Emsisoft Releases Free Decryption Software for MegaLocker Ransomware

Good news for those infected by most variants of MegaLocker and NamPoHyu Virus ransomware, Emsisoft has released a free MegaLocker decrypter that can help you recover files encrypted by the computer virus. However, it is currently ineffective against the first variant of MegaLocker ransomware that appends the .crypted file extension to encrypted files. On the other hand, files encrypted with the .nampohyu file extension may be recovered with the aide of the newly released decryption software. The files that can be recovered are typically associated with ransomware that drops a text file named “!DECRYPT_INSTRUCTION.TXT.”

MegaLocker ransomware targets Samba servers and encrypts their data remotely. This is somewhat different from most infections who typically rely on an executable file on a local machine to be launched. This is not all that the ransomware does. It also brute forces passwords, remotely encrypts passwords, and then remotely encrypts files.

The arrival of a decryption program could not have come at a better time. To use the decryption software, make sure that the malware has been removed from your machine, otherwise, it may repeatedly lock your system, encrypt your files, and cause other problems.

How to use the decrypter:

1. Download Emsisoft Decrypter for MegaLocker.
2. Run the decrypter as administrator and agree to the License Terms by clicking Yes.
3. Select a ransom note by clicking the Browse button, then click the Start button.
4. When the decrypter finds the key, click OK to open the user interface.
5. The decrypter will pre-populate the locations to decrypt. Additional locations can be added using the Add button.
6. Once all the locations are added, click the Decrypt button to start the decryption process.
7. When the process is finished you will be informed by the decrypter.