Do you know what PXJ Ransomware is?
PXJ Ransomware is a file-encrypting and ransom-demanding infection. It belongs to a group of malware that grows and expands every day, but this particular threat appears to be unique. It does not belong to a larger family of infections that were created using the same code. That being said, there is nothing special about this infection. It operates using one file, and it drops only one additional file, which is a text file. The entrance of this threat is predictable because it follows the same patterns as most other ransomware infections. According to our researchers, spam email and bundled installers are used to spread the launcher of the threat. If security software is installed on the targeted computer, the infection is deleted before execution. If your personal files were encrypted already, that means that your system is not protected reliably. Unfortunately, even if you remove PXJ Ransomware instantly, your files will remain corrupted.
The name of PXJ Ransomware derives from the “.pxj” extension that gets added to all of the encrypted files. Other than that, the infection appears to be nameless. Once it slithers in and encrypts files – which means that data is changed to prevent you from reading them – a file named “LOOK.txt” is dropped. Copies of this file are meant to be dropped to every single folder that has encrypted photos, documents, and other personal files. The message inside the file informs that files were encrypted and that a ransom must be paid in return for a decryptor. The message also warns: “If you do not contact us within 3 days, the price will double every day. And if you do not get in touch for a week, your files will be lost forever.” So, should you send messages to xvfxgw3929@protonmail.com and xvfxgw213@decoymail.com to get information about the ransom and its payment? You should not.
The attackers behind PXJ Ransomware can use every and any opportunity to make money, and if you expose your email address, they can sell it to third parties. They could try to scam you in other ways. The creator of the ransomware themselves would use this email address to extort money from you. Should you pay the demanded ransom to get a decryptor? Well, if you had guarantees that a decryptor would be provided to you, you could consider this; however, there are no guarantees. The ransom message tries to convince you that the decryption of files is “guaranteed,” but this is just an empty promise. In reality, there is no proof that you would get anything, and the attackers’ word alone is worth nothing. The bad news is that a free decryptor that would decipher the PXJ Ransomware encryptor did not exist at the time of research. Hopefully, you have backups that you can use to replace the corrupted files after the removal.
PXJ Ransomware screenshot
Scroll down for full removal instructions
We cannot tell you where the launcher of PXJ Ransomware is because we do not know it. Perhaps it is in the Downloads folder or on the Desktop. And maybe you can find it in the %TEMP% directory. It is also unclear what the name of this file is. Obviously, if you can find the threat – which you can do using a trusted malware scanner – you might be able to perform manual removal. That being said, even if you have this option, we advise installing anti-malware software. Yes, it will automatically delete PXJ Ransomware, but what is more important is that this software will protect your Windows operating system for the future.
Remove PXJ Ransomware
- Delete all recently downloaded suspicious files.
- Delete all copies of the ransom note file, LOOK.txt.
- Empty Recycle Bin.
- Install a free malware scanner to examine your system for malware leftovers.
In non-techie terms:
PXJ Ransomware is a dangerous infection, and if it has found a backdoor into your operating system, all personal files must be now encrypted. You must delete PXJ Ransomware, but that will not salvage your files. We cannot confirm any free decryptors at this point either. It appears that you can save your files only if copies already exist outside the computer. If that is the case, you want to make sure that you remove the infection first. How should you do it? You might be able to perform manual removal, but we advise implementing anti-malware software because it can simultaneously eliminate threats and secure your system to prevent new threats from attacking it successfully.