How to remove LockyLocker Ransomware and decrypt .locky files

What is LockyLocker Ransomware?

LockyLocker Ransomware logo

LockyLocker Ransomware is a dangerous virus that encodes user data for blackmail purposes. Hackers use spam emails with malicious attachments to spread LockyLocker Ransomware. Once it creeps into the system, LockyLocker urgently launches encryption process in stealth mode, the culmination of which will be the loss of data. No, your files are not deleted, but they become unreadable. In case if you have been attacked by LockyLocker Ransomware, there is no need to contact cybercriminals and to make any concessions. Remember, you are up against fraudsters who don’t care about your files and whose the main purpose is to make a profit. Hence, there is a high risk of being left without decryptor and money. Instead, you may try using this guide to remove LockyLocker Ransomware and decrypt .locky files without spending any money.

LockyLocker ransomware

The principle of work of the ransomware is always the same – to encrypt files and then to require payment. LockyLocker Ransomware uses combo 3DES (CBC mode, 16-byte CRNG’d pass) + RSA-2048 algorithms, with each infected file gets .locky extension. For example, file “myfamily.jpg” will turn into “myfamily.jpg.locky”. Once it’s done, ransomware creates LOCKY-README.txt file, where the user may find the demands of criminals to decrypt encrypted files. The text of ransom note is written in 4 languages: English, French, Korean, Italian.

Please be adviced:
All your files, pictures document and data has been encrypted with Military Grade Encryption RSA AES-256.
Your information is not lost. But Encrypted.
In order for you to restore your files you have to purchase Decrypter.
Follow this steps to restore your files.
1* Download the Tor Browser. ( Just type in google “Download Tor” ).
2* Browse to URL : xxxx://4wcgqlckaazugwzm.onion/index.php
3* Purchase the Decryptor to restore your files.
It is very simple. If you don’t believe that we can restore your files, then you can restore 1 file of image format for free.
Be aware the time is ticking. Price will be doubled every 96 hours so use it wisely.
Your unique ID : #uid
Please do not try to modify or delete any encrypted file as it will be hard to restore it.
You can contact support to help decrypt your files for you.
Click on support at xxxx://4wcgqlckaazugwzm.onion/support/

——–END BIT KEY———–

According to the ransom note, the payment is made in bitcoins through the Tor browser. This is the most popular way among criminals since it allows to stay invisible. A victim may also find demands of malefactors after visiting their web page (xxxx://4wcgqlckaazugwzm.onion/index.php):

LockyLocker ransomware site

The text on the payment website:

Unlock Your Files
In Minutes!

What Happends?
Your files are encrypted using Locky Locker.
You have a chance to restore your files by Downloading Locky Decryptor. And restore all your files.
Be aware that no other decryptor will work for you. You can try but remember price double every 96 hour. So act fast.

Although LockyLocker is a really dangerous virus, you still have a good chance to get them back. Before deciphering, you should first stay focused on removing LockyLocker Ransomware to avoid re-infection. Once LockyLocker Ransomware is removed, you can proceed with decryption.

How to remove LockyLocker ransomware?

To make sure that the ransomware won’t reappear, you need to delete LockyLocker ransomware completely. For this, you need to remove the files and registry entries of the ransomware. We should warn you that performing some of the steps may require above-average skills, so if you don’t feel experienced enough, you may apply to the automatic removal tool.

Download SpyHunter

Performing an antimalware scan with Norton would automatically search out and delete all elements related to LockyLocker ransomware. It is not only the easiest way to eliminate LockyLocker ransomware but also the safest and the most assuring one.

How to decrypt .locky files

Restore files with Stellar Data Recovery

Stellar Data Recovery is an essential tool in the fight against ransomware-type viruses that can recover encrypted files.

stellar data recovery tool

  1. Download Stellar Data Recovery and launch it
  2. Select the drive you want to recover and click START SCAN
  3. After scanning is finished, you are presented with a list of recoverable files found.
  4. Select the required files and click the Recover
Download Stellar Data Recovery

Decrypt files using our decryption service

You may try using our own service for decrypting files compromised by ransomware-type viruses. The analysis of data takes 3-5 days, after which, we will let you know whether it’s decryptable or not. Note: the service is paid, payment is charged only for decryption, the analysis is free. In order to use our service, you should fill out the form listed below.

Also, please add a log file, created on your PC:

  1. Click “Start” and type: “cmd.exe” in the search box
  2. Right-click “cmd.exe” and select “Run as administrator
  3. In command line, type or copy/paste following: dir C:\ /a/s > “%userprofile%\dirc.log”
  4. Find and attach the created “%userprofile%\dirc.log” file to the web form

Please attach encrypted text files according to the following conditions:

  1. number of files should not exceed 4;
  2. file size is not more than 8 megabytes;
  3. files must be from different folders;
  4. files must be unique.

Restore the system

  1. Initiate the search for system restore
  2. Click on the result
  3. Choose the date before the infection appearance
  4. Follow the on-screen instructions

Roll the files back to the previous version

  1. Right-click the file and choose Properties
  2. Open the Previous Version tab
  3. Select the latest version and click Copy
  4. Click Restore

If the above-mentioned methods didn’t help in eliminating the threat, then it’s better to rely on an automatic way of deleting LockyLocker Ransomware.

How to prevent ransomware infection

To prevent infection with ransomware-type viruses, you should have proper antimalware software. This method is convenient because it allows you to detect a virus before it penetrates, and therefore to avoid infection and the loss of all your data. It is capable of protecting not only home computers but also server systems in large organizations. Download antimalware program to secure your system and privacy.
Download SpyHunter

Leave a Reply

Your email address will not be published. Required fields are marked *