Jhon Woddy Ransomware

What is Jhon Woddy Ransomware?

Jhon Woddy Ransomware is another example of a file-encrypting threat. As it is typical for this type of malware, it enters devices illegally, scans them, and finds a bunch of valuable files to encrypt. Popular extensions of pictures, documents, music, and videos are all locked by this ransomware infection. On top of that, it makes .exe, .ini, and .dll files unusable, meaning that important programs could no longer be opened too after the entrance of Jhon Woddy Ransomware. At the time of writing, it is still unclear whether or not this malicious application will become a huge cyber campaign, but its infection rate is not very high today. Of course, it does not mean that there are no chances of encountering this threat for you. If you are reading this article because this dangerous infection has locked your files and now demands a ransom, go to delete it without further consideration. Letting ransomware stay is a bad idea because its malicious file might be opened accidentally again, resulting in the encryption of new files.testtesttest

What does Jhon Woddy Ransomware do?

Jhon Woddy Ransomware is a new malicious application targeting files users keep on their computers. Cyber criminals know that users are not going to pay money to get unimportant data decrypted, so they have programmed this ransomware infection in such a way that it could affect only those files having the most valuable extensions (e.g. .jpg, .mp3, .docx, .pdf, etc.). All those encrypted files will get a new extension .FUCKED, so the file Type (it can be seen by placing the mouse pointer on a file) will be changed to FUCKED File. The encryption process finishes with the appearance of a window with a ransom note. Before this window is opened, i.e. when the encryption of files is happening, users see the fake Windows Update window asking them not to restart or shut down their computers. It is said there that “system32 will be damaged” if the restart or a shutdown is performed. Also, it contains the word Microsoft, so many users do not even suspect that a harmful malicious application is doing its job on their systems.

Users who have become victims of this ransomware infection should definitely not go to pay the required amount of money. At the time of writing, cyber criminals demand 0.3 Bitcoin (~ $275). This amount of money has to be paid within 72 hours. Do not rush to send cyber criminals money because it is not the only way to decrypt files. Users can recover files quite easily from a backup after the removal of Jhon Woddy Ransomware, according to specialists. Of course, it will be impossible to do that if such a backup of the most important files does not exist. In this case, go to try out all free data recovery tools available on the web or wait for the decryption tool to be released by specialists.

Where does Jhon Woddy Ransomware come from?

Users do not download Jhon Woddy Ransomware willingly on their computers. This malicious application usually enters computers illegally. Unfortunately, we cannot say that users are not responsible for the entrance of this threat. Research has revealed that people often allow ransomware to enter their PCs without realizing that. They do that by visiting unreliable websites and downloading software from them, opening attachments they find in spam emails, or performing other careless activities. In the case of Jhon Woddy Ransomware, it must be true that it is inside your system because a malicious attachment has been opened. Users who do not wish to lose their files again should be more attentive and go to install a security application on their PCs as soon as possible. Users who already have security software should go to install a new tool for protecting their systems as well because the one they have is, evidently, untrustworthy if it has allowed ransomware to encrypt all files.

How do I delete Jhon Woddy Ransomware?

The Jhon Woddy Ransomware removal itself does not mean that files will become unlocked immediately, but it is still a must to delete it to protect future files and be able to use the computer normally. There are only two manual removal steps: first, the malicious process keeping the window on Desktop has to be killed and second, the malicious file has to be found and deleted fully from the system. If you find the manual removal process too challenging, you should erase this dangerous threat automatically. What you need to do in this case is to scan the system with an automatic malware remover.

Remove Jhon Woddy Ransomware

  1. Open the Task Manager (press Ctrl+Shift+Esc simultaneously).
  2. Open the Processes tab.
  3. Right-click on the malicious process and then select End Process.
  4. Close the Task Manager.
  5. Check the following directories one after the other: %TEMP%, %APPDATA%, %USERPROFILE%\Desktop, and %USERPROFILE%\Downloads (press Win+E to open the Windows Explorer and then copy and paste the directory with % symbols in the URL bar at the top to open it).
  6. Remove the malicious file of Jhon Woddy Ransomware.
  7. Empty the Recycle bin.
100% FREE spyware scan and
tested removal of Jhon Woddy Ransomware*

Leave a Comment

Enter the numbers in the box to the right *