Locky

Locky Ransomware Removal

Locky is a relative newcomer in the RansomWare world. First detected in 2016 it is often delivered via email with a Microsoft Word attachment claiming to be an invoice. The attachment, if downloaded and opened by the user can infect the device by virtue of malicious macros. The document appears to be a garbled collection of information and the user is advised to “enable macro if data encoding ins incorrect”. Once this is enabled by the user the macro generates a binary file that then downloads the actual trojan which then encrypts files.

Encryption doesn’t stop with your normal files, it will also encrypt your BitCoin wallet if you have one. It will encrypt Windows WSS (Windows SnapShot) files. WSS files are a means of backing up files while you are working on them without the need to quit the application or log out.

This trojan, though relatively new, has infected a great deal of systems. most notably the Hollywood Presbyterian Medical Center. Who was forced to pay an astounding $17,000 in Bitcoins for ransom in order to obtain the decryption key.

ransomrescue Locky removal

RansomRescue Advice

It is strongly advised that you do not pay any ransom demand. But instead contact RansomRescue immediately. When paying these ransoms, people and businesses are inadvertently sustaining this unscrupulous business models (yes RansomWare has become a business model!) and allowing them to flourish and continue infecting and disrupting the business world.

ransomerescue-lock-icon

Don't Take Any Chances - We Can Help You!

IMPORTANT: IMMEDIATELY POWER YOUR COMPUTER OR DEVICE OFF, AND DISCONNECT IT FROM ANY INTERNET OR ROUTER CABLES IF NOT CONNECTED VIA WIRELESS. THIS WILL HELP KEEP OTHER DEVICES ON YOUR NETWORK FROM BEING INFECTED IF NOT ALREADY.

Contact Us Today!

Email Address:*
Phone Number:*
Company Name:
Address:
State:*
Infected Hardware:*
Heard About Us From:*