How to remove Scarab-Danger Ransomware and restore .fastsupport@xmpp.jp and .fastrecovery@xmpp.jp files

5/5 (2)

Scarab-Danger is a yet another variant of Scarab Ransomware family. The new virus is very dangerous, by detecting most important files on PC and even on a remote cloud, it encrypts them within minutes. Affected files will be renamed beyond recognition according to a pattern - .fastsupport@xmpp.jp (.fastrecovery@xmpp.jp). For example, file "myfamily.jpg" will turn into "sOxqNX+4pXv5bHQvHmay58jYdwM.fastsupport@xmpp.jp".

How to to remove Donut ransomware and restore .donut files

5/5 (5)

Donut is a new cryptovirus that encodes users’ personal files. During encryption, .donut extension is added to each infected file. For example, file “mydoc.doc” will turn into “mydoc.doc.donut”. It is noteworthy that, to date, the largest number of victims of Donut Ransomware from France. To encrypt files, it uses AES encryption algorithm when each user is assigned a decryption key which is immediately sent to the remote cloud.

How to remove XiaoBa Ransomware and restore .AdolfHitler files

5/5 (2)

What is XiaoBa Ransomware?

XiaoBa is another version of XiaoBa crypto-virus that encrypts users’ personal files and appends them with .AdolfHitler extension. For example, file “mydoc.doc” will turn into “mydoc.doc.AdolfHitler”. To encrypt files, it uses RSA-4096 asymmetric encryption algorithm when each is assigned a unique ID key which cybercriminals transfer to a remote cloud. In the end, it replaces your desktop wallpaper with “# # DECRYPT MY FILE # #.bmp” that contains pay instruction to restore encrypted files. Moreover, it makes your system play some music in the background. read more

How to remove Scarab-Rebus Ransomware and recover .REBUS files

5/5 (2)

Scarab-Rebus (Rebus) is the newest variant of Scarab Ransomware. It renames all targeted files with Base64 encoding scheme and appends them with .REBUS extension. For example, file “mydoc.doc” will turn into “2wHNr2iP509NNRi4UQYgc.REBUS”. As usual, virus places a ransom note (REBUS RECOVERY INFORMATION.TXT) on the desktop at the end of the process where the victim will find pay method to restore encrypted files.

How to remove Sigrun Ransomware and recover .sigrun files

5/5 (2)

Sigrun is a cryptovirus that demands money for data recovery. Once it crawls into the system, ransomware starts to scan your system in order to find most sensitive files on user’s computer such as documents, photos, and video. Then, all targeted files will be encrypted using AES algorithm and renamed with the addition of the .sigrun extension.

How to remove Rapid 3.0 ransomware and decrypt files

5/5 (2)

What is Rapid 3.0 Ransomware?

Developers of Rapid Ransomware do not sit on their hands, following Rapid 2.0, they’ve released the third version of the virus. As a previous version, Rapid 3.0 blocks access to the users’ personal files using AES-256 encryption algorithm. To get back your files, malefactors demand a ransom which is made in bitcoins through Tor browser. This is done to remain anonymous and escape punishment. Each encrypted file might be renamed in accordance with .[5-random-chars] pattern or get “.Rapid” suffix, for example, file “mydoc.doc” will turn into “mydoc.doc.Rapid”. The ransom note that Rapid 3.0 creates upon completion of encryption didn’t change the name – DECRYPT.[5-random-characters].txt: read more

How to remove CryptON Ransomware and recover ._crypt files

5/5 (2)

What is CryptON Ransomware?

CryptON is an infamous virus that extorts money from users in exchange for their personal data. The point is, immediately after penetration, it starts to encrypt all sensitive files on victim’s computer using AES-256 complicated algorythm. In the process of encryption, all files get ._crypt extension, for example, file “mydoc.doc” will turn into “mydoc.doc._crypt files”. We also want to note that in some cases the extension might be different. At the time of writing the article, there are known following cases:
.id-_locked.id-_locked_by_krec.id-_locked_by_perfect.id-_x3m.id-_r9oj.id-_garryweber@protonmail.ch.id-_steaveiwalker@india.com_.id-_julia.crown@india.com_.id-_tom.cruz@india.com_.id-_CarlosBoltehero@india.com_.id-_maria.lopez1@india.com_ read more