PXJ Ransomware

Posted: March 13, 2020

PXJ Ransomware Description

The PXJ Ransomware is a file-locker that you do not want to have to deal with. The PXJ Ransomware is incompatible with free decryption utilities, and it is able to execute a devastating file-encryption attack, which is guaranteed to cause long-term damage to your files. When the PXJ Ransomware is launched on an unprotected system, it will start off by performing several tasks that are meant to reduce the victims' chances of recovering their files. The PXJ Ransomware:

  • Empties the recycle bin.
  • Disables the Windows Recovery Console.
  • Disables the System Restore service and purges the Shadow Volume Copies.

After these steps are complete, the PXJ Ransomware will encrypt the contents of your images, videos, documents, archives, databases and other files. Whenever a file is locked, the PXJ Ransomware will modify its name by adding the '.PXJ' extension. To execute the file-encryption task, the PXJ Ransomware will use an AES key to encrypt the data, and then encrypt the AES key with the use of an asymmetric RSA key. The double encryption standard that the PXJ Ransomware uses enhances its efficiency and makes it nearly impossible to crack the cipher without the assistance of the perpetrators.

Finally, the PXJ Ransomware drops the file 'LOOK.txt,' which contains information about the attack and instructions for the victim. Users affected by the PXJ Ransomware's attack may be told to contact 'xvfxgw3929@protonmail.com' and 'xvfxgw213@decoymail.com' for data recovery instructions. The attackers promise to unlock one file for free, and warn victims that they will have to make a payment of a ransom fee if they wish to get all of their data back. While the ransom sum is not specified, the ransom message states that the fee will be doubled if it is not paid within three days. Last but not least, victims are told that failure to complete the ransom payment in seven days will result in the permanent deletion of their decryption key.

Currently, it is only possible to recover the files damaged by the PXJ Ransomware by restoring their original copies from a backup. It is not a recommended move to pay the ransom fee even if you do not have a backup copy available – the attackers may ask for a lot of money, and you never will be sure that you will not end up being tricked out of your money. For now, victims of the PXJ Ransomware should focus on removing the infection with the use of a reputable anti-virus scanner. Once the PXJ Ransomware is eradicated, the victims can start to experiment with popular data recovery tools and methods.

Use SpyHunter to Detect and Remove PC Threats

If you are concerned that malware or PC threats similar to PXJ Ransomware may have infected your computer, we recommend you start an in-depth system scan with SpyHunter. SpyHunter is an advanced malware protection and remediation application that offers subscribers a comprehensive method for protecting PCs from malware, in addition to providing one-on-one technical support service.

Download SpyHunter's Malware Scanner

Note: SpyHunter's free version is only for malware detection. If SpyHunter detects malware on your PC, you will need to purchase SpyHunter's malware tool to remove the malware threats. Learn more on SpyHunter. If you would like to uninstall SpyHunter for any reason, please follow these uninstall instructions. To learn more about our policies and practices, visit our EULA, Privacy Policy and Threat Assessment Criteria.

Why can't I open any program including SpyHunter? You may have a malware file running in memory that kills any programs that you try to launch on your PC. Tip: Download SpyHunter from a clean computer, copy it to a USB thumb drive, DVD or CD, then install it on the infected PC and run SpyHunter's malware scanner.

Leave a Reply

Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter. If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.