Jokers House ransomware: Inspired by Jigsaw Ransomware
Jokers House ransomware is reported as a new member of a nasty file-encryption virus family – Jigsaw. Although, the ways in which the malware operates are still under investigation, because it has just emerged on the web. Nevertheless, one of the most common working principle of such destructive viruses is to encrypt the files stored on victim’s machine and demands ransom money from them to provide a decryption key that helps the users to decode their files. The main objective of the criminal hackers behind creating this ransomware is to make use of unsuspecting infected users and earn money some easy money from them. Same as its predecessor, Jokers House ransomware encrypts the system files by using a complex encipher algorithm which makes the affected files unusable and then appends a weird file extension reported as “[email protected]_ extensions” to each of infected components.
As you may already guess by noticing its appended extension, the affected computer users are instructed to contact the con artists through an email address “[email protected]” shown in the appended file extension, if they really want to get access to the file decryption key. However, the cyber extortionists does not provide the decryption tool for free. Hackers demand $100 as a ransom fee in the form of Bitcoin. Based on the ransom note displayed by Jokers House ransomware, every hour a file will be deleted if the ransom fee is not paid in an hour after the malware attacks. It also claims that closing the opened window and shutting down the computer will result in the deletion of 1000 files. However, the security investigators at RMG don’t know whether these claims are true or not, but they strongly recommend not to have any kind of business with them. However, you should remove this file-encrypting program from your PC as quickly as possible and try some alternative methods to recover your system files.
How To Protect Your Data From Jokers House ransomware Attack?
According to the research report, the ransomware is still in the initial phase of its distribution, so it is very important for the system users to know how to protect their crucial data from potential attack of Jokers House ransomware. Although, you may use anti-virus program to protect your PC from the infiltration of noxious viruses, but the main issue is that you may accidentally install the malicious program obfuscated by the racketeers onto your machine. Besides, opening a suspicious attachment derived in spam email may also cause the invasion of such noxious threats. However, after the successful removal of file-encrypting virus, you may try to recover your files and data encoded by the threat. In such circumstances, you can use backup copies of your computer files in order to retrieve them after the complete removal of Jokers House ransomware.
Steps to Uninstall Jokers House ransomware from PC
Procedure 1: Reboot Your PC in Safe Mode
How To Start Computer in Safe Mode with Networking (Win XP/Vista/7)
- Please restart your system. Just before the Windows start, continuously press F8 on your keyboard. Now, you will be presented with Advanced Options Menu.
- Select Safe Mode with Networking from the selection options. Please use the keyboard’s arrow up or down to navigate between selections and then hit Enter to proceed.
Method To Start Win 8 in Safe Mode with Networking
- Restart your PC and as soon as it begins to start, kindly please press Shift+F8 keys.
- Instead of seeing the Advance Boot Options, Win 8 will display the Recovery Mode. So, continue with the given instructions until you reach the Safe Mode function.
- Tap on ‘See advanced repair options’.
- Then after, click on Troubleshoot.
- Next, select Advanced options.
- On the next window, choose Windows Startup Settings.
- At last, click on the Restart button. Now, Windows 8 will restart and boot into the Advanced Boot Option wherein you can run the computer in Safe Mode with Networking.
ShadowExplorer can be really helpful in restoring your file encrypted by Jokers House ransomware
When Jokers House ransomware attacks it generally tries to delete all shadows copies which is stored in your computer. But there are chances that Jokers House ransomware is not able to delete the shadow copies everytime. So you need to restore the original files using shadow copies.
Follow these simple steps to restore original files through shadowexplorer
- you need to download shadowexplorer link from http://www.shadowexplorer.com/downloads.html
- Install it on your system
- Now you need to open shadowexplorer and select c: drive on left panel
- Now choose at least one month ago date from date field.
- Now you need to go to the folder which have encrypted filed.
- Now right click the encrypted files
- You need to export the original files and choose a destination to store them.
System restore can be another method to restore your encrypted files
1. Open start >> All Programs >> Accessories >> System tools >> System Restore
2. Click next to go to restore window
3. See what restore points are available for you , choose a restore point at least 20 to 30 days back.
4. Once selecting click next
5. Choose disk c: (it must be selected by default)
6. Now click next and system restore will start working and will be able to finish in few minutes.
Another method for recovering your decrypted files are file recovery software
If above methods are not successful you can go for file recovery software. It can be helpful in recovering your encrypted files as Jokers House ransomware first makes a copy of original files and then encrypt it. After encryption it deletes the original files. So there is high probability that these file recovery software can help you in recovering your original files. You can find links to some best file recovery software below.
1. Recuva : you can download from http://www.piriform.com/recuva/download
2. Testdisk: you can download from http://www.cgsecurity.org/wiki/TestDisk_Download
3. Undelete360: you can get it from http://www.undelete360.com/
4. Pandora Recovery: you can download from http://www.pandorarecovery.com/
5. Minitool partition recovery: you can get it from http://www.minitool.ca/