Click on screenshot to zoom
Danger level 7
Type: Trojans
Common infection symptoms:
  • Slow Computer
  • System crashes
  • Connects to the internet without permission
  • Installs itself without permissions
  • Can't be uninstalled via Control Panel

Rijndael Ransomware

Malware analysts at pcthreat.com have recently spotted a new ransomware-type infection. It is called Rijndael Ransomware. It, of course, slightly differs from older ransomware infections the way it looks, and it leaves a different message for users if compared to ransomware released previously, but its main goal is still the same – it seeks to obtain money from users. Creators of ransomware are well aware of the fact that users are not going to let go of their money easily, so they give them the actual reason to pay money. This is, ransomware infections encrypt users’ files and then claim that these files can only be unlocked with the help of a decryption key/tool stored on a secret cyber criminals’ server. In the case of Rijndael Ransomware, it should lock both Desktop and users’ personal files. If this infection has only opened a new window with a message on your Desktop but has not encrypted any files, it is very likely that you have encountered a corrupted version of this threat. Without a doubt, it needs to be deleted too, but, of course, there is no point in sending money to crooks in this case.

According to specialists, Rijndael Ransomware is a new version of a ransomware infection Dnransomware Steps. As a consequence, it does not surprise us at all that it also goes to encrypt users’ personal files right after infiltrating the computer. Once files are encrypted, a new extension .fucked is appended to files, and users should see a window in dark colors opened on Desktop. It can be said that it is a ransom note of Rijndael Ransomware because it contains all the information users need to know. It explains to users why they cannot open their files: “all files is encrypted with extremely powerfull new RIJNDAEL encryption.” Second, people are told that they could only access these files if they pay 0.5 BTC (~ $570) for the unlock code. Users should receive further instructions after writing an email to Riptours01@gmail.com. There is a box for the purchased code below the opened window. Actually, it seems that you do not need to have this code to get your file back. It is because specialists know the code that can unlock Desktop: 83KYG9NW-3K39V-2T3HJ-93F3Q-GT. We cannot promise that this code will unlock files for you too, but you should give it a shot. If only your screen has been unlocked, but files still have the .fucked filename extension, you will, most probably, need to use a free decryption tool. A free decryptor exists, and you should easily find it on the web. If it does not work for any reason, you should know that you can also recover your files from a backup. Go to delete Rijndael Ransomware first.

Rijndael Ransomware pretends to be an ordinary program, more specifically, a Bitcoin miner. It should be located on a dubious third-party page. Evidently, it tries to camouflage itself so that it would not be recognized and deleted too early. Actually, cyber criminals usually employ other methods to distribute ransomware too. According to our researchers, there is basically no doubt that Rijndael Ransomware is also distributed through spam emails. It travels in them as an attachment. Users know that spam emails might be dangerous, but they still open their attachments out of curiosity. Actually, we cannot blame them because these attachments often pretend to be important documents, e.g. bills. We have to admit that it is not a piece of cake to protect the system from ransomware, so we highly recommend installing a security application.

We hope that we have convinced you to erase Rijndael Ransomware from your PC. If yes, you should start its removal process by entering the code 83KYG9NW-3K39V-2T3HJ-93F3Q-GT in the unlock box on the opened window. You should do this only if you find your Desktop locked. Once you unlock it, you will need to kill a malicious process and delete a malicious file associated with it. It will not be easy, so we highly recommend following our step-by-step instructions or performing a system scan with an automatic SpyHunter scanner. Keep in mind that your files will not be unlocked even if you uninstall this infection, which means that you will have to use a free file decryptor once this infection is gone.

Delete Rijndael Ransomware manually

  1. Enter the code 83KYG9NW-3K39V-2T3HJ-93F3Q-GT in the box below “insert your code here” and click Decrypt!.
  2. Open the Task Manager (Ctrl+Shift+Esc).
  3. Open Processes and look for Rijndael.exe or BitcoinMiner.exe processes (keep in mind that this malicious process might have a different name, but it will still have EncryptRansombyhumanpuff69 in the Description field in the Task Manager).
  4. Kill the malicious process. Before you kill it, right-click on it, and select Open File Location.
  5. Delete the malicious file associated with the active process from the opened location.
  6. Empty the Recycle bin.
Download Spyware Removal Tool to Remove* Rijndael Ransomware
  • Quick & tested solution for Rijndael Ransomware removal.
  • 100% Free Scan for Windows
disclaimer
Disclaimer

Post comment — WE NEED YOUR OPINION!

Comment:
Name:
Please enter security code:
This is a captcha-picture. It is used to prevent mass-access by robots.