.Pox File Virus (Bulba Ransomware) – Remove It + Recover Files

.Pox File Virus is a recently found file locking malware which is a variant of Bulba Ransomware. This nasty threat get into your machine and encrypt your files, documents, database, backup everything using powerful cryptographic algorithm after which its adds .Pox extension to your files names to make them locked. This nasty Bulba .Pox Ransomware will also leave ransom note on your computer to demand extortion money. After the encryption you will find that all your files are containing an extra .Pox extension at the end like if your file name was “1.jpg” then it will get changed to “1.jpg.Pox” and you won’t be able to access those files.

.Pox File Virus : Threat Analysis

 Name .Pox File Virus (Bulba Ransomware)
 Type Ransomware, Cryptovirus
 Family Phobos Ransomware
 Extension .Pox
 Description Encrypt all your files and demand ransom to give decryption key.
 Symptoms You will not be able to access any files on your system. You will find Ransom note in each folder demanding money.
 Distribution  Spam Emails, Email Attachments, bundled freeware, porn or torrent sites
 Detection Tool Download Automatic Removal Tool
 Data Recovery   ParetoLogic Data Recovery Pro

.Pox File Virus

When you will open the ransom note left by .Pox File Virus (Bulba Ransomware), you will find that it clearly mention that all your files are encrypted. Hackers behind this threats claims to be American and they are very sure that their encryption cannot be broken without decryption key. They are willing to give you the decryption tool and key but for a price which they do not mention in the ransom note which means you have to contact them through the given email address for more information. Hackers behind this .Pox File Virus also threatens that if your files are not recovered in 48 hours then all your files will removed. It means they are keeping a very tight leash and they want their victims to look for other options. They also advise you not to change your files and if you want then make a backup of encrypted files first which is really a good advise. Check the complete ransom note here :

All you information (documents, databases, backups and other files) this computer was encrypted using the most cryptographic algorithms.
All encrypted files are formatted .Pox.
This form files ‘.Pox’ is a joint development American Hackers.
You can only recover files using a decryptor and password, which, in turn, only we know.
It is impossible to pick it up.
Reinstalling the OS will not change anything.
No system administrator in the world can solve this problem without knowing the password
In no case do not modify the files! But if you want, then make a backup.
Drop us an email at the address – vpsimf@gmail.com
You have 48 hours left. If they are not decrypted then after 48 hours they will be removed!!!

.Pox File Virus mainly spread through bundled freeware programs, cracked software, malicious websites, porn or torrent sites, spam email attachments and other social engineering attacks. Once getting inside your machine, this nasty threat will disable your anti-virus and firewall security which will make your system more vulnerable. This Bulba Ransomware is a new malware group which means it could not be trusted because there is no guarantee that hackers will give you decrpytion key after take the money. There is no report of any user getting their files after paying the ransom fees till now, so it would be wise to not pay ransom money to hackers. It could also be possible that hackers behind this .Pox File Virus launch new version of this malware to attack your system again which will would be very unfortunate if you paid the ransom money to recover data once already. So you are advised to remove .Pox File Virus using a powerful Malware Removal Tool and recover your files using third party data recovery software.

How To Remove .Pox File Virus

The first most important thing for you is to remove this nasty Ransomware infection from your computer. It is a nasty malware infection which can keep creating new problems until you remove this threat completely from your machine. It can re-encrypt your files again if anyhow you manages to recover your files. Apart from this it can also bring other threats and malware on your system without permission. If you wait much longer, it will make several harmful changes to your system settings and registry which can make it more difficult to get rid of this nasty .Pox File Virus. So you are advised to backup all your encrypted files on a cloud drive and then delete this nasty malware from your PC. It is a highly advanced and sophisticated malware infection due to which you will need to a powerful Automatic Malware Removal Tool to remove this infection. You can download this software from the below button.

Download Automatic .Pox File Virus Removal Tool

Alternative Data Recovery Option

If the STOP Decryptor was not able to recover your files, then you can use professional data recovery software to recovery your files. ParetoLogic Data Recovery Pro software is a highly advanced and powerful data recovery suite. It can recover lost or permanently delete files. You should try the free version of this software to scan your PC. If the software can detect your files, then you will need to pay the recover all your files. But in this case you are not paying ransom money hackers. The Malware Removal Tool and Data Recovery are much more cheaper option than paying ransom money.

  • First you need to download the Data Recovery Pro Software.

Download Data Recovery Pro Now

  • After installing the software launch the program and click on Start Scan to run full scan of your PC.

Recover file encrypted by .Pox File Virus

  • When software detect all your files, then click on Recover button to get your files back.

Recover file encrypted by .Pox File Virus

Manually Remove .Pox File Virus

Part 1 – Start PC In Safe Mode With Networking

  • Press “Windows Key + R” buttons together on your keyboard.

  • Run box will appear, type “msconfig” and hit enter button.

  • System configuration box will appear on your screen.

  • Go to boot tab and select Safe boot then hit enter button.

Part 2 – Kill Malicious Process From Task Manager

  • Press “Windows Key + R” buttons together on your keyboard.

  • Run box will appear, type “taskmgr” and hit enter button to open Task manager.

  • Find malicious process related to .Pox File Virus and right click on it then click End process.

Block .Pox File Virus in Task Manager

Part 3 – Remove .Pox File Virus From Control Panel

First you should check the Control Panel of your computer and remove any unwanted program that you have not installed by yourself. It might be possible that .Pox File Virus virus is listed in Control Panel with any other random name to avoid its removal.

Remove .Pox File Virus From Windows Vista/7

  • Click on Start menu and select Control Panel.

  • Select Uninstall a program option under Programs menu.

  • Find and remove all unwanted and malicious programs related to .Pox File Virus.

Remove .Pox File Virus From Windows 7

Download Automatic .Pox File Virus Removal Tool

Remove .Pox File Virus From Windows 8/10

  • Click “Windows + R” button together to open run box.

  • Type Control Panel in the Run Box then click OK.

  • Select Uninstall a program option under Programs menu.

  • Find and remove all unwanted and harmful programs related to .Pox File Virus.

Remove .Pox File Virus From Windows 10

Part 4 – Remove .Pox File Virus From Browser

Remove From Google Chrome

  • Open Chrome browser > Click on Menu > select More Tools > Choose Extensions.
  • Find and remove malicious extension from chrome.

Remove .Pox File Virus From Chrome

Remove From Mozilla Firefox

  • Open Mozilla Firefox > Click on Menu > select Add-ons.
  • Find and remove malicious add-ons from Firefox.

Remove .Pox File Virus From Firefox

Remove From MS Edge

  • Open Edge browser > Click on More option > select settings > Choose Extensions.
  • Click on unwanted extension and hit uninstall button.

Remove .Pox File Virus From Edge

Remove From Internet Explorer

  • Open Internet Explorer > Click on Gear icon > choose Manage Add-ons.
  • Click on unwanted extension and press disable button.

Remove .Pox File Virus From Internet Explorer

Part 5 – Remove .Pox File Virus From Registry Editor

  • Press “Windows Key + R” buttons together on your keyboard.

  • Run box will appear, type “regedit” and hit enter button.

  • Windows Registry editor will appear on your screen.

  • Find and remove .Pox File Virus related keys.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\msmpeng.exe “Debugger” = ‘svchost.exe’

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\msseces.exe “Debugger” = ‘svchost.exe’


HKEY_LOCAL_MACHINE\SOFTWARE\Uninstall\”virus name”

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings “WarnOnHTTPSToHTTPRedirect” = ’0′

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run “xas”

HKEY_CURRENT_USER\Software\.Pox File Virus

Tips To Prevent Malware Like .Pox File Virus In Future

  • You should use a powerful and reliable anti-virus program and scan your computer regularly.
  • Check Windows Firewall security and turn it on for the real time safety form malware and viruses.
  • You must avoid visiting to malicious, porn and torrent websites to stay safe online.
  • Avoid downloading any free or unknown program from any unreliable website or link.
  • Say a big No to download cracked software, themes and wallpaper, screensaver similar products.
  • Do not click on any misleading advertisement that flash on your browser when you go online.
  • Keep your Windows OS and other software up to date to avoid vulnerabilities.
  • Download updates and software patches only from official and trusted websites.
  • Always create a system restore point when you PC is running fine for security purpose.
  • Keep backup of all your important files and data to avoid any kind of data loss situation.

Download Automatic .Pox File Virus Removal Tool

Leave a Reply