Severity scale:  
  (98/100)

Joker_lucker@aol.com.wallet ransomware virus. How to remove? (Uninstall guide)

removal by Olivia Morelli - - | Type: Ransomware
12

Aims of Joker_lucker@aol.com.wallet virus

Joker_lucker@aol.com.wallet virus is the most recent Dharma ransomware variation, also known as undecryptable CrySiS remake. Recently IT specialists have released a decryption tool for the original version of Dharma threat[1]. This virus is programmed to scan system folders and distort files found in them. To implement this, Joker_lucker@aol.com.wallet ransomware applies a strong AES + RSA encryption method[2] that securely locks files on victim’s computer. During this process, the virus adds either one or another file extension to encrypted files:

  • Joker_lucker@aol.com.wallet;
  • Joker_lucker@aol.com.dharma.

The worst part is that .dharma or .wallet files cannot be opened without a special decryption key that is created after data encryption and sent to criminals Command & Control servers. There is no way to get this decryption key without criminals’ intervention, but these scammers are not willing to provide it for free. That is why the virus changes desktop wallpaper with an image that informs the victim to contact criminals via Joker_lucker@aol.com (in some cases – lavandos@dr.com) for information on how to obtain the decryption key. There are no doubts what cyber criminals want victims to do. Just like the vast majority of ransomware viruses and also all CrySiS variants[3], they enjoin victims to buy Bitcoins via sites like LocalBitcoin or CoinCafe and transfer them to a provided Bitcoin wallet address. Later on, criminals order victims to send them another email containing transaction details. The number of transaction is supposed to be a proof of ransom-payment, and then criminals are supposed to provide the Joker_lucker@aol.com virus decryptor. However, the situation can go the wrong way, and you can lose your money just like you lost your files[4]. It doesn’t matter what these scammers promise you – you cannot do anything against them, and so if they decide to ignore you, it means you will never get your files back. Paying the ransom is so not worth the risk, so we do not recommend doing it. Besides, keep in mind that you can restore files using data backup, so just remove Joker_lucker@aol.com virus using anti-malware tools like Reimage and plug in the backup[5] drive into the computer then.

How did this CrySiS variant plague your system?

Crysis ransomware is mainly distributed via malicious spam campaigns. You should beware of email letters coming from unknown people, and never open their attachments or basically any links included in the message. Sometimes it is hard to recognize such phishing messages because they are professionally designed to look convincing. Frauds tend to pretend that they are writing from well-known companies like Amazon, eBay, PayPal, or some healthcare organization. These scammers even pretend to be delivering medical test results, stating that the victim has been diagnosed with cancer. Of course, criminals can get shocked and rush to open fake medical reports added to such letters. You know what happens next – email attachment is not real document because it is a malicious file that contains ransomware. Opening such file leads to disastrous consequences, so do not rely on unknown senders and do not explore links and email attachments they send to you!

Delete Joker_lucker@aol.com.wallet file extension virus

If your files have been locked with this malicious virus, there is nothing much you can do. Files can be fully restored from a backup, and if you do not have it, we have to disappoint you by saying that it is impossible to restore them in any other way. Therefore, you should remove Joker_lucker@aol.com.wallet virus ASAP and take preventive measures to make sure that you never end up in such unenviable situation in the future. These Joker_lucker@aol.com.wallet removal guidelines will guide you through the malware removal process.

We might be affiliated with any product we recommend on the site. Full disclosure in our Agreement of Use. By Downloading any provided Anti-spyware software to remove Joker_lucker@aol.com.wallet ransomware virus you agree to our privacy policy and agreement of use.
do it now!
Download
Reimage (remover) Happiness
Guarantee
Download
Reimage (remover) Happiness
Guarantee
Compatible with Microsoft Windows Compatible with OS X
What to do if failed?
If you failed to remove infection using Reimage, submit a question to our support team and provide as much details as possible.
Reimage is recommended to uninstall Joker_lucker@aol.com.wallet ransomware virus. Free scanner allows you to check whether your PC is infected or not. If you need to remove malware, you have to purchase the licensed version of Reimage malware removal tool.
More information about this program can be found in Reimage review.
Press mentions on Reimage

Manual Joker_lucker@aol.com.wallet virus Removal Guide:

Remove Joker_lucker@aol.com.wallet using Safe Mode with Networking

  • Step 1: Reboot your computer to Safe Mode with Networking

    Windows 7 / Vista / XP
    1. Click Start Shutdown Restart OK.
    2. When your computer becomes active, start pressing F8 multiple times until you see the Advanced Boot Options window.
    3. Select Safe Mode with Networking from the list Select 'Safe Mode with Networking'

    Windows 10 / Windows 8
    1. Press the Power button at the Windows login screen. Now press and hold Shift, which is on your keyboard, and click Restart..
    2. Now select Troubleshoot Advanced options Startup Settings and finally press Restart.
    3. Once your computer becomes active, select Enable Safe Mode with Networking in Startup Settings window. Select 'Enable Safe Mode with Networking'
  • Step 2: Remove Joker_lucker@aol.com.wallet

    Log in to your infected account and start the browser. Download Reimage or other legitimate anti-spyware program. Update it before a full system scan and remove malicious files that belong to your ransomware and complete Joker_lucker@aol.com.wallet removal.

If your ransomware is blocking Safe Mode with Networking, try further method.

Remove Joker_lucker@aol.com.wallet using System Restore

  • Step 1: Reboot your computer to Safe Mode with Command Prompt

    Windows 7 / Vista / XP
    1. Click Start Shutdown Restart OK.
    2. When your computer becomes active, start pressing F8 multiple times until you see the Advanced Boot Options window.
    3. Select Command Prompt from the list Select 'Safe Mode with Command Prompt'

    Windows 10 / Windows 8
    1. Press the Power button at the Windows login screen. Now press and hold Shift, which is on your keyboard, and click Restart..
    2. Now select Troubleshoot Advanced options Startup Settings and finally press Restart.
    3. Once your computer becomes active, select Enable Safe Mode with Command Prompt in Startup Settings window. Select 'Enable Safe Mode with Command Prompt'
  • Step 2: Restore your system files and settings
    1. Once the Command Prompt window shows up, enter cd restore and click Enter. Enter 'cd restore' without quotes and press 'Enter'
    2. Now type rstrui.exe and press Enter again.. Enter 'rstrui.exe' without quotes and press 'Enter'
    3. When a new window shows up, click Next and select your restore point that is prior the infiltration of Joker_lucker@aol.com.wallet. After doing that, click Next. When 'System Restore' window shows up, select 'Next' Select your restore point and click 'Next'
    4. Now click Yes to start system restore. Click 'Yes' and start system restore
    Once you restore your system to a previous date, download and scan your computer with Reimage and make sure that Joker_lucker@aol.com.wallet removal is performed successfully.

Bonus: Recover your data

Guide which is presented above is supposed to help you remove Joker_lucker@aol.com.wallet from your computer. To recover your encrypted files, we recommend using a detailed guide prepared by 2-spyware.com security experts.

If you found joker_lucker@aol.com.wallet file extensions on all of your files and if the picture on your desktop says you must write to joker_lucker@aol.com to decrypt your files, it means that your computer has been critically affected. We advise you to remove the virus as quickly as you can, then look if you have a backup. If you don’t, these tips can help you to recover your files, too.

If your files are encrypted by Joker_lucker@aol.com.wallet, you can use several methods to restore them:

Run Data Recovery Pro

Data Recovery Pro comes in handy when it comes to restoration of corrupted/deleted files. You should try this tool on files encrypted by this ransomware virus.

Windows Previous Versions

If you or your relatives have toggled System Restore mode on, you can restore individual files using Windows Previous Copies. It is an advantageous feature that can help you restore files one-by-one, but not all at once. To restore more files,  you will need to devote more time.

  • Find an encrypted file you need to restore and right-click on it;
  • Select “Properties” and go to “Previous versions” tab;
  • Here, check each of available copies of the file in “Folder versions”. You should select the version you want to recover and click “Restore”.

Finally, you should always think about the protection of crypto-ransomwares. In order to protect your computer from Joker_lucker@aol.com.wallet and other ransomwares, use a reputable anti-spyware, such as Reimage, Plumbytes Anti-MalwareWebroot SecureAnywhere AntiVirus or Malwarebytes Anti Malware

About the author

Olivia Morelli
Olivia Morelli - Ransomware analyst

If this free removal guide helped you and you are satisfied with our service, please consider making a donation to keep this service alive. Even a smallest amount will be appreciated.

Contact Olivia Morelli
About the company Esolutions

References

Removal guides in other languages


  • Phoebee

    Nasty dharma virus. I hope someone finds that filthy office where ransomware authors work…

  • Amanda

    Message to ransomware authors: you are fools and cowards, and you cannot do anything better in this life than extort money from innocent people, you talentless frauds! if you can code create programs that would help humanity, not cause sadness and other negative emotions!

    • Leon

      truth has been spoken.

  • Mintu

    Please suggest me, how to recover (age_empires@aol.com).wallet file.