What is new with the TeslaCrypt 4.1b virus version?
The security experts have recently issued a report that a new TeslaCrypt 4.1b version of the notorious TeslaCrypt virus was released. We want to inform the readers who are not yet aware of this virus that it is a program you should avoid by all means. It is a ransomware-type virus, which means that once it infiltrates the computer, it scans it for files, encrypts them with a complex algorithm and asks the victim to pay a considerable amount of money to receive the access to the locked files. TeslaCrypt has already released TeslaCrypt 2.0, TeslaCrypt 3.0 and TeslaCrypt 4.0, which featured some minor modifications in the amount of ransom offered from the users and improving their encryption, with each version making the file decryption increasingly more difficult. It is possible that the virus may as well update itself to the latest version while residing on the PC, so it essential to remove TeslaCrypt 4.1b ransomware from the computer before you face even more destructive consequences. You can try using sophisticated antivirus tools like FortectIntego for this purpose, but you have to be aware that the virus may try blocking the antivirus from working, so it might need some extra help to initiate.

TeslaCrypt version 4.1b is a very recent update to this program, and few users are infected by it; therefore, the researchers are still working on determining what has specifically changed since its previous versions. It seems that in the newest version, the ransom notes the victims find on every folder containing infected data retain their former filenames: -!RecOveR!-[random_chars]++.Txt, -!RecOveR!-[random_chars]++.Png or -!RecOveR!-[random_chars]++.Htm. What is new about this program are a couple of new gateway hosts, p23cb.bobodawn.at and y4bxj.adozeuds.com added to the list of websites where the victim can transfer the ransom. Of course, the demand to pay in BitCoins also remains. The current TeslaCrypt version also uses C:\Windows\system32\wbem\WMIC.exe shadowcopy delete /nointeractive command to delete the Shadow Volume Copies of the files on the victim’s computer. However, it is not certain if this WMIC (Windows Management Instrumentation Command-line) has not been used by the previous versions of the virus as well. Either way, the occurrence of new versions of TeslaCrypt ransomware only prove that the virus creators are continuously working on improving this program to bring even more trouble to its victims and antivirus software developers. We have to point out again that TeslaCrypt 4.1b removal is essential to help stop such malicious programs from spreading because the more people get convinced into paying for their files, the more profit, and motivation the ransomware creators receive.
How can this ransomware infiltrate my computer?
It has not been noticed yet if the TeslaCrypt 4.1b version spreads any different that its previous versions. So, this means you can get infected if you are not careful about opening newly received emails. Usually, TeslaCrypt will arrive at your computer in a spam email as an attached JavaScript file named invoice_2h04qd.js. DO NOT download or open this file if it turns up in your email. The email itself might try to convince you that the attached file contains some important information, but beware! The file carried a code which, when activated, downloads TeslaCrypt 4.1b into your computer. Usually, suspicious emails like these are automatically sent to the “Spam” folder by your email provider; however, you can never be sure that these malicious programs will not slip to your regular inbox as well. Therefore, it is necessary to equip your computer with the best antivirus software and try to act more cautiously online yourself.
TeslaCrypt 4.1b removal recommendations:
As already mentioned in this article, TeslaCrypt 4.1b virus cannot be gotten rid of that easily, but it is advisable to remove TeslaCrypt 4.1b virus from the computer without a delay. You may have to use the manual guide provided below to help your antivirus start and remove the virus. You also have to keep in mind that if you have some backup files on an external drive that you want to restore on your computer, you have to make sure that the TeslaCrypt 4.1b removal was completed thoroughly. However, the easiest way to decrypt your files is to install this TeslaCrypt decryption tool and let it recover your files for you.
Was this guide helpful?
Be the first to comment