Cyber Security Center

How to delete Uihj ransomware


Uihj ransomware is file-encrypting malware from the Djvu/STOP ransomware family. We have previously written about other versions from this malware family, including Zdfv, Efvc, Hkgt, and Eijy. The malicious actors operating this ransomware regularly release new versions, though they’re all quite similar to one another. You can identify this ransomware by the .uihj extension added to encrypted files. You will not be able to open files with this extension unless you first use a decryptor on them. But getting the decryptor will not be easy because the only people who currently have it are the cybercriminals operating this malware.

 

Uihj ransomware note

 

Uihj ransomware will start encrypting your personal files as soon as you open the infected file and activate the ransomware. It will target your photos, documents, videos, and other files. Basically, it will target all of your personal files as they are the most valuable. The .uihj extension will make it easier for you to identify which files have been encrypted. For instance, when encrypted, text.txt would become text.txt.uihj. You won’t be able to open these files unless you use a specific decryptor. The _readme.txt ransom note will explain how you could obtain the decryptor. Unfortunately, you are asked to pay $980 in ransom. The note mentions a 50% discount for users who contact the cyber criminals within the first 72 hours, though it’s debatable whether these promises are accurate. We do not recommend paying the ransom or interacting with the cybercriminals because there are no guarantees that, even after paying, you will receive a decryptor. Remember that you are dealing with cybercriminals, and there is nothing to stop them from simply stealing your money and disappearing with it.

To remove Uihj ransomware from your computer, you need to use anti-malware software. It’s a pretty complex infection that should be removed with a professional program. You can connect to your backup and begin recovering files as soon as you remove Uihj ransomware from your computer.

Recovering files will be a far more challenging, if not impossible task for victims who did not back up files before infection. Waiting for a free Uihj ransomware decryptor to be released is an option, although it is unclear when it will happen. Ransomware infections from this family use online keys to encrypt files, which means the keys are unique to each victim. Unless those keys are released by the cybercriminals themselves, a free Uihj ransomware decryptor is not very likely. Nonetheless, it’s not impossible that a free Uihj ransomware decryptor will be released eventually, which is why we recommend backing up your encrypted files. If a decryptor is released, it would be posted on NoMoreRansom.

Ransomware distribution methods

Malicious actors often spread malware via email attachments. If your email address has even been leaked in the past, you likely will receive malicious emails on occasions. As soon as you open the malicious attachments, the ransomware can initiate. This is why it’s very important that you always check email attachments before opening them. You can do that by using anti-virus software or VirusTotal. Fortunately, emails that contain malware are often pretty obvious. Grammar and spelling mistakes are among the most glaring signs. The mistakes are particularly obvious and out of place because senders frequently pose as representatives of legitimate businesses whose services users use. An email that addresses you as User, Member, Customer, etc. when your name ought to be used is another red flag. You will always be addressed by name in legitimate emails whose attachments are safe to open.

Torrent websites are often unregulated, which makes them ideal for spreading malware. Malicious actors often upload torrents with malware in them. It’s especially common to find malware in torrents for entertainment content (movies, TV series, and video games). Downloading copyrighted content using torrents is not only essentially stealing, but it’s also dangerous for your computer/data.

Finally, updates are necessary to maintain the security of your computer and data. Updates fix known vulnerabilities, which malware infections frequently use to infect systems. Installing updates on a regular basis is very important. You should also enable automatic updates whenever possible.

Uihj ransomware removal

It’s not a good idea to try to manually remove Uihj ransomware because it’s quite a complex malware infection. You could cause additional damage to your computer if you’re not careful. Additionally, you might unintentionally miss some components of the ransomware, which could allow it to recover later on. Your backed-up files would become encrypted if you connected to your backup while ransomware was still active on your computer. In order to remove Uihj ransomware from your computer, you need to use a reliable anti-virus program. You can connect to your backup as soon as you fully delete Uihj ransomware from your computer.

Uihj ransomware is detected as:

  • Win32:Malware-gen by Avast/AVG
  • Trojan.GenericKDZ.88330 by BitDefender
  • Trojan.GenericKDZ.88330 (B) by Emsisoft
  • A Variant Of Win32/Kryptik.HPSS by ESET
  • Packed-GDT!9C59B51F1856 by McAfee
  • Ransom:Win32/StopCrypt.PBQ!MTB by Microsoft
  • HEUR:Trojan.Win32.Zenpak.gen by Kaspersky
  • Trojan.MalPack by Malwarebytes

 

Uihj ransomware detections