How to remove Matrix Ransomware and decrypt .matrix, .[] or .MTXLOCK files

May 10, 2018 Aleksei Abalmasov 0

Matrix is another ransomware-type malware, that can encrypt user documents, photos, music, video, archives and other types of personal files. Virus adds “.matrix” extension to all encrypted files. It also creates matrix-readme.rtf or Readme-Matrix.rtf files with message in Russian and English with instructions to pay the ransom. Developers of Matrix ransomware offers to contact them using following e-mail addresses:, or and demand ransom of about $500 – $1500.

How to remove Horsia Ransomware and decrypt .oblivion, or files

May 8, 2018 Tim Kas 0

Horsia is another version of a “Scarab Family” group, which consist of similar ransomware viruses. For victims, an infiltration by these viruses may lead to loss of all data files on PC, because like another ransomware threats, both Horsia or Oblivion code all files with .doc, .xls, .pdf, .mp3, .wav, .mdb and many others files with another extension. After penetration, all coded files become unreadable and unavailable for editing. Besides, scammers, create files with ransom demands where they promise to decrypt files, after payloads in BTC. We argue to not pay them because all cybercriminals can lie easily.

How to remove Jigsaw ransomware and decrypt .LolSec, .onion, .jes, .fun, or others encrypted files

May 7, 2018 Tim Kas 0

Jigsaw, also known as Koolova, HiddenTear, Nice Jigsaw or CryptoHitman is a ransomware-type virus, which “distributed” since early 2016. It is known about it was listed more than 60 versions of Jigsaw Ransomware. Written within the .NET Framework technology, this virus encrypts user data using AES-256 (sometimes RSA-2048) for the key and then demands a ransom for decrypted keys or for the decryption tool.

How to remove Vortex Ransomware and decrypt .aes or .ZABLOKOWANE files

May 7, 2018 Aleksei Abalmasov 0

Vortex Ransomware is a cryptographic virus, that mostly attacks users in Poland, but may also be distributed in other counties. Vortex Ransomware code is based on AESxWin – a free program for encryption and decryption. It uses AES-256 cryptography and adds .aes and .ZABLOKOWANE extensions to encrypted files. After encoding, Vortex creates a text files (ODZSZYFRUJ-DANE.txt (or “#$# JAK-ODZYSKAC-PLIIKI.txt”)), and places it on the desktop. Various versions of this virus demand from $100 to $200 in BitCoins. One of the alternative versions of Vortex Ransomware is called Flotera and it also appends .aes suffix.