How to remove RSAUtil Ransomware and decrypt .VENDETTA, .URSA, alexjer554@gmx.com or other encrypted files

May 29, 2018 Olga Karpuk 0

RSAUtil Ransomware is cryptovirus, which infiltrates user’s PC and encrypts all files on it. Based on Delphi, RSAUtil spreads both on users PC or Servers, and the main purpose of this type of viruses – is extortion of money (750$ or more) from victims for potentially decryption of encrypted files. Usually, cybercriminals try to stay anonymous, they use bitcoins for transactions and remote servers for virus attacks. All encrypted files, for example, databases, documents, tables, photos, videos and other media files, gain a new suffix after encryption.

How to remove LockCrypt ransomware and decrypt .lock, .1btc or .mich files

May 29, 2018 Tim Kas 0

LockCrypt Ransomware is encryption virus, that affects user files such as photos, documents, music, videos etc. It modifies filenames using certain pattern: it changes name of the file to random numbers and letters and alters extension to .lock, .1btc or .mich. Experts now research this virus, and we don’t know if it uses symmetric or asymmetric cryptography, but currently, there is no automatic way to decrypt files encrypted by LockCrypt. But some users reported that they partially restored files, using shadow copies recovery. (Read our article about this method)

How to remove Scarab-Walker ransomware and decrypt .JohnnieWalker files

May 18, 2018 Olga Karpuk 0

Scarab-Walker is the latest version of ransomware viruses, marked as Scarab Ransomware. We already subscribed old versions: Horsia, Scarab-XTBL, Scarab-crypto, Scarab, Amnesia. Scarab-Walker shows all features of other versions: it encrypts all files on user’s PC, adding .JohnnieWalker suffix to every coded file, and start to demand a ransom in BTC. All documents (.doc, .docx, .pdf, .txt, .xls and others), databases, mediafiles are at risk.