-
I want to thank all the members that have upgraded your accounts. I truly appreciate your support of the site monetarily. Supporting the site keeps this site up and running as a lot of work daily goes on behind the scenes. Click to Support Signs101 ...
Locky Virus problems!!!!
- Thread starter rcook99
- Start date
Fred Weiss
Merchant Member
It looks like you've been hit with ransomware. Unless you have a complete, offsite backup, you may be forced to make a choice of paying them to unlock your files or lose access to the contents of that computer. From what I've heard and read, this isn't something that you will be able to remove.
Please keep us posted.
Please keep us posted.
J Hill Designs
New Member
...and never open .zip files of word .doc's of invoices!!
Techman
New Member
yes, this can be removed.
It will take a little work and some cunning ingenuity.
boot into safe mode
Reveal All Hidden Files and Folders.
and more steps to do.
such as cleaning all temp files. etc.
Use services and disable any unknown services.
Follow them to their folder and delete them etc..
But it can be done.
May times this is not the actual locky. It is another theft ware that can be easily defeated.
Good luck. When I ran the repair shop I would charge about 400 to attempt to remove this maggot...
Use google or go to aome of the antivirus sites and see what they say.
Also look at majorgeeks site. They are usually very good at helping.
look for Recuva on the web, it is a removal tool
It will take a little work and some cunning ingenuity.
boot into safe mode
Reveal All Hidden Files and Folders.
and more steps to do.
such as cleaning all temp files. etc.
Use services and disable any unknown services.
Follow them to their folder and delete them etc..
But it can be done.
May times this is not the actual locky. It is another theft ware that can be easily defeated.
Good luck. When I ran the repair shop I would charge about 400 to attempt to remove this maggot...
Use google or go to aome of the antivirus sites and see what they say.
Also look at majorgeeks site. They are usually very good at helping.
look for Recuva on the web, it is a removal tool
phototec
New Member
As mentioned, use Google to search for info regarding how to remove the infection, here is some good info:
http://www.pcworld.com/article/2084002/how-to-rescue-your-pc-from-ransomware.html
http://www.pcworld.com/article/2084002/how-to-rescue-your-pc-from-ransomware.html
Kottwitz-Graphics
New Member
Wow, that's crazy. It's weird that they give you a link to go to a browser that is capable of going into the dark web. (Since my wife and I watch CSI Cyber, and all the talk of the dark web, which I took as tv hype, is actually real... I started reading on it and found out about a couple of browsers that can get you there. Not that I have any interest in going to the dark web...)
Let us know how this plays out...
Let us know how this plays out...
jfiscus
Rap Master
We got the real deal a couple years ago. ALL of our networked computers got hosed. Luckily we had an offsite backup with a local backup there.
Our NAS got it and even our nightly online off-site backup got corrupted when it mirrored all of our corrupted files here overnight...
Our NAS got it and even our nightly online off-site backup got corrupted when it mirrored all of our corrupted files here overnight...
visual800
Active Member
i had a guy get a similiar virus and best buy couldnt get it off but offered a new hard drive lol. best Buy hires idiots, lol
I took his hard drive out of his machine and put it in my HD reader and ran malwarebytes, ccleaner and hijack this on it. i then did a physical search for anything referring to the virus on it and cleaned more out.
POOF, GONE!
the worst thing about trying to rid comps of these things are its hard to do when the HD is running! And to all of you suggesting death to people that do these things i would have to agree. I say find a couple of them, put it on Youtube and shoot them with a 12 gauge starting at feet and moving up. i guarantee you the next "little hacker" will think twice
I took his hard drive out of his machine and put it in my HD reader and ran malwarebytes, ccleaner and hijack this on it. i then did a physical search for anything referring to the virus on it and cleaned more out.
POOF, GONE!
the worst thing about trying to rid comps of these things are its hard to do when the HD is running! And to all of you suggesting death to people that do these things i would have to agree. I say find a couple of them, put it on Youtube and shoot them with a 12 gauge starting at feet and moving up. i guarantee you the next "little hacker" will think twice
reQ
New Member
Daaaang! And we are doing decals & signs... i think we are in wrong business
Yes it can be a slow process but it can be done. I spoke with a few guys that are supposed to be able to fix computers and they said you have to wipe it clean and start over. Then the friend I was trying to get ahold of called me back and is working on it and says we should be able to get most of it if not all back. Keep in mind I did have a backup drive in my box and a bad drive on my desk. Still have to check the NAS drive but if I get the original drive back I will just wipe it and start over with the NAS drive. I am looking at using Carbonite or something similar so I don't have to do this again.
Ok, So after 5 days of trying to decrypt the files I have decided to just wipe the drives and start over. I have all the customer files on the external that got encrypted but was not activated as it was caught early enough to keep it from being activated do to the computer being taken offline so quickly it was unable to ping the server which it needs to release it.
The question I have is what is the best way to go about wiping the drives and reloading the software. Also what order should I reload them. Below is a list of what will be loaded on the SSD. Then I have 2 other drives for storage of data in the box and 2 external drives to be utilized for back up as well.
OS Win 7 Pro,
Corel X-6
Signlab 9.1
CS - 5.5
Wicom ES-3
Thanks,
RC
The question I have is what is the best way to go about wiping the drives and reloading the software. Also what order should I reload them. Below is a list of what will be loaded on the SSD. Then I have 2 other drives for storage of data in the box and 2 external drives to be utilized for back up as well.
OS Win 7 Pro,
Corel X-6
Signlab 9.1
CS - 5.5
Wicom ES-3
Thanks,
RC
nickgreyink
New Member
As far as order I'm not sure, but most of the articles I'm reading say a program called Parted Magic is good for wiping solid state. Other than that, they all say to use the ssd manufacturer's wipe software.
It was about $300.00. I would have paid it but it was not worth it as I had a back up of customer files. Plus all the research says don't pay them. So I have to reload the software files after I wipe the drives clean. Plus who knows if I would have got all of them back without more problems and other viruses hiding in the background that would release at a later date. So I am going the more secure route in my eyes.