User Tag List

Ransomware

This is a discussion on Ransomware within the Resolved HJT Threads forums, part of the Tech Support Forum category. I believe my computer has been infected with ransomware called Locky. It has encrypted all of my Word files, and


 
 
Thread Tools Search this Thread
Old 11-28-2016, 03:51 PM   #1
Registered Member
 
benro's Avatar
 
Join Date: Jan 2012
Location: The ATX
Posts: 152
OS: Windows 7 Pro (SP 1)



I believe my computer has been infected with ransomware called Locky. It has encrypted all of my Word files, and there's a ransom note. I have no intention of paying the blackmailers, and am hoping someone here might know how to deal with the problem. There are companies purporting to have remedies, but I have no idea whether or not any of them are effective, or not. Any help will be appreciated. Here are screenshots of the .doc properties, the page identifying the malware, and the ransom note. Thanks in advance.
Attached Thumbnails
Click image for larger version

Name:	WordFail.jpg
Views:	24
Size:	105.3 KB
ID:	296801   Click image for larger version

Name:	LockyID.jpg
Views:	30
Size:	219.8 KB
ID:	296809   Click image for larger version

Name:	RansomNote.jpg
Views:	31
Size:	187.1 KB
ID:	296817  

benro is offline  
Sponsored Links
Advertisement
 
Old 11-28-2016, 07:40 PM   #2
Security Team
Moderator, Analyst
Rangemaster, TSF Academy
 
chemist's Avatar

Microsoft Most Valuable Professional
 
Join Date: Oct 2007
Location: Georgia
Posts: 29,790
OS: XP/Win7/Win10



ID Ransomware - Identify What Ransomware Encrypted Your Files - Ransomware Help & Tech Support
__________________
Our services are free, but you may contribute to the author of ComboFix via PayPal

Proud member of UNITE

Microsoft MVP - Consumer Security 2014, 2015
chemist is offline  
Old 11-29-2016, 06:32 PM   #3
Registered Member
 
benro's Avatar
 
Join Date: Jan 2012
Location: The ATX
Posts: 152
OS: Windows 7 Pro (SP 1)



Thanks for the link - I've been to this site (see middle the screen shot in my initial post above) and the ransomware has been identified as Locky. So now I'm looking for someone who can help me decrypt my files without paying ransom to the blackmailer. Any info on Locky will be appreciated.
benro is offline  
Sponsored Links
Advertisement
 
Old 12-04-2016, 08:30 AM   #4
Registered Member
 
benro's Avatar
 
Join Date: Jan 2012
Location: The ATX
Posts: 152
OS: Windows 7 Pro (SP 1)



BUMP please
benro is offline  
Old 12-04-2016, 06:23 PM   #5
Security Team
Moderator, Analyst
Rangemaster, TSF Academy
 
chemist's Avatar

Microsoft Most Valuable Professional
 
Join Date: Oct 2007
Location: Georgia
Posts: 29,790
OS: XP/Win7/Win10



Try this method:

https://www.bleepingcomputer.com/tut...hadow-explorer

If not successful, unfortunately, there is no current way to decrypt the files.
__________________
Our services are free, but you may contribute to the author of ComboFix via PayPal

Proud member of UNITE

Microsoft MVP - Consumer Security 2014, 2015
chemist is offline  
 

Thread Tools Search this Thread
Search this Thread:

Advanced Search

Similar Threads
Thread Thread Starter Forum Replies Last Post
Fantom Ransomware Encrypts your Files while pretending to be Windows Update
Fantom Ransomware Encrypts your Files while pretending to be Windows Update
JMH3143 Computer Security News 0 08-26-2016 09:09 PM
Trend Micro Ransomware Screen Unlocker Tool
Trend Micro Ransomware Screen Unlocker Tool - gHacks Tech News
JMH3143 Computer Security News 0 08-21-2016 09:23 PM
New strain of ransomware evades detection by AV apps
New strain of ransomware evades detection by AV apps - TechRepublic
JMH3143 Computer Security News 0 08-07-2013 04:15 PM
Data encryption adds twist to ransomware
A new version of the well-known police ransomware takes the unusual step of encrypting files on the infected PC, so the malware cannot be easily removed. The ransomware warns victims that they have committed a crime, such as downloading pirated software, and their computers will remain locked...
Glaswegian Computer Security News 0 01-31-2013 02:02 PM
Police-themed ransomware speaks to victims -- literally
A new variant of a Trojan program called Reveton that prevents victims from using their computers and displays rogue messages from law enforcement agencies is using localized voice messages to trick victims into paying made-up fines, according to researchers from antivirus vendor Trend Micro. ...
Glaswegian Computer Security News 2 12-11-2012 05:12 AM

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is on
Smilies are on
[IMG] code is on
HTML code is Off
Trackbacks are Off
Pingbacks are Off
Refbacks are Off


Post a Question


» Site Navigation
 > FAQ
  > 10.0.0.2
Powered by vBadvanced CMPS v3.2.3


All times are GMT -7. The time now is 09:51 AM.


Powered by vBulletin® Version 3.8.8
Copyright ©2000 - 2020, vBulletin Solutions, Inc.
vBulletin Security provided by vBSecurity v2.2.2 (Pro) - vBulletin Mods & Addons Copyright © 2020 DragonByte Technologies Ltd.
User Alert System provided by Advanced User Tagging v3.1.0 (Pro) - vBulletin Mods & Addons Copyright © 2020 DragonByte Technologies Ltd.
Copyright 2001 - 2018, Tech Support Forum

Windows 10 - Windows 7 - Windows XP - Windows Vista - Trojan Removal - Spyware Removal - Virus Removal - Networking - Security - Top Web Hosts