Bozq ransomware (or .bozq virus) is file-encrypting malware. It is one of the most recent versions of the infamous Djvu/STOP ransomware. It will encrypt all personal files and add .bozq to them. You will not be able to open files with this extension unless you first use a decryptor on them. The malicious actors will try to offer you a decryptor for $980, but before you pay, you need to consider all the risks.


Bozq ransomware  note


Photos, videos, documents, and other personal files are the most targeted file types. The encrypted files will be easy to recognize because of the .bozq extension. For instance, image.jpg would become image.jpg.bozq if encrypted. No files with this extension can be opened unless they’re first decrypted. However, obtaining the decryptor won’t be easy given that only cybercriminals have it. The _readme.txt ransom note that is dropped in every folder containing encrypted files explains how you can get it.

Bozq ansomware files

The Bozq ransomware decryptor costs $980, according to the ransom note. The note also mentions that victims who get in touch with cyber criminals within the first 72 hours will supposedly get a 50% discount. Whether or not that is true, paying the ransom is not necessarily a good idea. The thing about ransomware operators is that while they like to pretend they work like a regular business, they do not. You have no guarantees that a decryptor will be sent to you after you pay the ransom. Many victims in the past have not received their decryptors after paying ransomware operators. So while whether to pay or not is your decision, you need to be aware of the risks.

Without a backup, Bozq ransomware victims will likely not be able to recover their files because there is presently no free Bozq ransomware decryptor available. The Djvu/STOP ransomware family encrypts files using online keys, thus each victim has a different key. You would need to have your unique key for a decryptor to work on your files. However, since only the malware operators have those keys, it is unlikely that a free Bozq ransomware decryptor would ever be available. There is a possibility that the keys could eventually be released if the malicious actors ever decide to stop their malicious operations or if they are ever apprehended by authorities.

We also feel it’s important to caution you about fake ransomware decryptors. There are numerous questionable forums and websites that promote fake decryptors to trick users into installing more malware. If a free decryptor cannot be found on NoMoreRansom or another reputable source, you will not find a legitimate free Bozq ransomware decryptor anywhere else.

If you have a backup of your files, you can access it to start file recovery as soon as you remove Bozq ransomware from your computer. Bozq ransomware is a sophisticated infection that should not be removed manually unless you are fully confident in your abilities. It’s generally recommended to use anti-virus software to remove Bozq ransomware.

Ransomware distribution methods

If you have bad online habits, you’re much more likely to infect your computer with malware. Simple actions like opening an email attachment could result in a malware infection so developing better habits is the best line of defense against malware.

Emails are often used by cybercriminals to distribute malware. Cybercriminals attach malicious files to emails and send them to addresses bought from various hacker forums. If users open those attached files, they end up infecting their devices with the malware that’s hiding in them. Fortunately, the emails are often quite poorly done, allowing users to identify them without much issue. Grammar and spelling mistakes are often the most glaring red flag in these emails. The mistakes are especially obvious in emails whose senders claim to be from legitimate companies (e.g. banks, post offices, parcel delivery companies). Legitimate emails are unlikely to have any mistakes because they look very unprofessional. Since malicious actors are often non-native English speakers, mistakes are inevitable.

Another warning sign is when you get emails supposedly from a company whose services you use, but they refer to you as “User”, “Member”, or “Customer” rather than using your name. To make emails feel more personal, companies address their customers by their names. However, criminal actors use generic words because they typically target many users at once and do not have access to their personal information.

Threat actors would generate significantly more sophisticated malicious emails if they were to target a specific person and had access to some of their personal data. Such an email would have no mistakes, use the target’s name when addressing them, and include a detail(s) that would give the email more credibility. Therefore, before opening any unsolicited email attachments, it is strongly recommended to scan them with anti-virus software or VirusTotal.

And finally, torrents are commonly used to spread malware. Because torrent sites are often poorly moderated, torrents with malware can be posted on them. In particular, using torrents to get free copyrighted content significantly raises your risk of encountering malware. The majority of malware is typically found in entertainment-related torrents, especially those for video games, movies, and TV shows. So not only is torrenting copyrighted content theft, but it’s also dangerous.

How to remove Bozq ransomware

Bozq ransomware is a sophisticated infection, therefore manual removal is not a good idea. If you don’t know what you’re doing, you could damage your computer even more. It’s a difficult process that should be left to a program that’s designed to deal with such threats. It is far easier, not to mention safer to remove Bozq ransomware with anti-virus programs. Once the ransomware has been completely removed from the computer, you can safely access your backup and start restoring your files.

If you don’t have backup copies of your files, your only option is to wait for a free Bozq ransomware decryptor to be made available. A free Bozq ransomware decryptor is not guaranteed but that is your only option. Back up the encrypted files and check NoMoreRansom for a decryptor from time to time.

Bozq ransomware is detected as:

  • Win32:DropperX-gen [Drp] by Avast/AVG
  • Trojan.Generic.32025745 by BitDefender
  • Trojan.MalPack.GS by Malwarebytes
  • A Variant Of Win32/Kryptik.HRKH by ESET
  • HEUR:Trojan.Win32.Chapak.gen by Kaspersky
  • Trojan:Win32/Redline.VIS!MTB by Microsoft

Bozq ransomware detections

Quick Menu

Step 1. Delete Bozq ransomware using Safe Mode with Networking.

Remove Bozq ransomware from Windows 7/Windows Vista/Windows XP
  1. Click on Start and select Shutdown.
  2. Choose Restart and click OK. Windows 7 - restart
  3. Start tapping F8 when your PC starts loading.
  4. Under Advanced Boot Options, choose Safe Mode with Networking. Remove Bozq ransomware - boot options
  5. Open your browser and download the anti-malware utility.
  6. Use the utility to remove Bozq ransomware
Remove Bozq ransomware from Windows 8/Windows 10
  1. On the Windows login screen, press the Power button.
  2. Tap and hold Shift and select Restart. Windows 10 - restart
  3. Go to Troubleshoot → Advanced options → Start Settings.
  4. Choose Enable Safe Mode or Safe Mode with Networking under Startup Settings. Win 10 Boot Options
  5. Click Restart.
  6. Open your web browser and download the malware remover.
  7. Use the software to delete Bozq ransomware

Step 2. Restore Your Files using System Restore

Delete Bozq ransomware from Windows 7/Windows Vista/Windows XP
  1. Click Start and choose Shutdown.
  2. Select Restart and OK Windows 7 - restart
  3. When your PC starts loading, press F8 repeatedly to open Advanced Boot Options
  4. Choose Command Prompt from the list. Windows boot menu - command prompt
  5. Type in cd restore and tap Enter. Uninstall Bozq ransomware - command prompt restore
  6. Type in rstrui.exe and press Enter. Delete Bozq ransomware - command prompt restore execute
  7. Click Next in the new window and select the restore point prior to the infection. Bozq ransomware - restore point
  8. Click Next again and click Yes to begin the system restore. Bozq ransomware removal - restore message
Delete Bozq ransomware from Windows 8/Windows 10
  1. Click the Power button on the Windows login screen.
  2. Press and hold Shift and click Restart. Windows 10 - restart
  3. Choose Troubleshoot and go to Advanced options.
  4. Select Command Prompt and click Restart. Win 10 command prompt
  5. In Command Prompt, input cd restore and tap Enter. Uninstall Bozq ransomware - command prompt restore
  6. Type in rstrui.exe and tap Enter again. Delete Bozq ransomware - command prompt restore execute
  7. Click Next in the new System Restore window. Get rid of Bozq ransomware - restore init
  8. Choose the restore point prior to the infection. Bozq ransomware - restore point
  9. Click Next and then click Yes to restore your system. Bozq ransomware removal - restore message


More information about SpyWarrior and Uninstall Instructions. Please review SpyWarrior EULA and Privacy Policy. SpyWarrior scanner is free. If it detects a malware, purchase its full version to remove it.

  • WiperSoft Review Details WiperSoft ( is a security tool that provides real-time security from potential threats. Nowadays, many users tend to download free software from the Intern ...

  • Is MacKeeper a virus? MacKeeper is not a virus, nor is it a scam. While there are various opinions about the program on the Internet, a lot of the people who so notoriously hate the program have neve ...

  • While the creators of MalwareBytes anti-malware have not been in this business for long time, they make up for it with their enthusiastic approach. Statistic from such websites like CNET shows that th ...


Site Disclaimer is not sponsored, owned, affiliated, or linked to malware developers or distributors that are referenced in this article. The article does not promote or endorse any type of malware. We aim at providing useful information that will help computer users to detect and eliminate the unwanted malicious programs from their computers. This can be done manually by following the instructions presented in the article or automatically by implementing the suggested anti-malware tools.

The article is only meant to be used for educational purposes. If you follow the instructions given in the article, you agree to be contracted by the disclaimer. We do not guarantee that the artcile will present you with a solution that removes the malign threats completely. Malware changes constantly, which is why, in some cases, it may be difficult to clean the computer fully by using only the manual removal instructions.

Leave a Reply