How to remove CTB-Locker and decrypt .ctb (.ctb2) files

April 28, 2016 Aleksei Abalmasov 1

CTB-Locker (Curve-Tor-Bitcoin Locker) belongs to the family of ransomware viruses. It is also known as Critroni ransomware. This is also crypto-virus and it uses RSA 2048 encryption to encrypt sensitive files and folders. Usually CTB-Locker encrypts user documents, photos, music and other types of personal information. After this it asks for a ransom in bitcoins (0.3 or $120). CTB-Locker modifies file names and extensions of encrypted files. All affected files get .ctb or .ctb2 extension.

How to remove CryptoWall and decrypt .aaa files

April 1, 2016 Aleksei Abalmasov 0

In this article we will guide you through the removal and decryption process. First, let’s try to understand what is CryptoWall. CryptoWall is a malware program, created by cyber criminals, that encrypts files on user’s computer and offers a decryption in exchange of payment. It is well known that CryptoWall can infect any operating system version and revision (Windows XP, Windows Vista, Windows 7, and Windows 8).

How to remove TeslaCrypt and decrypt .ecc files

March 28, 2016 Aleksei Abalmasov 0

TeslaCrypt is virus that belongs to ransomware category of crypto-viruses. TeslaCrypt encrypts important documents, images, presentations using AES encryption. Then it demands a payment (ransom) for decryption key that will allow user to restore the files. One of the “features” of TeslaCrypt is that it also encrypts game files of 40+ popular games like Dota, Minecraft, World of Warcraft etc.

How to remove Locky virus and decrypt .locky files

March 24, 2016 Aleksei Abalmasov 0

Locky virus is ransomware threat that encrypts documents, music, video and other information on victims computer using AES encryption. This virus can also encrypt folders on unmapped network shares. It modifies affected files extensions to .locky. After this it demands ransom in bitcoins (0.5 – 2 BTC or approximately $200 – $800) for decryption services. There is no known guaranteed way to decrypt files infected by Locky virus and that is why this blackmail virus is considered very harmful.

How to uninstall (remove) UmbreCrypt

February 15, 2016 Aleksei Abalmasov 0

UmbreCrypt is a name for recently developed ransomware that targets for media files. After the ransomware finds certain types of files it encrypts them and adds umbrecrypt_ID_youruniqueID extension. After that the threat generates a pop-up window with a message that states the information about the encryption. In the note there are also instructions about the means to retrieve the files.