Fighting the Londec virus

The first thing we advise our readers to do if they face an encryption virus like Londec is to remove the malware. Otherwise, you may not be able to create new files in your machine without them getting locked by the malware. Also, if you connect some external device to your computer, the files in it may get locked up as well, making the matters even worse. This is why it is so important to get rid of the threat before trying to recover your data. The guide below will help you with the quick and effective elimination of the Londec Ransomware – just follow the steps, or use the recommended anti-malware tool for automatic removal of the infection.

What about the .Londec file encryption?

The issue with most Ransomware encryption-viruses like Londec, Masok, Prandel is that their encryption won’t go away even if the malware gets removed. To restore your files, you will need to try some of the suggested alternative restoration methods available in the second part of our guide. However, unfortunately, we can’t guarantee the success of those methods. They may or may not work and it all depends on the specific case of Ransomware infection. The good news is that those methods won’t cost you anything an you won’t have to pay a ransom in order to try them. One thing you may have forgotten due to panic and stress is checking your other devices for some safe and accessible copies of your files. If you find any such copies, simply copy them back onto your computer after you remove the virus.

Londec SUMMARY:

[add_third_banner]

Londec Ransomware Removal

1: Preparations

Note: Before you go any further, we advise you to bookmark this page or have it open on a separate device such as your smartphone or another PC. Some of the steps might require you to exit your browser on this PC.

2: Task Manager

Press Ctrl + Shift + Esc to enter the Task Manager. Go to the Tab labeled Processes (Details for Win 8/10). Carefully look through the list of processes that are currently active on you PC.

If any of them seems shady, consumes too much RAM/CPU or has some strange description or no description at all, right-click on it, select Open File Location and delete everything there.

Also, even if you do not delete the files, be sure to stop the process by right-clicking on it and selecting End Process.

3: IP related to Londec

Go to c:\windows\system32\drivers\etc\hosts. Open the hosts file with notepad.

Find where it says Localhost and take a look below that. 

If you see any IP addresses there (below Localhost) send them to us here, in the comments since they might be coming from the Londec.

[add_forth_banner]

4: Disable Startup programs

Re-open the Start Menu and type msconfig.

Click on the first search result. In the next window, go to the Startup tab. If you are on Win 10,  it will send you to the Startup part of the task manager instead, as in the picture:

If you see any sketchy/shady looking entries in the list with an unknown manufacturer or a manufacturer name that looks suspicious as there could be a link between them and Londec , disable those programs and select OK.

5: Registry Editor

Press Windows key + R and in the resulting window type regedit.

Now, press Ctrl + F and type the name of the virus.

Delete everything that gets found. If you are not sure about whether to delete something, do not hesitate to ask us in the comments. Keep in mind that if you delete the wrong thing, you might cause all sorts of issues to your PC.

6: Deleting potentially malicious data – Londec

Type each of the following locations in the Windows search box and hit enter to open the locations:

%AppData%

%LocalAppData%

%ProgramData%

%WinDir%

%Temp%

Delete everything you see in Temp linked to Londec Ransomware. About the other folders, sort their contents by date and delete only the most recent entries. As always, if you are not sure about something, write to us in the comment section.

7: Londec Decryption

The previous steps were all aimed at removing the Londec Ransomware from your PC. However, in order to regain access to your files, you will also need to decrypt them or restore them. For that, we have a separate article with detailed instructions on what you have to do in order to unlock your data. Here is a link to that guide.

The post Remove Londec Virus Ransomware (+.Londec File Recovery) appeared first on Malware Complaints.

The .Brusaf virus

Our “How to remove” team has been contacted with a call for assistance by some of our site visitors, who have had the misfortune of becoming victims of this malicious cryptovirus. And indeed, dealing with Ransomware is usually very hard. Moreover, the consequences of its attack are can be very unpleasant, especially if the encrypted files are of great importance to you. Still, we may be able to offer you some guidelines on how to deal with Brusaf in a fast and reliable manner. In the next lines, there is a manual removal guide created to help all victims of Brusaf to get rid of it. Detecting the Ransomware is really important because, otherwise, you cannot use your computer as a location for storing new data. Nevertheless, eliminating the virus may not automatically reverse the encryption applied to the targeted files. Therefore, for such cases, in the removal guide below, you will find separate instructions in a special file-recovery section, which are published to help the victims potentially get back some of their most valuable files.

.Brusaf file encryption solutions

The most common question we get asked from victims of Ransomware is “What are the options?”. The most obvious one is to pay the ransom, which is exactly what the hackers want you to do. And that will be basically funding their criminal blackmailing scheme. The crooks want the victims to pay them in Bitcoins or some other cryptocurrency, which guarantees their identities will remain anonymous. But if you agree to pay the ransom, then you will be at the mercy of the hackers, which isn’t ideal for you. The reason is, many victims never receive the decryption solution needed for accessing their files, even after they have carefully completed all ransom payment instructions. And many more obtain a decryption key that is utterly ineffective. Therefore, most security experts do not advise the victims of Ransomware to send their money to the hackers with the hope that the latter will help them.

Unfortunately, we must say the other alternatives for coping with the effects of Brusaf, Masok, Prandelon your machine aren’t that many. Plus, they may not always be very effective. But, still, they can at least help you save the money you would otherwise lose by paying the ransom. You can start by removing the computer virus with the help of the guide below. Then, once you have removed the Ransomware, you can head over to the file-recovery section and give a try to the suggestions there. They may work differently on different systems, or might not work at all in certain cases. Still, there is no way of knowing until you actually try.

Brusaf SUMMARY:

[add_third_banner]

Remove Brusaf Ransomware

1: Preparations

Note: Before you go any further, we advise you to bookmark this page or have it open on a separate device such as your smartphone or another PC. Some of the steps might require you to exit your browser on this PC.

2: Task Manager

Press Ctrl + Shift + Esc to enter the Task Manager. Go to the Tab labeled Processes (Details for Win 8/10). Carefully look through the list of processes that are currently active on you PC.

If any of them seems shady, consumes too much RAM/CPU or has some strange description or no description at all, right-click on it, select Open File Location and delete everything there.

Also, even if you do not delete the files, be sure to stop the process by right-clicking on it and selecting End Process.

3: IP related to Brusaf

Go to c:\windows\system32\drivers\etc\hosts. Open the hosts file with notepad.

Find where it says Localhost and take a look below that. 

If you see any IP addresses there (below Localhost) send them to us here, in the comments since they might be coming from the Brusaf.

[add_forth_banner]

4: Disable Startup programs

Re-open the Start Menu and type msconfig.

Click on the first search result. In the next window, go to the Startup tab. If you are on Win 10,  it will send you to the Startup part of the task manager instead, as in the picture:

If you see any sketchy/shady looking entries in the list with an unknown manufacturer or a manufacturer name that looks suspicious as there could be a link between them and Brusaf , disable those programs and select OK.

5: Registry Editor

Press Windows key + R and in the resulting window type regedit.

Now, press Ctrl + F and type the name of the virus.

Delete everything that gets found. If you are not sure about whether to delete something, do not hesitate to ask us in the comments. Keep in mind that if you delete the wrong thing, you might cause all sorts of issues to your PC.

6: Deleting potentially malicious data – Brusaf

Type each of the following locations in the Windows search box and hit enter to open the locations:

%AppData%

%LocalAppData%

%ProgramData%

%WinDir%

%Temp%

Delete everything you see in Temp linked to Brusaf Ransomware. About the other folders, sort their contents by date and delete only the most recent entries. As always, if you are not sure about something, write to us in the comment section.

7: Brusaf Decryption

The previous steps were all aimed at removing the Brusaf Ransomware from your PC. However, in order to regain access to your files, you will also need to decrypt them or restore them. For that, we have a separate article with detailed instructions on what you have to do in order to unlock your data. Here is a link to that guide.

The post Remove Brusaf Virus Ransomware (+.Brusaf File Recovery) appeared first on Malware Complaints.