Zzz12 Ransomware is a harmful malicious application whose entrance will bring only bad news. To be more specific, you will find your files completely encrypted if this infection enters your system, finds where you keep your personal data, and locks it with a strong encryption algorithm. Research conducted by specialists at 411-spyware.com has shown that Zzz12 Ransomware locks files with the AES-256 encryption algorithm and mainly targets such personal files as documents, music, and images. The ransomware infection has been developed to swindle users out of their money, but you should not be one of those victims who pay money to cyber criminals. There is nothing clever about sending money to crooks. Are you sure you will get the decryptor from crooks? If you are 100% sure that they will give it to you, you are very naïve. Cyber criminals might decide not to give it to you after they receive what they have always wanted – your money. Consider whether it is better to lose only those files that have been encrypted or both, i.e. money and files because this is what might happen to you if you decide to transfer a ransom.
It is hard not to notice the successful entrance of the ransomware infection because a bunch of files become inaccessible after its entrance. The same will happen if you encounter Zzz12 Ransomware. Also, you will find the CMD window opened on your Desktop when you launch the executable file of the ransomware infection, so if it has shown up on your screen out of the blue, this might be a sign that you have encountered malicious software. Zzz12 Ransomware will lock all your personal files, but it will not ruin Windows files, so your computer will continue working normally. All these files will be marked by appending the extension .zzz1 to them, so we are sure you will soon notice the changes applied and find out about the entrance of the ransomware infection. You should also find a .txt file containing a ransom note dropped on your computer – Notice.txt. The ransom note does not tell users much. They only find out that their files have been encrypted with the AES-256 algorithm, and they will have a chance to get them back if they send a message to firstname.lastname@example.org. The price will increase after 5 days, so if you are planning to purchase the decryptor, you should contact crooks ASAP. Of course, we hope that you will not pay a cent to malicious software developers. There is not much you can do if you are not going to purchase the decryptor – affected files can only be restored from a backup once the ransomware infection is removed.
Since Zzz12 Ransomware is not distributed actively and it is far from prevalent malicious software, we could not find much information about its distribution. According to researchers at 411-spyware.com, it is not very likely that cyber criminals have invented new ransomware distribution methods, so Zzz12 Ransomware should also be spread as an attachment in various spam emails. Emails holding malware might look legitimate at first glance, so be very careful in order not to fall into the cyber criminals’ trap. Our security specialists say that users should not download software from dubious websites too if they do not want to end up with harmful malware. Last but not least, they say that users should not surf the Internet if they do not have a trustworthy antimalware tool installed on their computers because they can quickly end up with harmful threats on their PCs.
If you could not prevent malicious software from entering the system and it has locked personal data on your computer, you must delete that infection ASAP so that no other files would be encrypted by malware. You will erase Zzz12 Ransomware by deleting two components that belong to it: its ransom note and the malicious file that launched the ransomware infection. Most probably, you will find it in the Downloads folder (%USERPROFILE%\Downloads) or somewhere on your Desktop (%USERPROFILE%\Desktop); however, if it happens that you cannot find it anywhere, you should let an automated malware remover help you find it.