Cdtt ransomware belongs to the STOP/DJVU family and it ciphers your files on compromised systems & asks you to pay a ransom for the decryption key. If your computer is infected with the .cdtt virus, how can you remove it? Follow the guide offered by MiniTool.

What Is Cdtt Ransomware

In recent years, ransomware attacks have become a notorious and extremely destructive type of cyberattack. Recently, the famous one is Cdtt ransomware that is the part of STOP/DJVU family which is famous for malicious file ciphering.

When the Cdtt virus invades the system, it could target various types of files like pictures, videos, documents, and other files. Then, it encrypts these files and appends the “.cdtt” extension to them, rendering them inaccessible and unusable. For instance, it renames “1.png” to “1.png.cdtt”, “2.docx” to “2.docx.cdtt”, etc.

The Cdtt ransomware drops a ransom note named “readme.txt” on the PC desktop to ask for a ransom payment in Bitcoin from its victims, ranging from $490 to $980 for the decryption key to restore access to encrypted files. The ransom note offers contact emails to victims – [email protected] and [email protected].

readme.txt Cdtt

This ransomware uses the Salsa20 encryption algorithm, which is almost impossible to hack. Attempting to use the already compromised decryption keys could be a method, but the possibility is also low. If the ransom is not paid within a specified timeframe, victims will face threats of increased ransom amounts or data loss.

If you cannot open your files and find the .cdtt extension, this PC has suffered from this insidious ransomware. So, what to do when encountering the .cdtt virus? Try these tips below.

How to Perform Ransomware Recovery and How to Protect Your Data
How to Perform Ransomware Recovery and How to Protect Your Data

How to perform the ransomware recovery? How to protect your data from being attacked again? This post provides the answers for you.

Read More

Back up Important Files

When confronted with the Cdtt ransomware, you had better create a backup for your important files that are not marked as .cdtt to prevent the virus from encrypting them. You should store the backup on an external hard drive or a USB flash drive to avoid infection.

To back up your files, we recommend using MiniTool ShadowMaker which stands out from many backup software. It supports automatic file backup and incremental & differential backups to keep your data safe in a great way. Download its Trial Edition and install it on your Windows 11/10/8.1/8/7 for data backup.

MiniTool ShadowMaker TrialClick to Download100%Clean & Safe

Step 1: Connect a USB drive or external drive to the PC that has .cdtt files. Then, launch MiniTool ShadowMaker and click Trial Edition.

Step 2: Under Backup, click SOURCE > Folders and Files to select files to back up. And, click DESTINATION to choose a drive as the storage path.

Step 3: Click Back Up Now to begin file backup.

back up files

How to Remove .Cdtt Virus

Move 1. Disconnect Network Connection

It is crucial to disconnect the network connection of the infected device since some ransomware-type infections could spread throughout the entire local network.

To do this, you can unplug the Ethernet cable from the computer or disconnect the Wi-Fi connection. Or, go to access Control Panel, click Network and Internet > Network and Sharing Center > Change adapter settings, right-click on your network connection, and choose Disable.

disable network connection
How to Enable and Disable the Internet Connection on Windows?
How to Enable and Disable the Internet Connection on Windows?

In this post, we will show you how to enable and disable the internet connection on your Windows computer when it is necessary to do this.

Read More
Alternatively, you can run your PC in Safe Mode with Networking to prevent the Cdtt malicious drivers and services from loading on Windows startup. This mode only boots Windows with a limited set of services and drivers. Hold Shift when pressing Restart to enter WinRE, go to Troubleshoot > Advanced options > Startup Settings > Restart, and press F5 to enable Safe Mode with Networking.

Move 2. Run Antivirus Software to Remove Cdtt Ransomware

In Windows 11/10, you can run the built-in Windows Security to scan the entire PC for the .cdtt virus. Or download and install a third-party antivirus program like MalwareBytes before disabling the network connection or in Safe Mode with Networking. Then, launch it and perform a scan. If this antivirus software finds some threats, remove them.

Related post: Get Free Malwarebytes Downloads for Windows/Mac/Andriod/iOS

In addition to MalwareBytes, HitmanPro, ESET Online Scanner, etc. can also help you remove malicious software like Cdtt ransomware.

Move 3. Restore .Cdtt Files with Emsisoft Decryptor for STOP Djvu

In most cases, it is impossible to recover files encrypted by ransomware. For all this, you can try. Emsisoft Decryptor for STOP Djvu may help you.

Step 1: Open a web browser and download this tool.

Step 2: Run the installer and click the Decrypt button to start the decryption process.

Related post: Ransomware Prevention Tips: Protect Yourself Against Infections

Wrap Things up

That’s information on Cdtt ransomware/.cdtt virus. When you find a .cdtt file on your PC, it is infected with this ransomware. Don’t worry and you should back up other important files and try some steps to remove it.

  • linkedin
  • reddit