FenixLocker Virus Decrypt .Centrumfr@india.com!! Files - How to, Technology and PC Security Forum | SensorsTechForum.com

FenixLocker Virus Decrypt .Centrumfr@india.com!! Files

decrypt-ransomware-stforumA dangerous ransomware virus was encountered by malware researchers last week, dubbed FenixLocker and using the .centrumfr@india.com!! file extension which it adds to files encrypted with AES encryption algorithm. Not only this, but the virus is also reported to leave behind ransom notes, named Cryptolocker.txt and Help to decrypt.txt. These notes ask users to contact the cyber-criminals behind this virus after which they ask the infected users to pay the sum of 500$ along with detailed instructions. Thankfully, malware researchers at EmsiSoft have released a free decrypter for FenixLocker, and we have created instructions on how to use it and successfully restore your encrypted files.

FenixLocker – More Information

FenixLocker is an interesting piece of malware. Unlike most @india.com ransomware variants, this particular ransomware uses the words “FenixIloveyou!!” in it’s source code, suggesting it is a unique variant.

Besides this, FenixLocker may also use an AES-128 encryption algorithm to render the files unusable. After encryption it adds the following ransom note:

“All of your files are encrypted, to decrypt them write me to email : centrumfr@india.com
Your key:”

After contacting the e-mail, the victims receive the following ransom instructions:

ransomware-fenixlocker-500-dollar-instructions-sensorstechoforum

A researcher from EmsiSoft, Fabian Wosar has released a decrypter for this virus, and we have provided relevant instructions to help you decrypt your files for free instead of having to pay 500$ or more. Simply follow the instructions below to first remove FenixLocker and then decrypt your files.

FenixLocker – Removal

Before begging to decrypt your files, it is important to first remove FenixLocker from your computer. To do this effectively, we advise following the below-mentioned removal instructions:

Manually delete FenixLocker from your computer

Note! Substantial notification about the FenixLocker threat: Manual removal of FenixLocker requires interference with system files and registries. Thus, it can cause damage to your PC. Even if your computer skills are not at a professional level, don’t worry. You can do the removal yourself just in 5 minutes, using a malware removal tool.

1. Boot Your PC In Safe Mode to isolate and remove FenixLocker files and objects
2.Find malicious files created by FenixLocker on your PC

Automatically remove FenixLocker by downloading an advanced anti-malware program

1. Remove FenixLocker with SpyHunter Anti-Malware Tool and back up your data

FenixLocker – Decryption

To decrypt files encrypted by FenixLocker, we urge you to follow the below-described steps.

Step 1: Download FenixLocker Free Decryptor from this web page and save it on your computer.

Step 2: Copy the following files into a new folder:

  • decrypt_fenixlocker.exe
  • One encrypted picture.
  • The original variant of the encrypted picture.

In case you do not have any original variants of encrypted pictures, please, make sure to use the default Windows pictures which may also be encrypted so you should look for them from another non-infected Windows machine. They are usually located in:

For newer Windows (8, 8.1, 10):
C:\Windows\Web\Wallpaper
For Windows 7 and earlier:
C:\Users\Public\Pictures
C:\Users\{Username}\Pictures

Step 2: Drag an encrypted file on the Fenix decrypter, just like the GIF below demonstrates:

fenixlocker-decrypt-gif-sensorstechforum-ransowmare-com

Step 3: After the files are dropped, you should see a pop-up similar to the following:

2-decryption-key-found-fenixcrypter-sensorstechforum

Press OK to continue.

Step 4: After this, the primary interface of the decryptor will show:

philadelphia-stampado-ransomware-decrypt-sensorstechforum

From there choose the folders you wish to decrypt and click on the Decrypt button.

After decryption, the files should be saved in the same location where they were initially encrypted. You also have the option to choose whether to keep or discard the encrypted version of the files.

FenixLocker – What to Do After Decryption

Luckily after this virus has attacked your computer, there is a way to rescue your files. Most of the ransomware viruses that are quite often spread do not have decryption solutions. This is why we advise you to install an advanced anti-malware software to protect your computer in the future and more importantly back up your data using a relevant cloud backup tool that can do it automatically every day, without bothering you. We have suggested one of the most widely used cloud backup tools in case you want to protect your files from ransomware viruses such as FenixLocker in the future:

Vencislav Krustev

A network administrator and malware researcher at SensorsTechForum with passion for discovery of new shifts and innovations in cyber security. Strong believer in basic education of every user towards online safety.

More Posts - Website

Leave a Comment

Your email address will not be published. Required fields are marked *

Time limit is exhausted. Please reload CAPTCHA.