1 of 2
Danger level 7
Type: Trojans
Common infection symptoms:
  • Slow Computer
  • System crashes
  • Connects to the internet without permission
  • Installs itself without permissions
  • Can't be uninstalled via Control Panel

Zlocker Ransomware

Zlocker Ransomware is a threat you might encounter if you are not very cautious. It is one of those harmful malicious applications that slither onto users’ computers to lock their personal files and thus help cyber crooks to extract money from users. Because of this, its successful entrance always brings losses. At the time of research, it only encrypted several random folders, but you might encounter a fully working version of this threat. If this ever happens, you will find a bunch of personal files, including pictures, documents, and music completely locked no matter where they are located. Luckily, this ransomware infection does not touch any files located in the Windows OS folder (%WINDIR%), meaning that it will not ruin the operating system and you could still use your PC after its infiltration. It does not mean that you can do nothing about its entrance. If you have already encountered Zlocker Ransomware, you must delete it fully from your computer so that it could not cause more trouble. Fortunately, it is not one of those infections that have many components. Specialists say that it should be enough to delete the malicious file launched, i.e. the launcher of this threat in order to eliminate it fully from the system. If you have never done that before, you should read this entire report first and then consult our manual removal guide provided below.

According to researchers at pcthreat.com, it is very likely that the main targets of Zlocker Ransomware are users speaking Russian because a .txt file it drops after the encryption of files has a Russian name ВАШИ ФАЙЛЫ ЗАШИФРОВАНЫ.txt. If you open it, you will find a ransom note in Russian there too. As for the encryption of files, Zlocker Ransomware encrypts pictures, music, videos, and a bunch of other files and then appends a Unicode symbol as an extension to them all. If you read the ransom note left for you by this malicious application, you will find out that you can decrypt those files with special decryption software cyber criminals claim to have. Its price is 5000 RUB (87.55 USD at today’s price). You should not send money to cyber criminals even if it turns out that it is the only possible way to decrypt those encrypted files because it is unclear whether you could really decrypt them after you send the required amount of money to crooks. There are not many ways to unlock files encrypted by ransomware infections because they usually use strong ciphers, but it is always possible to copy files to the computer from a backup. Unfortunately, you could not do this if you have never backed up your files. In this case, you must still remove the ransomware infection fully, but you should not erase all those encrypted files right away because it might be possible to decrypt them for free in the future.

It is not easy to talk about the distribution of Zlocker Ransomware because it is not one of those prevalent infections, but our researchers are 99% sure that it is spread just like similar threats that belong to the crypto-malware category. According to them, it should be mainly spread via emails as an attachment. Therefore, users who do not want to find their files locked should stay away from suspicious emails and their attachments. It is not always a piece of cake to prevent ransomware infections from entering the system, so our piece of advice for all the readers would be to acquire security software. It must be kept active 24/7 and, on top of that, it must get periodic updates so that it could protect you against the newest malware too.

Zlocker Ransomware does not have any files, it does not create new registry keys in the system registry, and it does not block system utilities, so users usually do not find its removal complicated. Unfortunately, it would be a lie if we told you that it is a piece of cake to decrypt files encrypted by it. Frankly speaking, it might be impossible to do that if you are not going to purchase the decryptor and do not have a backup of the most valuable files. Just to make it clear, we do not encourage you to send money to cyber criminals here.

Delete Zlocker Ransomware

  1. Press Win+E to open Explorer.
  2. Open %USERPROFILE%\Desktop, %USERPROFILE%\Downloads, %TEMP%, and %APPDATA% one after another (type the path in the URL bar at the top of your Explorer and press Enter to access the directory).
  3. Delete all suspicious files you find there.
  4. Remove ВАШИ ФАЙЛЫ ЗАШИФРОВАНЫ.txt dropped on your computer.
  5. Empty Recycle bin.
Download Spyware Removal Tool to Remove* Zlocker Ransomware
  • Quick & tested solution for Zlocker Ransomware removal.
  • 100% Free Scan for Windows

Post comment — WE NEED YOUR OPINION!

Please enter security code:
This is a captcha-picture. It is used to prevent mass-access by robots.