How to remove Locky ransomware virus

Today we would be talking about how to remove Locky Virus. This Locky File Encryption malware belongs to a group of viruses called ransomware and also crypto lockers. Fact about this virus is that it uses symmetric blocking encryption algorithm with 128-bit lock, it is also known as AES-128 or even Rijndael. The US government uses this algorithm to protect its top secret data, and for this to be broken without a key requires a hundred of years with the most powerful computers on Earth. As you can see, it’s almost not possible to decrypt files, so most users will prefer to pay, and not trying to find another possible solution. The aim of the article is to remove Locky virus.

How The Locky Virus works

Modus operandi of these viruses is very simple, and it is proven to have been working well for decades ever since the invention of the internet. A crypto locker crawls into your computer and begins encrypting your files. It depends on the size of your HDD and the amount of information stored on it, and the encryption may take hours or even days. If you have noticed the significant decrease of your system’s performance, then that should be the signals of the encryption process. Encryption takes lots of resources, both the memory, and CPU and it can be easily tracked. If your computer works really poor unlike before, you can check the Task Manager to see the process that causes it. Usually, these malicious programs are always acting stealthily to impersonate the Windows programs and services. Next time when you see two processes with the same name in the Task Manager, the one which consumes the majority of CPU space, shut it down and remove all associated files. If you don’t react on time, the crypto locker will carry out its work and will send you a message demanding ransom at the end of the day.


So you get this message, and locky extensions were added to all your files. It may look as if it was made in the oldest text editor or consist of the counter which measures the time file deletion is done. These tools are used to intimidate the user or surprisingly take him. There is one fact you should always remember, do not give any money to hackers! There are many reasons for this. Firstly, there is no assurance that your files will be restored. Seriously, there is no any confidence in them as they may just collect your money say you "goodbye!" without any risk. Secondly, not only do viruses come alone. Certainly there is crypto-locker, and you may also have a keylogger, Trojan and dozens of other malware. Scammers already have your files with them, but if you are to make a payment with your infected system that means you are giving them your bank details too. So if your decision is to pay kindly do this from a more secured place. Lastly, every bitcoin you send to hackers assists them to develop their business further.


How to remove Locky Virus from your system

All experts in the IT security field conclude on one thing, and you should only pay after you have tried all possible means you know to get rid of the virus and if only encrypted files are worth more than the amount you are required to pay. The only 100% effective method to clean Locky Virus and restore your data at the same time is to do a backup of your system. Anyway, you need to clean the virus before doing a backup for your computer to ensure that your system is not at risk.

Step 1. Boot into Safe mode

Safe mode

Start -> Msconfig.exe

Safe mode. Step 1

On the tab Boot select Safe boot

Safe mode. Step 2

Step 2. Check Startup folder

Start -> Msconfig.exe ->Disable unknown programs in the Startup tab


Step 3. Check hosts file

Modify hosts file, that located in C:\Windows\System32\drivers\etc\ .

Hosts file.Step 1

Open the file with Notepad and delete suspicious strings.

Hosts file.Step 2

It has to look like this:

Hosts file.Step 3

Step 4. Scan the system with antiviral scanner

Manual cleaning requires some skills and experience, if you are a practiced user you can do it faster. In case it 's hard for you, then you can try the automatic way. You only just need to download the anti-virus software that will remove the Locky Virus from your computer. The software which we recommend is called SpyHunter, it will perfectly remove Locky Virus and any other malware that gets into your computer from the web.

Special Offer

Antivirus scanner

Why we recommend SpyHunter antimalware

Detects most kind of threats: malicious files and even registry keys of malware will be found

Protects your system in the future

24/7 free support team

SpyHunter's scanner is only for malware detection. If program detects infected elements on the computer, you will need to purchase malware removal tool for $39,99 to delete threats. SpyHunter has Free Trial for one remediation and removal, subject to a 48-hour waiting period. Uninstall steps and additional information EULA , Privacy Policy and Threat Assessment Criteria.

bwd  Instructions 1/2  fwd

Step 5. Disable Safe mode

Start -> Msconfig.exe ->Disable Safe boot in the Boot tab

Deactivate Safe mode

This website uses cookies to improve your experience. If you continue using the site, we will assume that you accept our cookies policy.