.PURGE File Extension
Globe Ransomware Encrypted File
2.0 | 1 Vote
What is a PURGE file?
A file with the .purge extension has been encrypted and renamed by Globe ransomware. It could be an encrypted image, video, document, database, or other type of file. Because the file is encrypted, you cannot open it. The .purge extension is added to the file's normal extension, producing an extension like .jpg.purge.
In 2016, users began reporting the existence of Globe ransomware. Globe infects a user's computer, encrypts and renames the user's files, and then produces a ransom note named How to restore files.hta. It then automatically opens the ransom note. It also changes the user's desktop background to an image that contains characters from the movie Purge: Election Year.
How did my computer become infected by Globe ransomware?
At this time, it is unknown exactly how Globe ransomware is distributed. However, ransomware is most often distributed via spam email attachments and programs that appear to be legitimate but are actually adware and malware bundles.
Should I pay a ransom to decrypt my files?
FileInfo recommends you never pay a ransom to decrypt your files. Also, free decryption tools exist that may allow you to restore your PURGE files to their normal state.
NOTE: Variants of Globe ransomware append users' files with the .globe or .xtbl extension, instead of .purge.
How to open a PURGE file
You can decrypt PURGE files using Emsisoft Decryptor for Globe (Windows). This tool requires that you have at least one pair of encrypted and decrypted files. (For example, the file document.docx, retrieved from a backup device, and its sibling, document.docx.purge, stored on your computer.) For full instructions on how to use Emsisoft Decryptor for Globe, click the link found below.
FileInfo.com recommends you never pay a ransom to decrypt files encrypted by ransomware. Paying a ransom encourages ransomware distributors to continue their efforts, and there is no guarantee that paying a ransom will give you access to your files. Instead, you should restore your data from a recent backup created before the ransomware infected your computer.