How to remove Gtys Ransomware and decrypt .gtys files

 

Gtys Ransomware Removal Tool

What is Gtys Ransomware

Being part of the Djvu and STOP virus family, Gtys Ransomware is a file-encrypting virus that has been strolling around the web since November, 2021. In fact, developers distribute a plethora of versions that vary from each other by extensions, cybercriminals’ e-mail, and other details. There are over 300 extensions that STOP Ransomware has used to attack the user’s data. In our case, STOP Ransomware appends .gtys extension to files so that they become encrypted. For instance, something like 1.mp4 will be retitled to 1.mp4.gtys and reset its default icon after infection. Sequentially, the program creates a note called _readme.txt that contains ransom information. Usually, the generated content looks very similar in all ransomware types.

Virus modifies “hosts” file to block Windows updates, downloading antivirus programs, and visiting sites related to security news or offering security solutions. Gtys Ransomware comes along with AZORult trojan, which was initially created to steal logins and passwords. The process of infection also looks like installing Windows updates, the malware shows a fake window, that mimics the update process.