Decrypt Files Encrypted by OzozaLocker and Remove It
THREAT REMOVAL

Decrypt Files Encrypted by OzozaLocker and Remove It

OFFER

SCAN YOUR PC
with SpyHunter

Scan Your System for Malicious Files
Note! Your computer might be affected by OzozaLocker and other threats.
Threats such as OzozaLocker may be persistent on your system. They tend to re-appear if not fully deleted. A malware removal tool like SpyHunter will help you to remove malicious programs, saving you the time and the struggle of tracking down numerous malicious files.
SpyHunter’s scanner is free but the paid version is needed to remove the malware threats. Read SpyHunter’s EULA and Privacy Policy

ozoza-locker-ransom-noteA ransomware virus was discovered in late November 2016, going by the name OzozaLocker. The virus’s payload is an executable, called CryptoSolution.exe and it uses a maliciously configured script to encrypt files using the AES encryption algorithm. After encrypting the files on the compromised computer, OzozaLocker asks victims to pay the sum of 1 BTC to restore their files. Fortunately, you do not have to pay this insane ransom, because EmsiSoft researcher Fabian Wosar @fwosar has created a decryptor that can restore your files for free. Keep reading this article to learn how to Remove OzozaLocker properly and decrypt your files without paying a dime to cyber-crooks.

OzozaLocker – Brief Analysis

OzozaLocker is a relatively new ransomware variant that is believed to slither onto victims’ computers via spammed e-mail messages that contain the malicious executable of the virus in an archive. The file may be concealed to resemble a .pdf or Microsoft Office document as well as other legitimate files, but once it’s opened the virus immediately begins to modify the computer.

The first thing OzozaLocker performs is to heavily modify the Windows Registry editor by adding the malicious executable in the Run and RunOnce registry keys so It can encrypt files on Windows startup.

After having done this, the OzozaLocker virus begins encrypting files using the AES (Advanced Encryption Standard). After it enciphers the files on the encrypted computer, the malware adds it’s distinctive locked extension, making the files look like the following:

encrypted-file-philadelphia-sensorstechforum

The OzozaLocker virus then drops a “HOW TO DECRYPT YOUR FILES.txt” file to notify the user. The file has the following contents:

→ “Files has been encrypted.
If you want to decrypt, please, send 1 bitcoin to address 136X2LzDrLyR9EiEDV3zogwW5esq5DyHRB and write me to e-mail:
[email protected]
Your key: {custom key}”

The good news is that there has been a decryptor released specifically to help users with the free restoration of their files. Follow the instructions below to learn how to download and use it after removing OzozaLocker from your computer.

OzozaLocker Removal Manual

Before beginning any type of decryption operation, we urge you to follow either the manual or the automatic instructions below. In case you lack the experience in interfering with registry objects and concealed files, please be advised that recommendations are to download and install an advanced anti-malware program which should be able to take care of your malware problem for you.

Note! Your computer system may be affected by OzozaLocker and other threats.
Scan Your PC with SpyHunter
SpyHunter is a powerful malware removal tool designed to help users with in-depth system security analysis, detection and removal of threats such as OzozaLocker.
Keep in mind, that SpyHunter’s scanner is only for malware detection. If SpyHunter detects malware on your PC, you will need to purchase SpyHunter’s malware removal tool to remove the malware threats. Read our SpyHunter 5 review. Click on the corresponding links to check SpyHunter’s EULA, Privacy Policy and Threat Assessment Criteria.

To remove OzozaLocker follow these steps:

1. Boot Your PC In Safe Mode to isolate and remove OzozaLocker files and objects
2. Find files created by OzozaLocker on your PC

Use SpyHunter to scan for malware and unwanted programs

3. Scan for malware and unwanted programs with SpyHunter Anti-Malware Tool
4. Try to Restore files encrypted by OzozaLocker

Ventsislav Krastev

Ventsislav has been covering the latest malware, software and newest tech developments at SensorsTechForum for 3 years now. He started out as a network administrator. Having graduated Marketing as well, Ventsislav also has passion for discovery of new shifts and innovations in cybersecurity that become game changers. After studying Value Chain Management and then Network Administration, he found his passion within cybersecrurity and is a strong believer in basic education of every user towards online safety.

More Posts - Website

Leave a Comment

Your email address will not be published. Required fields are marked *

Time limit is exhausted. Please reload CAPTCHA.

Share on Facebook Share
Loading...
Share on Twitter Tweet
Loading...
Share on Google Plus Share
Loading...
Share on Linkedin Share
Loading...
Share on Digg Share
Share on Reddit Share
Loading...
Share on Stumbleupon Share
Loading...