What is Locky Ransomware?
ロッキー is a ransomware virus. The virus encrypts files and asks for a ransom payment to unlock them. The name Locky comes from the extension which this ransomware sets to encrypted files – namely .locky. Here you can find a detailed description of the Locky virus.
When it first appeared, the virus used to encrypt document file types, but it has grown and now encrypts much more file types. To see how you can perform a complete removal of this troubling ransomware, read the entire article.
What Does Locky Ransomware Do?
Once ロッキー ransomware infects a computer, it makes new values in the Windows Registry. It does that to load with every Windows start. Most modifications are located in the following registry entry:
HKLM /ソフトウェア/マイクロソフト/ Windowsの/ CurrentVersionの/実行/
Then the virus will make the file _Locky_recover_instructions.txt, that contains a ransom note with the instructions of how you can the ransom. The message states:
!!! IMPORTANT INFORMATION !!!!
すべてのファイルはRSA-2048およびAES-128暗号で暗号化されています.
RSAとAESの詳細については、こちらをご覧ください。:
HTTPS://en.wikipedia.org/wiki/RSA_(暗号システム)
HTTPS://en.wikipedia.org/wiki/Advanced_Encryption_Standardファイルの復号化は、秘密鍵と復号化プログラムでのみ可能です, All which is on our secret server.
秘密鍵を受け取るには、リンクの1つに従ってください:
1. hxxp: //6dtxgqam4crv6rr6.tor2web(.)org/[mixed letters and numbers] 2. hxxp: //6dtxgqam4crv6rr6.onion(.)to/[mixed letters and numbers] 3. hxxp: //6dtxgqam4crv6rr6.onion(.)cab/[mixed letters and numbers] 4. hxxp: //6dtxgqam4crv6rr6.onion(.)link/[mixed letters and numbers]このアドレスのすべてが利用できない場合, follow synthesis steps:
1. Download and install Tor Browser: HTTPS://www.torproject.org/download/download-easy(.)html
2. インストールが成功した後, ブラウザを実行し、初期化を待ちます.
3. アドレスバーに入力します: 6dtxgqam4crv6rr6(.)玉ねぎ / [mixed letters and numbers] 4. Follow the instructions on the site.!!! Your personal identification ID: [mixed letters and numbers] !!!
Lockyランサムウェア will mainly encrypt document and text files, although later variants encrypt other file types as well. The files searched to be encrypted have the following extensions:
→.xhtml, .txt, .xls, .xlsx, .xml, .docx, .html, .js, .mdb, .odt, .asc, .conf, .msg, .rtf, .cfg, .cnf, .pdf, .php, .ppt, .pptx, .doc, .docm, .ログ, .pap, .info, .gdoc, .asp, .jsp, .json, .sql
This is not a complete list as the virus continues to evolve. After encryption all files have the extension .ロッキー それらに追加. The encryption algorithm is RSA – one of the strongest military encryptions.
Can you Remove Locky Ransomware ?
ロッキー is one of the biggest and most widespread ransomware families. It is not easy to remove it yourself as it can keep creating and replicating its own files if not completely removed. This is why it is recommended getting a reliable anti-malware program. All unwanted files will be removed quickly and easily. さらに, the program will prevent any future threats from getting on your computer. That way you will be certain your system and data are safe.