What is SZ40 Ransomware
Today we will talk in detail about SZ40 cryptographer extortionists. This cryptovirus encrypts user files of various formats, including video, audio, archives, and more. What a similar threat, it encrypts files with an algorithm and changes their extension to .SZ40 or .DATAWAIT. This cryptovirus appeared at the end of October 2020. Like many other crypto viruses, SZ40 Ransomware comes through unsafe network settings. This is due to the fact that users very rarely use antivirus software. Moreover, it can come in the form of a position in the spam mailing list or as an update for any program or OS. It is focused mainly on English-speaking users, However, recently, it has already spread throughout the world.
Like similar threats, it creates a special ***.html file that contains information about redemption and payment methods. Here is this file:
.sz40
Good day!
We have download and encrypted all your company files!
We did this using hybrid RSA-2048 public key encryption. It basically means there is no way to decrypt your files without the private key. The private key is stored on our server.
Indeed, we can recover your files. You just have to pay us before the deadline.
If you don’t, the private key will be securely erased from our server, you lose encrypted files forever and we will publish all the contents of your company includes client’s databases with personal data on the internet.
Transfer required amount to the Bitcoin address below, wich was generated just for your payment. As soon as the transaction gets confirmed, leave your contact mail to http://wml7e7kg5a6lto2aeomtjzx4lquala75xsbkumjeyd4fselxp6s2lxad.onion/index.php (it’s Tor site, use Tor Browser https://www.torproject.org/download/) to get instructions and key to restore all your files.
WARNING! Antivirus software, police or anyone can’t decrypt your files. Also any attemps to modify files may damaged them and even we won’t be able to recover them.
Bitcoin walet:
***
Amount:
50 Btc
Deadline:
11/03/2020
Fraudsters demand a ransom of 50 BTC for decryption. Of course, this is a trick. You do not need to pay anyone. Below you can find the options for decrypting files and remove SZ40 Ransomware.
Well, there are 2 options for solving this problem. The first is to use an automatic removal utility that will remove the threat and all instances related to it. Moreover, it will save you time. Or you can use the Manual Removal Guide, but you should know that it might be very difficult to remove SZ40 ransomware manually without a specialist’s help.
If for any reason you need to Recover deleted or lost files, then check out our article Top 5 Deleted File Recovery Software
SZ40 Removal Guide
Remember that you need to remove SZ40 Ransomware first and foremost to prevent further encryption of your files before the state of your data becomes totally useless. And only after that, you can start Recovering your files. Removal must be performed according to the following steps:
- Download SZ40 Removal Tool.
- Remove SZ40 from Windows (7, 8, 8.1, Vista, XP, 10) or Mac OS (Run system in Safe Mode).
- Restore .SZ40 files
- How to protect PC from future infections.
How to remove SZ40 ransomware automatically:
SpyHunter malware removal tool may help you to get rid of this virus and clean up your system. In case you need a proper and reliable antivirus, we Recommend you to try it.
If you’re Mac user – use this.
Manual SZ40 ransomware Removal Guide
Here are step-by-step instructions to remove SZ40 from Windows and Mac computers. Follow these steps carefully and remove files and folders belonging to SZ40. First of all, you need to run the system in a Safe Mode. Then find and remove needed files and folders.
Uninstall SZ40 from Windows or Mac
Here you may find the list of confirmed related to the ransomware files and registry keys. You should delete them in order to remove virus, however it would be easier to do it with our automatic removal tool. The list:
no data at the moment
Windows 7/Vista:
- Restart the computer;
- Press Settings button;
- Choose Safe Mode;
- Find programs or files potentially related to SZ40 by using Removal Tool;
- Delete found files;
Windows 8/8.1:
- Restart the computer;
- Press Settings button;
- Choose Safe Mode;
- Find programs or files potentially related to SZ40 by using Removal Tool;
- Delete found files;
Windows 10:
- Restart the computer;
- Press Settings button;
- Choose Safe Mode;
- Find programs or files potentially related to SZ40 by using Removal Tool;
- Delete found files;
Windows XP:
- Restart the computer;
- Press Settings button;
- Choose Safe Mode;
- Find programs or files potentially related to SZ40 by using Removal Tool;
- Delete found files;
Mac OS:
- Restart the computer;
- Press and Hold Shift button, before system will be loaded;
- Release Shift button, when Apple Recoo appears;
- Find programs or files potentially related to SZ40 by using Removal Tool;
- Delete found files;
How to restore encrypted files
You can try to restore your files with special tools. You may find more detailed info on data Recovery software in this article – Recovery software. These programs may help you to restore files that were infected and encrypted by ransomware.
Restore data with Stellar Data Recovery
Stellar Data Recovery is able to find and restore different types of encrypted files, including removed emails.
- Download and install Stellar Data Recovery
- Choose drives and folders with your data, then press Scan.
- Select all the files in a folder, then click on Restore button.
- Manage export location. That’s it!
Restore encrypted files using Recuva
There is an alternative program, that may help you to Recover files – Recuva.
- Run the Recuva;
- Follow instructions and wait until scan process ends;
- Find needed files, select them and Press Recover button;
How to prevent ransomware infection?
It is always rewarding to prevent ransomware infection because of the consequences it may bring. There are a lot of difficulties in resolving issues with encoders viruses, that’s why it is very vital to keep a proper and reliable anti-ransomware software on your computer. In case you don’t have any, here you may find some of the best offers in order to protect your PC from disastrous viruses.
Malwarebytes
SpyHunter is a reliable antimalware removal tool application, that is able to protect your PC and prevent the infection from the start. The program is designed to be user-friendly and multi-functional.