If there are suspicious IPs below “Localhost” – write to us in the comments.

Type msconfig in the search field and hit enter. A window will pop-up:


Go in Startup —> Uncheck entries that have “Unknown” as Manufacturer.

  • Please note that ransomware may even include a fake Manufacturer name to its process. Make sure you check out every process here is legitimate.


Type Regedit in the windows search field and press Enter. Once inside, press CTRL and F together and type the virus’s Name.

Search for the ransomware in your registries and delete the entries. Be extremely careful – you can damage your system if you delete entries not related to the ransomware.

Type each of the following in the Windows Search Field:

  1. %AppData%
  2. %LocalAppData%
  3. %ProgramData%
  4. %WinDir%
  5. %Temp%

Delete everything in Temp. The rest just check out for anything recently added. Remember to leave us a comment if you run into any trouble!


How to Decrypt SNTG files

We have a comprehensive (and daily updated) guide on how to decrypt your files. Check it out here.

If the guide doesn’t help, download the anti-virus program we recommended or try our free online virus scanner. Also, you can always ask us in the comments for help!


About the author


Lidia Howler

Lidia is a web content creator with years of experience in the cyber-security sector. She helps readers with articles on malware removal and online security. Her strive for simplicity and well-researched information provides users with easy-to-follow It-related tips and step-by-step tutorials.

Leave a Comment