PTRZ ransomware restricts access to files by encrypting them. Encrypted files have the “.PTRZ” extension and cannot be opened. It demands ransom payment in Bitcoin to decrypt files.
In October 2023, some PC users reported being attacked by PTRZ ransomware. PTRZ is a variant of STOP Djvu ransomware distributed by cybercriminals.
PTRZ encrypts only the first 150KB of files. You may try recovering encrypted files using file recovery tools. The less time passed, the more chance of recovery.
Emsisoft created a free PTRZ File Decrypt Tool called Stop (djvu) Decryptor. It decrypts files encrypted with an offline key. Files encrypted with an online key cannot yet be decrypted. Only PTRZ creators have the online key.
When infected, PTRZ scans for files like images, videos and documents. It encrypts them to extort money as “ransom” in Bitcoin.
Encrypted files have a distinct .ptrz extension appended. This identifies the ransomware infection.
PTRZ leaves a readme.txt file claiming to have decryption instructions. These are false promises to trick victims into paying.
PTRZ uses the Salsa20 encryption algorithm to scramble file contents. Encrypted files cannot be opened by any programs.
It demands $980 in Bitcoin to unlock your data. Do not pay, as that funds illegal activity and does not guarantee decryption.
PTRZ is sophisticated malware employing encryption to lock users out of files. The ransom amount demanded varies depending on the variant.
Panzura CloudFS