How to remove Blind Ransomware and decrypt .blind and .kill files

November 16, 2017 Aleksei Abalmasov 0

Blind Ransomware is cryptoviral extortion, that uses RSA and AES algorithms to encrypt user data. This particular ransomware appends .blind and .kill suffixes to compromised files. It also adds developers e-mail to the filenames: or Usually, malware attacks files, that represent value for the user – documents, presentations, photos, video, music. After finishing encoding files, Blind Ransomware creates following file: How_Decrypt_Files.hta.

How to remove Paradise Ransomware and decrypt .paradise files

November 16, 2017 Aleksei Abalmasov 0

Paradise Ransomware is crypto-virus distributed as RaaS (Ransomware-as-Service). That means it is simplified ransomware development kit, that allows potential hackers and malware distributors to substitute their e-mails and BitCoin wallets and receive ransom payments from infected users. Virus appends .paradise file extension and modifies filename with affiliate identification number and e-mail, so the final pattern looks like this: id-affiliate-id-[affiliate-e-mail].paradise. Malware uses RSA-1024 cryptography. Ransomware creates 3 text files: Files.txt, Failed.txt, and #DECRYPT MY FILES#.txt. First two are the lists of successfully encrypted files and files, that failed to be encrypted.

How to remove CryptoMix Ransomware and decrypt .xzzx files

November 16, 2017 Aleksei Abalmasov 0

CryptoMix Ransomware is famous family of ransom-demanding encryption viruses. Recently it came up with updated version that modifies your files with random set of 32 letters and digits and .xzzx file extension. So it makes your files look like this: 1V3DJHJ6M78BL3535RTY987XZFDGP876.XZZX. This new version uses complex double encryption with RSA-1024 ans AES algorithms. After encryption finishes CryptoMix Ransomware creates _HELP_INSTRUCTION.TXT file that contains contact e-mails and ransom-demanding message. Malefactors use following e-mails:,,, and

How to remove Unlock92 Ransomware and decrypt .block, .blocked, .CRRRT, .CCCRRRPPP files

November 13, 2017 Aleksei Abalmasov 0

Unlock92 Ransomware is dangerous crypto-virus that uses RSA-2048 asymmetric algorithm to encrypt user personal files. Considering the fact, that it uses Russian language in description it mostly targets Eastern European users. However, virus is distributed via public networks and international spam bots and any user can become a victim. Unlock92 Ransomware underwent several major updates and changes.