A ransomware virus reported to be an iteration of the notorious Globe ransomware version 3 has been reported to be spread on a global scale. The ransomware infection has also been reported to drop a ransom note named How To Recover Encrypted Files.hta in which it points out that the victims must pay the sum of 0.5 BTC to decrypt the encrypted files. However, malware researchers have come up with a decryption software with which you can decode your files for free. If you want to get rid of the HappyDayzz threat and recover your files, we recommend that you read this article carefully.
HappyDayz Globe v3 Virus – More Information
This particular ransomware infection is believed to be widespread via multiple different methods on a global scale. One of those methods is e-mail spam of deceitful messages, containing malicious e-mail attachments, like the image below shows:
When victims open the malicious archive, it It, they can either discover a file that is a document and infects after you click on the “Enable Content” button or a file that is actually an executable type of file (.js, .exe, .dll, .tmp, .vbs) and can infect simply by being opened.
After the malicious file is opened, infection is immediate and done via malware obfuscator which actually hides the HappyDayzz ransomware’s malicious files while they are being downloaded. The files may be more than one and may be in various Windows folders under different names:
After the files are downloaded on the computer of the victim, the virus begins to change it’s settings. Among it’s activity is modifying Windows Registry entries and deleting shadow volume copies on the compromised machine. The virus also drops Globe ransomware’s ransom note, as shown by the image on the top of this article.
Then, HappyDayzz ransomware may employ encryption on the files of the victim PC. Among the encrypted files may be documents, images, database files, music, video files and archives as well. The files encrypted by the virus may look like the following image:
Fortunately, users do not have to pay a hefty ransom fee to get the files back. Instead, we have provided instructions on how to use the Emsisoft Globe decrypter and get your data back for free. We advise you to make sure to backup your files and remove the HappyDayzz virus before attempting the decryption instructions and read them carefully.
HappyDayzz Ransomware Removal Instructions
In order to remove this virus firstly, you can try either the Manual instructions or the Automatic ones in case you are not tech savvy. Be sure to know that reverse engineers and security experts always recommend scanning your computer with an advanced anti-malware software for maximum effectiveness during removal.
Manually delete HappyDayzz from your computer
Note! Substantial notification about the HappyDayzz threat: Manual removal of HappyDayzz requires interference with system files and registries. Thus, it can cause damage to your PC. Even if your computer skills are not at a professional level, don’t worry. You can do the removal yourself just in 5 minutes, using a malware removal tool.
Automatically remove HappyDayzz by downloading an advanced anti-malware program
HappyDayzz Ransomware Decryption Instructions
In order to successfully decrypt files enciphered by HappyDayzz ransomware you are going to need several details to begin with. First, you will need an original file and an encrypted file.
In case you cannot find one, make sure to browse through the default wallpaper folder of the same version of your Windows OS. Here is an example of the location of the default folders for wallpapers for different Windows versions:
After having located an original and an encrypted file, make sure to download the decrypter by clicking on the download button below:
Make sure to save the decrypter somewhere easy to find and open it. Then follow the steps below:
Step 1: Drag and drop the encrypted file and the original file together into the decrypter, like the animated image below demonstrates:
Step 2: The decrypter will begin a brute forcing sequence. Simply wait until your key has been discovered:
Step 3: After this, click on OK and the main interface of the decrypter should appear. From it, choose Add Files to add all the files that you wish to be deciphered.
Step 4: After you have added your files, click on the Decrypt button so that the decrypter can begin the deciphering operation.
At this point you will begin to see on the live feed at the middle of the decrypter’s interface which files were successfully decoded:
HappyDayzz Ransomware – The Bottom Line
In case you have been infected by the .happydayzz variant of Globe and have decrypted the files successfully, we recommend focusing on protecting your computer in the future and avoiding such unfortunate turn of events from happening again to you.
We have prepared several simple tips that you can follow and stay safe in the future: