How to remove Zfdv ransomware

What is Zfdv ransomware

Zfdv is a new strain of the STOP/Djvu ransomware. For this reason, it is very similar to other ransomware programs in this family, such as Ribd or Ygkz. Ransomware, as you probably already know, is a class of illegal programs that make hackers money by encrypting files and asking for payment to decrypt them.
Zfdv in specific asks for $980, though the ransom note also states that victim who act quickly will get a 50% discount and will only have to pay $490. This, too, is typical for STOP/Djvu. Speaking of the ransom note, it is called “_readme.txt”, and is placed on the Desktop. For those that are interested in details, the image above contains the full text of the note – though once you’ve seen one STOP/Djvu ransom note, you’ve seen them all.
When Zfdv encrypts the files, is also changes the files’ extensions. Many ransomware programs do this, presumably to make it more evident to the victim that an attack has happened. The files Zfdv encrypts are given the extension .zfdv – hence the name.
The “good” thing about being infected with Zfdv is that STOP/Djvu is a well-known ransomware family that is relatively easy to get rid of. This article will explain how to remove Zfdv from your computer and how you can try to decrypt .zfdv files.

Scroll to top