How to remove Osiris ransomware and decrypt .osiris files

December 6, 2016 Aleksei Abalmasov 5

Osiris is new crypto-virus, that belongs to Locky ransomware type. After finishing the process of encrypting files, malware adds .osiris extension and alters filenames. Your files get such names: [8_random_characters]-[4_random_characters]-[4_random_characters]-[8_random_characters]-[12_random_characters].osiris. Virus blackmails user to pay ransom of 2.5 BitCoins (~$1880) for file decryption. Osiris ransomware creates 3 files on users computers: OSIRIS.html, OSIRIS_[4_random_characters].html and OSIRIS.bmp and copies them to the folder with encrypted files. Those files contain instructions for users to pay the ransom on Bitcoin wallet.

How to remove Purge ransomware and decrypt .purge files

November 29, 2016 Aleksei Abalmasov 0

Purge Ransomware refer to the ransomware virus that encrypts your files. Once launched, it begins the process of encrypting your files stored on the system drives and attached network drives. The each infected file is added the extension .purge. This tricky malware uses strong encryption algorithm – RSA, that can be decrypted using a unique key. Unfortunately, restoring files are almost impossible without this key which crooks store on the remote servers

How to remove Globe ransomware and decrypt .globe files

November 29, 2016 Aleksei Abalmasov 0

Globe is a ransomware that is very similar to Mahasaraswati, JohnyCryptor, Ecovector and JohnyCryptor. Once Globe ransomware has infected your computer, it encrypts various data. After finishing encrypting process, this ransomware adds .globe (.purge) extensions to the name of all the encrypted files. It will create a HTA note named How to restore files.hta in each folder with the encrypted data. Also this ransomware creates an autorun named How to restore files that automatically opens ransom note each time you login to Windows and changes wallpaper on your desktop to “Purge: Election Year” film’s theme.

How to remove .zzzzz ransomware and decrypt .zzzzz files

November 24, 2016 Aleksei Abalmasov 0

.zzzzz is actually redesigned Locky crypto-virus. We remind that Locky (and its new version) uses asymmetric encryption algorithm to encrypt user files, images, videos, documents, game files. Now virus can detect and encode more than 450 types of files. After encryption virus appends .zzzzz extension and modifies filenames sol they get long alphanumeric 24 digit names. This ransomware still extorts ransom of 3 BitCoins (~$2200) from user to decrypt files. Zzzzz ansomware creates 3 files on users PC: INSTRUCTION.bmp, -INSTRUCTION.html and _6-INSTRUCTION.html. All this files are used to inform users, that their system is hacked and files are encrypted.

How to remove Aesir ransomware and decrypt .aesir files

November 23, 2016 Aleksei Abalmasov 0

Aesir is another ransomware-type virus from Locky family. It still uses RSA-2048 and AES-128 algorithms to encrypt user files. Now virus targets more than 450 types of files. After encrypting
malware adds .aesir suffix and modifies filenames. Aesir ransomware demands user to pay ransom of 3 BitCoins (~$2200) to decrypt files, but never send the keys. Ransomware creates 3 files on users computers: INSTRUCTION.bmp, -INSTRUCTION.html and _1-INSTRUCTION.html. This files contain instructions for users to pay the ransom and get decryptor. Image is used to set as background and also contains ransom-note with payment details.

1 2 3 4 11