Ransomware

Banjo File Virus (.[mutud@airmail.cc].banjo File) Ransomware

.Banjo Virus is a nasty Ransomware which appends “.[mutud@airmail.cc].Banjo” extension to file names after encrypting victims data. This nasty threat is the latest development of hackers behind Phobos Ransomware. When this virus encrypt your files, they get renamed in very distinctive manner following this pattern: original name of your file followed by the unique ID assigned to the victims and then email address of the , cyber criminals and finally the “.Banjo” extension. For example, if a file named “1.jpg” get encrypted, it will be changed into “1.jpg.id[C279F237-3182].[mutud@airmail.cc].Banjo”.

Once Banjo Ransomware finish encrypting all your files, it will ransom note in all the affected folders. You can find ransom notes (“info.hta”)  which is a pop-up window and (“info.txt”) which is a text file in all the folders on your computer. You will be asked to contact the hackers via email address: mutud@airmail.cc or krasume@tutanota.com to pay the ransom money to purchase the decryption key. Read this guide to know how to remove this virus and recover files without paying money to hackers.

SpyHunter 5 Anti-Malware

Threats like Banjo Virus keep getting back on PC if all associated files are not removed. So you are advised to use a powerful Malware Removal Tool to run a thorough scan of your PC and delete all threats at once.

Special Offer SpyHunter 5 Anti-Malware offers a 7-day fully-functional Free Trial. Credit card required, NO charge upfront. No charge if you cancel up to two business days before the trial period ends. Read SpyHunter 5 Review, and Free SpyHunter Remover details.
Compatible with: Windows XP/Vista/7/8/10 (32-bit and 64-bit)

What is Banjo Virus

If you encounter this dubious .Banjo malware on your system then it is safe to assume that all your files has been encrypted and you are not able to access any of your data. After successful encryption of your files, this nasty .Banjo File virus will also add its malicious extension to all the file names to marked them locked and then leave ransom note on your system demanding money to give you decryption key. It is a serious threat and all your files are now hijacked which can not be deciphered without the private key generated for your system.

.Banjo Virus will ask you in its ransom note that all your files are encrypted and they can be decoded but you will need a decryption key and that you can only get by paying ransom money through BitCoin. Hackers behind this threat will ask you to send some of your files with your unique ID for the free decryption to prove that they can recover your files once you pay the money. It is a phishing technique and most of users fall for this kind of trick. When .Banjo File virus recovers some of the encrypted files, then victims get more than willing to pay ransom money. They simply hope that they can recover all their files at once after paying ransom money.

How your PC got Infected

.Banjo File Virus mostly enter your system secretly and thus you don’t even know notice when and how all your files got encrypted. Hackers use spam email techniques to send malicious attachments directly to the targeted machine through users inbox and virus get installed as soon as the user opens that mail. Your system could get infected by this nasty .Banjo file virus when you download bundled freeware programs, shareware applications, cracked software, illegal patches etc. from untrusted and shady websites that are more likely used by hackers for spreading malware.

This deceptive .Banjo Ransomware infection could also contaminate your system when you browse porn or torrent sites, click on ads, pop-ups, banners etc. that redirect your browser on malicious websites, share files on unsafe network and other social engineering attack methods. So you need to be very careful around the Internet if you want to avoid any malware attacks. You should also keep backup of all your important files in case of Ransomware intrusion.

Banjo Ransomware : Threat Analysis

Name Banjo
Type Ransomware, File-Encrypting virus
Extension .[mutud@airmail.cc].Banjo
Threat Level High (Encrypt all your data and Restrict access to your files).
Symptoms Victims cannot access any files on their PC and find Ransom note asking for money.
Damage Banjo will  encrypt your data by adding its extension to file names and demand ransom money for decryption key
Distribution It is mainly distributed through spam emails, bundled freeware, porn or torrent sites.
Removal Download SpyHunter 5 Anti-Malware
File Recovery Download Data Recovery Software Now

Why not pay Ransom money

One thing you should know that most of the victims complaints that they got cheated by .Banjo virus. They did not get any decryption key after they sent money on the hackers Bitcoin wallet. Cybercriminals even stop responding to their emails and they never get any reply about how to recover their files. So it is quite clear that paying extortion money is not a good idea because hackers do not restore encrypted data ever.

Ransom Note left by Eking Ransomware has following text message:
All your files have been encrypted!

All your files have been encrypted due to a security problem with your PC. If you want to restore them, write us to the e-mail: mutud@airmail.cc
Write this ID in the title of your message -
In case of no answer in 24 hours write us to this e-mail:krasume@tutanota.com
Our online operator is available in the messenger Telegram: @krasume
You have to pay for decryption in Bitcoins. The price depends on how fast you write to us. After payment we will send you the tool that will decrypt all your files.

Free decryption as guarantee
Before paying you can send us up to 5 files for free decryption. The total size of files must be less than 4Mb (non archived), and files should not contain valuable information. (databases,backups, large excel sheets, etc.)

How to obtain Bitcoins
The easiest way to buy bitcoins is LocalBitcoins site. You have to register, click 'Buy bitcoins', and select the seller by payment method and price.
hxxps://localbitcoins.com/buy_bitcoins
Also you can find other places to buy Bitcoins and beginners guide here:
hxxp://www.coindesk.com/information/how-can-i-buy-bitcoins/

Attention!
Do not rename encrypted files.
Do not try to decrypt your data using third party software, it may cause permanent data loss.
Decryption of your files with the help of third parties may cause increased price (they add their fee to our) or you can become a victim of a scam.

What to do now

Now the fact is .Banjo virus has encrypted all your files you need them back but there is no way you can trust hackers for decoding your data after your pay the ransom fees. As there is no free decryptor available for the Phobos ransomware or this particular .Banjo file virus that makes the situation more harassing. So now you are left with some very important choices like first create backup of all your encrypted files and store them on any cloud drive. Now if you have backup of your data then you can simply remove this virus from your computer using the Automatic Malware Removal software and recover your files through backup.

If you don’t have have backup of your files, then you first remove Banjo virus and then try to recover your files through shadow file recovery which can only recover files from C drive. If you want to recover all your data then you can use Data Recover Software to restore all your files. Now if you want the free solution, you may have to wait for long time before any security company launch free decryptor.

Reinstalling the Windows or formatting your computer will not do any good because this virus can still get backup on your system, but it will eliminate any chance you have of recovering your files because your hard drive will get over written after which no data recovery process will work. So you are advised to follow below guide to permanently remove .Banjo File Virus from your computer and recover your files using data recovery software.

Automatic Banjo Removal Guide

As you already know that, Banjo Virus is a notorious and cunning malware which is not hard to remove easily by any user through manual means. This virus can keep coming back on the infected computer through files and shortcuts or settings that it has already created on your machine. Removing all those at once is the only way to get rid of this infection and stop it from getting on your system ever again.

So the best way to remove Banjo effectively is to use a powerful Automatic Removal Tool and save your time and efforts. This software is a well trusted and very powerful anti-malware program which can detect all hidden threats like Trojan, Ransomware, Worms, Spyware, Rootkits and many others. It also provides 24X7 customer support and one-on-one Spyware HelpDesk support for Custom Malware removal. Advanced System Guard feature detects and remove threats in real time. It has a very User-Friendly Interface and regular Malware updates make it most effective against latest malware attacks.

How SpyHunter 5 Anti-Malware Works

  • First you need to click on below download button to get the software.

Geek’s Recommendation

Some time threats like Banjo keep getting back on the machine, if all associated files are not removed. So you are advised to use a powerful Malware Removal Tool to run a thorough scan of your PC and delete all threats at once.

Compatible with: Windows 11/10/8/7 (32 Bit and 64 Bit)

Special Offer SpyHunter 5 Anti-Malware offers a 7-day fully-functional Free Trial. Credit card required, NO charge upfront. No charge if you cancel up to two business days before the trial period ends. Read SpyHunter 5 Review, and Free SpyHunter Remover details.
  • Then double-click on installer you downloaded to install the program.
SpyHunter Installeruser access control
  • Launch Anti-Malware application and Start Scan Now of your PC.
Scan for Banjo
  • Software will scan your PC all hidden threats and viruses on your system.
Scan for Banjo
  • Click on Next button to see results and delete Banjo and other threats.
Remove Banjo

How To Recover Your Encrypted Files

Now all your files got encrypted by .Banjo Virus then you need to recover your data without paying ransom money to hackers. If your files are important then you must have created backup and you can use that backup to recover your files. If you don’t have backup or this virus has encrypted your backup files, then you are left to seek the professional help.

We recommend you to use a powerful data recovery software to restore your files encrypted .Banjo File Virus. It is risk free and smart way. You can just download the free version and scan your PC for files. There is a high probability that it can recover most of your files in a fraction of amount what hackers are demanding. It is also needless to say that paying hackers will only motivate hackers to carry out more attacks.

  • First you need to download Data Recovery software on your PC.

Download Data Recovery Software Now

  • Install the program, launch it then select Data type to recover and click Next button.
select Data type
  • Select the location from where you want to recover data and click Scan button.
Select location
  • After scan, software will list all files, select them and click Recover button.
Recover Banjo encrypted files

Manual Banjo Removal Guide

Before you start Manual Removal
Please Bookmark This Page by pressing {ctrl+D} button or print it out on a paper before you start the Manual Removal because you may need to restart your PC or browser.) Attention! For safety of your system, please confirm few things before you begin Manual Removal of Banjo Ransomware:
  1. You have done this before, means you have experience for removing virus manually;
  2. That you know your way around PC and  all necessary process and applications;
  3. You know about Registry entry and Serious repercussions of any mistake;
  4. Make sure you can reverse any mistake made during .Banjo Virus manual removal.

If you don’t attain any of  the above standards, then manual removal could be a very risky idea. It is most likely best for you to use Automatic Malware Removal Tool to find and delete Banjo Virus, which is totally securely and efficient method.

Compatible with: Windows 11/10/8/7 (32 Bit and 64 Bit)

Special Offer SpyHunter 5 Anti-Malware offers a 7-day fully-functional Free Trial. Credit card required, NO charge upfront. No charge if you cancel up to two business days before the trial period ends. Read SpyHunter 5 Review, and Free SpyHunter Remover details.
 

Start PC in safe mode with networking

  • Press Windows Key + R buttons together on keyboard.
  • Type msconfig in the Run Box then click OK button.
  • Click on Boot tab then System configuration window will appear.
  • Choose Safe Boot, check network box, Click Apply and press OK button.
Safe boot

Kill Malicious Process From Task Manager

  • Press Windows Key + R buttons together on keyboard.
  • Type taskmgr in Run Box and then click OK button.
  • Find Banjo related or any malicious process.
  • Now right click on it then click End process.
Stop Banjo related task

How To Uninstall Banjo from Windows PC

  • First of all Press Windows Key + R buttons together.
  • Type appwiz.cpl in the Run Box and then click OK button.
  • Now Programs and Features windows will appear on screen.
  • Find and remove all Banjo related or malicious programs.
Remove Banjo
Warning : Do not play with Windows registry, host file of restore options if you don’t have previous experience with. Removing wrong files may break your system entirely. So if you are not sure, then stick to the Automatic Malware Removal option.

Compatible with: Windows 11/10/8/7 (32 Bit and 64 Bit)

Special Offer SpyHunter 5 Anti-Malware offers a 7-day fully-functional Free Trial. Credit card required, NO charge upfront. No charge if you cancel up to two business days before the trial period ends. Read SpyHunter 5 Review, and Free SpyHunter Remover details.

Remove Virus related Windows Registry entries

  • Press Windows Key + R buttons together on keyboard.
  • Type taskmgr in Run Box and then click OK button.
  • Registry Editor will open, then press CTRL +F buttons together.
  • Now type Banjo and then click on Find Next button.
  • Find all the related entries and delete them one by one
Remove Banjo related registry

Delete Virus related files form your PC

When a threat get on to a PC, it most likely create some files at different locations on the system. These files are used to perform specific action and also help malware in getting back to the computer once its removed. So you just need to find also delete all those files associated with this .Banjo File Virus. For that follow the below instruction :
  • Press Windows Key + R buttons together on keyboard
  • Type each of the following in Run Box and press OK button
  1. %AppData%
  2. %LocalAppData%
  3. %ProgramData%
  4. %WinDir%
  5. %Temp%
For the first four option, look for any recent folder related to .Banjo File Virus and remove them. For the Temp folder, you can delete all the files.

Remove Banjo Virus via system restore

  • Press Windows Key + R buttons together on keyboard.
  • Type cmd in Run Box and then click OK button.
  • Type cd restore and press Enter, then type rstrui.exe and press Enter.
  • When System Restore window opens on your computer screen click Next button, then choose a System Restore point you have created in the past and click Next button.
  • Finally click on Yes button to start the system restoration process.
Remove Banjo via system restore

Note : This will only work if you have restore point set on your PC or it will give error message. Restoring the computer to a previous version may or may not remove .Banjo File Virus. Most of the times, virus just delete all the restore points. If this trick does not work for you then don’t get disappointed.

After restoring your computer, we recommend you to run a thorough scan of PC using a Powerful Anti-Malware program to detect and remove any hidden threats. In most cases, virus may spread through any files outside of C drive because system restoring only affect the C drive. There may be some Virus related file hiding your PC, and it never hurts to double-check.

Some times, system restore doesn’t work or virus can just remove the restore points. In such you will probably have no other choice than choosing the Automatic Removal Process. It is the best and error free method to find and remove threats from your computer. Additionally you should also check some important malware prevention tips provided here in this guide to avoid similar virus attacks in the future.

Remove Banjo From MacOS

If you are a mac user, and your machine got infected by this nasty file encrypting malware then you need to remove it as soon as possible. Although Mac system are quite safe but they still do get infected. So you can delete this infection using below steps:

Stop Malicious Program From Activity Monitor

  • First you need to open Utilities folder on your Mac system.
  • Find the Activity Monitor icon and double-click on it to open.
  • Find Banjo related process, click cross button from upper left side corner to end task.
  • A pop-up dialogue box will appear on screen, click on Force Quit button.

Remove Virus From Application Folder

  • First go to Dock option (bottom of your screen) then click on Finder App.
  • Now you have to open the Applications Folders to see all the programs.
  • Find Banjo or any other unwanted program then move it to Trash.
Remove Banjo From Mac

Attention : If you are not tech savvy, then it could be quite difficult to remove Banjo manually from your mac. The best way is to download ComboCleaner Mac Anti-Malware and see if it can detect all hidden threats and viruses on your computer. Its really super easy and you should give it a try.

ComboCleaner Mac Antivirus allows you to scan your mac for threats and viruses for free, but you will need to purchase full license to remove found threats. Read EULA.
 

Tips To Prevent .Banjo Virus in Future

  • Use a good anti-virus, be it a free version but don’t use cracked security programs.
  • Make sure that your Windows firewall is active, so it can block upcoming threats.
  • Keep your Windows/Mac OS and other programs updated to avoid vulnerabilities.
  • Download updates only from official websites, don’t use suspicious sites.
  • Never download and install pirated software, games or illegal patches on your PC.
  • Do not open spam mails from unknown sender and scan all attachments before opening.
  • Never download freeware third-party programs from unreliable sources or websites.
  • Avoid connecting your PC to unsafe public Wi-Fi to protect your privacy.
  • You can also use a VPN to spoof your connection and avoid malicious sites.
  • Create a system restore point on your system for security purpose.
  • Keep backup of all your important files to avoid data loss.

Report cyber attack to Authorities

If you are also a Victim of Banjo virus then you should report this cyber crime incident to legal authority in your county. Here are the lit of some of the official government websites for reporting fraud and scam activities:

You can also search to find the Internet Crime Authority in your counter. Meanwhile it will not help you remove or restore your files in any way but its merely an information to authorities. Once you register your complain, authorities might look into and take preventive measures to stop further attacks. However don’t get lured by third party criminal reporting sites or fake technical support websites. They are more like to cheat you instead of helping you.

Still having issues? Need help?

Some time threats like Banjo keep getting back on the machine, if all associated files are not removed. So you are advised to use a powerful Malware Removal Tool to run a thorough scan of your PC and delete all threats at once.

Compatible with: Windows 11/10/8/7 (32 Bit and 64 Bit)

Special Offer SpyHunter 5 Anti-Malware offers a 7-day fully-functional Free Trial. Credit card required, NO charge upfront. No charge if you cancel up to two business days before the trial period ends. Read SpyHunter 5 Review, and Free SpyHunter Remover details.

About the author

Robert Calvert

Robert is the Chief Security Expert and Founder of PCSafetyGeek.com website. He is a cybersecurity enthusiast who loves to research about Malware outbreaks and write about their remedies. He also like to spend time trying new software, reviewing them and sharing IT news. However he is a real coffee lover and likes to play chess in spare time (which is quite rare 😜).

Leave a Comment