How to remove Java Ransomware and decrypt .java files

January 16, 2018 Aleksei Abalmasov 3

.java Ransomware is crypto-virus, that belongs to Crysis/Dharma family and appends different variation of .java extensions to affected files. This ransomware uses AES asymmetric cryptography algorithm. Virus target important data such as photos, documents, videos, music, database files, e-mail files.

How to remove File Spider Ransomware and decrypt .spider files

December 14, 2017 Aleksei Abalmasov 0

File Spider Ransomware is crypto-virus, that uses the AES-128 and RSA-2048 encryption algorithm to encrypt user files. After this, ransomware appends .spider extension to affected files and creates HOW TO DECRYPT FILES.url, that opens the browser window with the ransom-demanding message. File Spider Ransomware targets most important user data. These are MS Office documents, OpenOffice, PDF, text files, databases, photos, music, videos, image files, archives, web page files and other web files, educational, application and specialized files, and other files.

How to remove Scarab Ransomware and decrypt .scarab and .scorpio files

November 30, 2017 Aleksei Abalmasov 0

Scarab Ransomware is encryption virus, that encodes your files using AES cryptography and appends .scarab extension. Following successful infection and encryption Scarab Ransomware creates IF_YOU_WANT_TO_GET_ALL_YOUR_FILES_BACK_PLEASE_READ_THIS.TXT file. And puts it on the desktop. It demand ransom between $500 and $1000 in BitCoins. Latest versions remove shadow copies of files, restore points and system state backups, not allowing users to restore files using any of this methods. At the moment files hit by Scarab Ransomware are non-decryptable. We will update this article, as soon as decryption tool appears.

How to remove Nemesis Ransomware and decrypt .nemesis, .63vc4, .t5019 files

November 20, 2017 Aleksei Abalmasov 1

Nemesis Ransomware is a successor of CryptON Ransomware and is very likely developed and distributed by the same team of hackers. Files are encrypted using mix of RSA, AES-256 and SHA-256 or SHA-512 encryption algorithm. Other version of Nemesis Ransomware are known under the names Cry9, Cry128, Cry36, X3M. Newer version add randomly generated extensions. After encryption ransomware creates file ### DECRYPT MY FILES ###.html with instructions to pay the ransom.

How to remove CryptON Ransomware and decrypt _crypt files

November 20, 2017 Aleksei Abalmasov 0

CryptON Ransomware is crypto-virus, that gave birth to large family of ransomware encryption viruses like Nemesis, X3M, Cry9, Cry128, Cry36. This particular ransomware appends _crypt extension to filenames and saves original extension. So after encryption user file sample.txt will become sample_crypt.txt. After successful encryption CryptOn Ransomware creates readme_encrypted.txt file. There are several decryption tools released from companies like Emsisoft, Avast, Eset and we will give you instructions to use them below. Learn how to remove CryptON ransomware and decrypt _crypt files using guide on this page.