How to remove Cryptolocker ransomware and decrypt .enc files

Cryptolocker is initial version of ransomware-type virus. Although, this malware is no longer active, there are bunch of viruses based on it. And it’s no wonder why it motivated criminals to create similar projects. According to developers, their product got more than three million dollars from users who paid ransom. Today, we’ll consider one copycat form of it- Crypt0L0cker (TorrentLocker). Some newer variants even use initial name pretending to be original Cryptolocker ransomware. Following infiltration, it prevents access to your data using RSA-2048 encryption algorithm. All encrypted files are appended with .encrypted or .enc extensions.

How to remove Crypto1CoinBlocker ransomware and restore files

Crypto1CoinBlocker is a ransomware that is very similar to Xorist, Erebus, HakunaMatata etc. First Crypto1CoinBlocker ransomware breaks into your system, then it encrypts most of personal files. After finishing encrypting process with RSA-2048 cryptography algorithm, this ransomware adds .1AcTiv7HDn82LmJHaUfqx9KGG55P9jCMyy file extension to the name of all the encrypted data.

How to remove Satan Ransomware and decrypt .stn files

Satan is a ransomware virus, having its own web service (Raas). Once infiltrated, it denies access to files using RSA-2048 and AES-256 encryption protocol. Each encrypted file is appended with .stn extension. Satan ransomware further places HELP_DECRYPT_FILES.html file on the desktop. The message reads, that victims must pay the ransom to decrypt data, otherwise they will be unavailable forever. At present, there is no tool capable of decrypting files affected with using RSA-2048.

How to remove Fanli90.cn

What is Fanli90.cn? If the first thing you see when you open web browser is the web page with this address – Fanli90.cn – that means you’ve got infected with the virus, that’s why you need to remove Fanli90.cn redirect in order to prevent any further consequences. Fanli90.cn is a browser hijacker that is usually distributed through free software that average user may download on suspicious websites. This application will change your homepage to http://Fanli90.cn as well as spoil your browsing Read more […]

How to remove CTB-locker and decrypt .ctb and .ctb2 files

If you’re seeing the original extension of your files was changed to .ctb and .ctb2, that means the system is being infected with CTB-locker. CTB-locker is a ransomware which decrypts data on the victim’s computer. It uses RSA-2048 encryption, making it virtually impossible to restore files without special key. It is mentioned in note contained in three files: AllFilesAreLocked.bmp, DecryptAllFiles.txt and randomly named HTML file.