What is Potato ransomware?

Potato ransomware may have a ridiculous name, but we assure you there is nothing amusing or funny about it. The threat is serious and complex, and once it infiltrates your computer, it affects your data files. More specifically, the parasite makes your files inaccessible to you by encoding them with the AES-256 encryption. It then demands that you pay the so-called ransom in order to fix your data. Needless to say, there are no guarantees when it comes to cyber criminals and their promises. We suggest that you do not waste your money and, instead, get rid of Potato ransomware as soon as you can.

Potato ransomware

How does Potato ransomware work?

The ransomware works in the same manner as do other members of this category. It spreads online through spam emails, software bundles, fake ads, corrupted links, and so on. Once it slithers into the system, it starts the data encryption process. All valuable files including your photos, videos, documents, etc. get encrypted and have the following extension added to them: “.potato”. After the encryption is complete, the infection creates two files that contain the ransom note – “RADME.png” and “README.html” – and adds them to the desktop.

The ransom note claims that in order to get your files back you have to download the TOR browser, go to the payment website, enter the ID number, and click “”GET KEY”. Further instructions are supposed to appear on the screen explaining how you can transfer the money. As we have already mentioned, you should not risk your money in hopes of restoring your files, because the hackers behind the malware simply cannot be trusted. Unfortunately, all you can do at this point is terminate Potato ransomware and try one of the alternative methods of recovering your data.

How to remove Potato ransomware?

There is no question that you should not delay Potato ransomware removal. Only after you delete Potato ransomware can you move on to fixing your files yourself. The only way to eliminate Potato ransomware from your computer including all of its malign components and other infections that may be present in your system is by implementing a reputable anti-malware application. You can acquire the malware remover on our page. It will perform a full system scan, detect all threats, and erase Potato ransomware along with them. It will also stay useful moving forward as the utility comes with real-time online protection and a variety of other beneficial features. As for your files, you can try one of the following options: you can recover your data by using your backup, the Shadow Explorer, System Restore, or one of the file decryptors you can download online.

Automated Removal Tools

  • reimage

    Reimage Repair is a legitimate utility that can be used to remove virus damage from your computer thus improving its working ability. The application comes in two different versions: the full version, ...

  • SpyHunter-4

    Why You Need to Download Spyhunter 4? Every day malware becomes more and more powerful and sneaky. It evolves at unbelievable speed while hackers come up with new ways to avoid detection by security ...

  • malwarebytes-logo2

    While the creators of MalwareBytes anti-malware have not been in this business for long time, they make up for it with their enthusiastic approach. Statistic from such websites like CNET shows that th ...


Quick Menu

Step 1. Delete Potato Ransomware using Safe Mode with Networking.

Remove Potato Ransomware from Windows 7/Windows Vista/Windows XP
  1. Click on Start and select Shutdown.
  2. Choose Restart and click OK. Windows 7 - restart
  3. Start tapping F8 when your PC starts loading.
  4. Under Advanced Boot Options, choose Safe Mode with Networking. Remove Potato Ransomware - boot options
  5. Open your browser and download the anti-malware utility.
  6. Use the utility to remove Potato Ransomware
Remove Potato Ransomware from Windows 8/Windows 10
  1. On the Windows login screen, press the Power button.
  2. Tap and hold Shift and select Restart. Windows 10 - restart
  3. Go to Troubleshoot → Advanced options → Start Settings.
  4. Choose Enable Safe Mode or Safe Mode with Networking under Startup Settings. Win 10 Boot Options
  5. Click Restart.
  6. Open your web browser and download the malware remover.
  7. Use the software to delete Potato Ransomware

Step 2. Restore Your Files using System Restore

Delete Potato Ransomware from Windows 7/Windows Vista/Windows XP
  1. Click Start and choose Shutdown.
  2. Select Restart and OK Windows 7 - restart
  3. When your PC starts loading, press F8 repeatedly to open Advanced Boot Options
  4. Choose Command Prompt from the list. Windows boot menu - command prompt
  5. Type in cd restore and tap Enter. Uninstall Potato Ransomware - command prompt restore
  6. Type in rstrui.exe and press Enter. Delete Potato Ransomware - command prompt restore execute
  7. Click Next in the new window and select the restore point prior to the infection. Potato Ransomware - restore point
  8. Click Next again and click Yes to begin the system restore. Potato Ransomware removal - restore message
Delete Potato Ransomware from Windows 8/Windows 10
  1. Click the Power button on the Windows login screen.
  2. Press and hold Shift and click Restart. Windows 10 - restart
  3. Choose Troubleshoot and go to Advanced options.
  4. Select Command Prompt and click Restart. Win 10 command prompt
  5. In Command Prompt, input cd restore and tap Enter. Uninstall Potato Ransomware - command prompt restore
  6. Type in rstrui.exe and tap Enter again. Delete Potato Ransomware - command prompt restore execute
  7. Click Next in the new System Restore window. Get rid of Potato Ransomware - restore init
  8. Choose the restore point prior to the infection. Potato Ransomware - restore point
  9. Click Next and then click Yes to restore your system. Potato Ransomware removal - restore message

Site Disclaimer

2-remove-virus.com is not sponsored, owned, affiliated, or linked to malware developers or distributors that are referenced in this article. The article does not promote or endorse any type of malware. We aim at providing useful information that will help computer users to detect and eliminate the unwanted malicious programs from their computers. This can be done manually by following the instructions presented in the article or automatically by implementing the suggested anti-malware tools.

The article is only meant to be used for educational purposes. If you follow the instructions given in the article, you agree to be contracted by the disclaimer. We do not guarantee that the artcile will present you with a solution that removes the malign threats completely. Malware changes constantly, which is why, in some cases, it may be difficult to clean the computer fully by using only the manual removal instructions.

Leave a Reply