Providing Free and Editor Tested Software Downloads

MajorGeeks.com - Have you hugged a Geek today?

All In One Tweaks

Antivirus & Malware

Drives (SSD, HDD, USB)

Graphics & Photos

MajorGeeks Windows Tweaks

Office & Productivity

· How To and Tutorials
· Life Hacks and Reviews
· Way Off Base
· MajorGeeks Deals
· News
· Off Base
· Reviews

Opera One

Everything
you need.

Already
there.

AI assistant

Aria, built right in

Free VPN

No account needed

Ad blocker

Faster, cleaner web

Tab Islands

Grouped browsing

Useful sidebars

Make it yours

No Clunky Extensions Needed.

MajorGeeks Approved.

· YouTube
· Facebook
· Instagram
· Twitter
· Pintrest
· RSS/XML Feeds

· News Blur
· Yahoo
· Symbaloo

· Top Freeware Picks
· Malware Removal
· Geektionary
· Useful Links
· About Us

· Copyright
· Privacy
· Terms of Service
· How to Uninstall

1. GS Auto Clicker

2. Smart Defrag

3. Macrium Reflect FREE Edition

4. K-Lite Mega Codec Pack

6. Microsoft Visual C++ 2015-2022 Redistributable Package

7. Sergei Strelec's WinPE

8. Visual C++ Redistributable Runtimes AIO Repack

9. K-Lite Codec Pack Full

10. McAfee Removal Tool (MCPR)

How Much Storage Space Are Your Installed Apps Using in Windows 11?

How To Reset and Fix the Settings App in Windows 11

How To Remove the Windows 11 Updated Start Menu

How To Download a Windows 11 ISO

How To Disable Drag Tray

How To Boot Into WinRE (Windows Recovery Environment)

How To Find the Installation Date of Apps

Recently Opened Files - How To Hide or Show Them In Jump Lists, File Explorer, and Start Menu

How To Change the Name of a Local or Microsoft Account

How To Remove OneDrive From the Navigation Pane in File Explorer

Jigsaw Ransomware Rebranded as CryptoHitman;Decryptor Available

Posted by: Timothy Weaver on 05/18/2016 04:59 AM [ Comments ]

The Jigsaw ransomware has taken on a new name and a new twist to its encryption extension.

It is now called "CryptoHitman" and appends the extension ".porno" to the encrypted files. It displays an image of Agent 47 along with porno pictures.

It gives instructions to purchase bitcoins and send the money to "cryptohitman@yandex.com."

Lawrence Abrams of Bleeping Computer explains how it is just Jigsaw rebranded:

"The only major differences is the new pornographic locker screen, the use of the Hitman character, the new .porno extension that is added to all encrypted files, and new filenames for the ransomware executables. Otherwise, this ransomware performs the same as the original Jigsaw Ransomware."

It still acts like Jigsaw as it encrypts hundreds of user files and demands a $150 ransom. But there are ways to thwart the ransomware. Michael Gillespie, a security researcher and member of MalwareHunterTeam has updated the decryptor.

First you need to use TaskManager to disable these files - "%LocalAppData%\Suerdf\suerdf.exe" and "%AppData%\Mogfh\mogfh.exe". Then start MSConfig and disable the startup programs related to those files.

You can download Gillespies decryptor here.

Once you have your files back, go the extra mile and scan your system with your AV software.

Source: GrahamCluley

Comments

comments powered by Disqus

© 2000-2026 MajorGeeks.com

Powered by Contentteller® Business Edition