EGENH Ransomware Removal and Restore Files

0
6
RaRansomware or EGENH ransomware virus removal

EGENH is a ransomware that was first discovered by the security researcher, Karsten Hahn. It exists to encrypt your data and demand money for undoing the damage done to it, and that’s exactly what it starts doing as soon as it infiltrates your system. A combination of AES-128 and RSA-1028 is used for this and the files affected by that threat become unusable. The pattern of “[16_random_characters].EGENH” gets appended to them, so if you see this, you can be certain about your computer being compromised by that particular virus. An .html document in then created and placed into each of your folders. It’s called “RaRansomware – Recovery instructions.html” and the following message can be seen inside of it –

All your files are belong to us!

All your personal files, including, but not limited to:

Photos, videos, databases and office projects have been encrypted using a mix of two very strong cryptographic algorithms – AES-128 and RSA-1028. Original files have been overwritten, recovery tools and software will not help you.

The only way to recover your files, are to meet our demands.

Be warned, we won’t be able to recover your files if you start fiddling with them.

You have 120 hours (5 days) from this moment to send us payment, or you files will be lost in eternity.

To start the recovery process you need to download and install the Tor browser, which is easily done from their own home-page.

Once you have the Tor browser running you need to navigate to hxxp://recovery6m3lvkxg.onion and then input your personal id displayed below.

Further payment instructions will be given once logged in.

If you visit the website provided in this document, you get presented with this text –

All your files are belong to us!

All your personal files, including, but not limited to:

Photos, videos, databases, office projects have been encrypted using a mix of two very strong cryptographic algorithms: AES-128 and RSA-1028. Original files have been overwritten, recovery tools and software will not help you.

The only way to recover your files, are to meet our demands.

Be warned, we won’t be able to recover your files if you start fiddling with them.

You have 120 hours (5 days), from this moment, to send us payment, or you files will be lost in eternity.

There’s currently no decryption tool available for EGENH, but it still doesn’t mean you have to sponsor people responsible for it with your money. Instead of doing that, install a program like SpyHunter and use it to eliminate the threat, referring to instructions posted below the article in case you need any help. Following the successful deletion, recover your data from backup and prevent situations like this from happening again in the future.

For that, limit your visits to suspicious sources and don’t install updates for your software if the prompt for this gives you any doubts. Don’t click on links or advertisements that give you the same impression and don’t open the attachments that come with spam emails. Plus, keep SpyHunter updated and running all the time, and it should be enough to keep your PC protected from getting compromised. As you can see, achieving that goal isn’t something that can be considered impossible.

LEAVE A REPLY

Please enter your comment!
Please enter your name here