How to remove Mole66 virus and restore encrypted files

If you have suffered from a ransomware and you're sure that it is the Mole66 virus – on this page you will find useful information. We propose simple and safe advice about Mole66 uninstalling and potential manners to get back the corrupted information.

What is Mole66

Mole66 can be considered a bogey of a day society, and every PC operator knows that if you cannot access your data and you see a ransom note – it’s time to be anxious. It’s a valid reaction, unfortunately. Mole66 threat is the worst threat that you might face in the Net because a common user has no power to eliminate it. The only situation when you're able to defeat ransomware is if you are not facing a real virus, but a dummy, that blocks your display and attempts to trick you into making a payment. In any other case, if ransomware was created and tuned in a proper manner – you should only trust that specialists can deal with it. If web-criminals made a mistake, and there are some flaws, which allow you to get back data – we will explain to you what you can do in our article.


MOLE ransomware


Ransomware sort does not actually matter, as the AES and RSA algorithms are overly complex to bruteforce them. It it requires hundreds of years to carry out all necessary calculations on a usual home PC and, maybe, few decades if you will use a super-powerful gear. The best way to defeat a powerful ransomware is to hack into it, or hack its server, to find a master key. In rare cases there is a breaker, able to cease ransomware's activity in full or to leave unscathed a particular computer. If any parson finds that switch for this ransomware, or publish a decryption software, we'll update this article.


So, what we'd discover if we take a glance inside a Mole66? It consists of an absolutely legitimate cryptography algorithm which encrypts the files on user’s PC, so you can't utilize them in any approach. That key is encrypted too, but with another algorithm. Usually, web-criminals choose RSA and AES algorithms, that have asserted themselves the very complex and sustainable. The mentioned manners and the software based on them are in free access on the Internet, so scammers just have to develop security mechanisms, to block an admittance to a ransomware, and create the safe update and control scheme. Some viruses can act in standalone mode, and swindlers get a report of a new victim as late as he writes them and sends his ransom. The best ransomwares are highly active, and send data to thousands URL's, to confuse the malware-fighters and maximize the time required to defeat a ransomware.


Here you can find some possibilities to inspect, before you can give in and look for a decryptor. As it is said in previous paragraphs, fraudsters make mistakes, and some specialties of the Windows might serve you to get back your data.


  • If you've made a backup, and placed it on the external drive – just eliminate a ransomware and upload it. Make sure that Mole66 is gone fully, since if it isn't – all information will be spoiled instantly, including the files that were stored on an outer hard drive.
  • If you utilize an entry with no administrator rights – you may congratulate yourself. The matter is that your operating system creates backups of any files until their deletion or change. Those backups are known as the SVC, and the ransomware knows how to remove them. If you're employing the user's profile – the OS requests for a permission at the exact second Mole66 goes to remove SVC. In case you saw such thing and declined it – then the copies are safe, and you may use a specific program to recover the files.


In case you examined both these things and there is no possibility to recover your data – you have to remove the malware from the computer and expect when a decryption tool will be published.

How to remove Mole66

Unfortunately, you can't totally elude an automatic mode. Mole66 is incredibly cunning and you could miss some remains and then suffer from it (it could happen if you connect an outer data storage with the backups to a not-really-purged machine). It also hides pretty well, and you literally won’t be able to delete it fully on your own. Here's your deletion specification which can suit all your needs. It consists of some manual phases and an optional anti-viral program phase.

Removal instruction

If you are MAC user, follow this guide: how to decrypt files on MAC.




Step 1. Boot the system into safe mode

  • Press Start
  • Type Msconfig and press Enter

Safe mode. Step 1


  • Select Boot tab

Safe mode. Step 2



  • Select Safe boot and press Ok

More information about Safe mode: What is Safe Mode and how to boot computer in Safe Mode


Step 2. Show all hidden files and folders

  • Press Start
  • Click on Control Panel

Show hidden files. Step 1


  • Select Appearance and Personalization

Show hidden files. Step 2


  • Click on Folder Options
  • Select View tab
  • Select Show hidden files, folders and drives

Show hidden files. Step 3


  • Press Ok


Step 3. Remove virus files


Check next folders to find suspicious files:

  • %TEMP%
  • %ProgramData%


Step 4. Fix hosts file

  • Go to %SystemRoot%\System32\drivers\etc\ folder



  • Open hosts file using Notepad or other text editor
  • Delete suspicious elements
  • Basic hosts file looks like this:



Step 5. Clean registry (for experienced users)

  • Click Start
  • Type Regedit.exe and press Enter
  • Clean startup registry keys
  • HKEY_LOCAL_MACHINE(HKEY_CURRENT_USER)\Software\Microsoft\Windows\CurrentVersion\Run
  • HKEY_LOCAL_MACHINE(HKEY_CURRENT_USER)\Software\Microsoft\Windows\CurrentVersion\RunOnce
  • HKEY_LOCAL_MACHINE(HKEY_CURRENT_USER)\Software\Microsoft\Windows\CurrentVersion\RunServices
  • HKEY_LOCAL_MACHINE(HKEY_CURRENT_USER)\Software\Microsoft\Windows\CurrentVersion\RunServicesOnce
  • HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit

Step 6. Scan computer with antivirus

Here's Spyhunter AV tool that is not simply effective, but is fast and continuously evolving tool that can clean your computer of all suspicious programs. Push the button below to try Spyhunter and remove Mole66.


Special Offer

Download Spyhunter - Anti-malware scanner

We advise downloading SpyHunter to see, if it can detect malware for you.

Spyhunter has a biggest malware database

It protects the system against all kinds of threats: Trojans, adware and hijackers

24/7 Free Support Team

SpyHunter scanner detects threats and malware for free, but to remove infected elements you need to purchase a full version of program for 39.99$. More information about Spyhunter, EULA and Privacy policy.


Step 7. Disable Safe Mode and restart computer

  • Press Start
  • Type Msconfig and press Enter
  • Select Boot tab
  • Remove the check near Safe boot

How to restore files

As you cleared your PC of Mole66, or at least you aware of how you can to do that, let’s think over the data recovery. As we said in the paragraphs above, if you use an admin account and you gave the virus an access to the system – there is no trick to get back your files save for the backups. If you that didn't happen – you still have a chance, but you will need peculiar recovery tool. The most efficient ones of them are Recuva or ShadowExplorer tools. They're easy to download on their official sites, with close instructions.

  • Click Start
  • Click Control Panel

Decrypt files. Step 1


  • Click System and Security

Decrypt files. Step 2


  • Select Backup and Restore

Decrypt files. Step 3


  • Select Restore files from backup
  • Select checkpoint to restore


Share your feedback to help other people
1 1 1 1 1 1 1 1 1 1 Rating 0.00 [0 Votes]

Add comment

Security code



Acronis suggestion to CrashPlans users

Around a month ago, there was an accident with CrashPlans backup software.

What is MicTrayDebugger and is it dangerous

This is a brief entry about MicTrayDebugger: what is it, how it appeared in the system, is it dangerous and how to get rid of it.

What is HoeflerText and is it dangerous?


This article is dedicated to the fraud scheme that is called HoeflerText font wasn't found. We will explain you what is this scheme and how to avoid it.

What is Wpad.dat virus and how it is used

The topic of our today's article is a script that had been unjustly called a virus. It’s Wpad.dat, and it is not a virus. We will explain what is Wpad.dat and how to prevent fraudsters to deceive yourself with its help.


Cancer virus trollware

This is an article about crazy Cancer virus and the madness that it brings to victim's computer.

This website uses cookies to improve your experience