How to remove Locky Ransomware and decrypt .locky, .zepto, or .odin files

What is Locky Ransomware?

Locky Ransomware is a recently appeared example of ransomware. The malware cyphers the files with AES encryption code and later on demands ransom in the sum of 0.5 BitCoins in the exchange for the decryption key. In a while, it operates in a way other ransomware threats doit appears on a systems and looks for files of certain extensions. As some other ransomware viruses, Locky changes names of encrypted files for making the process of retrieving the data more difficult. The main peculiarity of the ransomware is the ability to encrypt the wider range of files and to affect the files shared within unmapped networks. The practice of ransomware scanning the networks not connected with local drives becomes common for new ransomware threats, so for raising the level of security those should be given the most heavy permissions.

Locky ransomware

How Locky Ransomware got installed on your computer

The distribution of Locky ransomware simmers down to spam emailing. The messages contain the attachment of a Word document that has a harmful macros. The subject of the emails reads the number of invoice with the appeal to see the attachment. The email persuades users that they have taxes to be paid by the invoice that can be found in attachments. By opening the file a user will see a codified text and a notification that in order to read the text a user should enable the macros. Predictably, turning on the macros initiates a download of Locky Ransomware files.


Symptoms of Locky Ransomware infection

É difícil não notar ransomware, uma vez que muitas vezes tem um dos processos responsável por exibir uma mensagem de notificação. Esta janela bloqueia a tela deixando as alternativas mínimas de usuário. além de, alguns arquivos ficarão inacessíveis, como em muitos casos ransomware criptografa-los para exasperar o efeito assustar.


How to remove Locky Ransomware?

Para certificar-se de que o adware não reaparecerá, you need to delete Locky Ransomware completely. Para isso, você precisa remover os arquivos e entradas do Registro do ransomware. Devemos avisá-lo que a realização de alguns dos passos pode exigir habilidades acima da média, por isso, se você não se sente experiente o suficiente, você pode aplicar a ferramenta de remoção automática.
Norton download grátis

Performing an antimalware scan with Norton would automatically search out and delete all elements related to Locky Ransomware. It is not only the easiest way to eliminate Locky Ransomware, mas também o mais seguro eo mais assegurando.

Steps of Locky Ransomware manual removal

Reinicie o Windows em modo de segurança

Para Windows 7, 8, XP and Vista:

  1. Restart the system
  2. While computer is rebooting press F8 several times
  3. In the appeared list of options choose Safe Mode

Para Windows 10:

  1. In the Start menu click on the power button
  2. Hold Shift and choose Restart
  3. Choose Troubleshoot
  4. In the Advanced Options choose Startup Settings
  5. Click Restart
  6. Select Enter Safe Mode With Networking

Delete files and registry entries added by Locky Ransomware

Agora você vai ser capaz de atingir as funções e arquivos necessários. Para eliminar a actividade ransomware, você precisa encontrar todos os seguintes itens e excluí-los.

Remove Locky Ransomware files and folders:

MRI6219316107.js
problem.437332391.js
_Locky_recover_instructions.bmp.lnk

Remove Locky Ransomware registry entries:

HKCU\Software\Locky
HKCU\Software\Locky\id
HKCU\Software\Locky\pubkey
HKCU\Software\Locky\paytext
HKCU\Software\Locky\completed 1
HKCU\Control Panel\Desktop\Wallpaper "%UserProfile%\Desktop\_Locky_recover_instructions.bmp"


Restore the files encrypted by Locky Ransomware

Use a ferramenta descriptografar

Infelizmente, currently the tool able to decrypt the files infected by Locky Ransomware is not released yet. Você pode tentar aplicar com os métodos descritos abaixo, Contudo, they might not work with the latest versions of Locky Ransomware.

Restaurar o sistema

  1. Initiate the search for ‘system restore
  2. Clique sobre o resultado
  3. Choose the date before the infection appearance
  4. Siga as instruções na tela

Rolar os arquivos de volta para a versão anterior

  1. Right-click the file and choose Properties
  2. Open the Previous Version tab
  3. Select the latest version and click Copy
  4. Click Restore

Deixe uma resposta

seu endereço de e-mail não será publicado. Campos obrigatórios são marcados *