A ransomware variant came out in April 2016, carrying the name AutoLocky and using the .locky file extension. It pretends to be one of the big players in the game – Locky Ransomware, using its file extension. The virus may enter the computer through heavily obfuscated payload carrier that may drop the payload and encrypt the user files with a strong cipher, leaving a ransom note behind and asking for a payoff to allow the user to access them again. In this article we aim to show you how to get quickly rid of AutoLocky and start decrypting your files, using Emsisoft’s AutoLocky decrypter.
AutoLocky Ransomware – More Information
Once it enters the computer of the user, AutoLocky, creates a malicious executable and makes it run in the Windows Task Manager. The executable may exist under different names, so users need to check the system folders and delete the executable after stopping it in Windows Task Manager. Malware researchers also strongly advise to delete the startup file to prevent any AutoLocky scripts from running on Windows Startup:
Since the executables created by AutoLocky may be more than one and they may exist under different names and in different folders, malware experts often advise users to remove swiftly the virus and all its associated files and registry values as well as other objects using an advanced anti-malware program:
Spy Hunter scanner will only detect the threat. If you want the threat to be automatically removed, you need to purchase the full version of the anti-malware tool.Find Out More About SpyHunter Anti-Malware Tool / How to Uninstall SpyHunter
AutoLocky Ransomware – Decryption Instructions
After you have made sure your computer is secure; you may begin using the instructions below to decrypt files encoded by AutoLocky. Lets start!
Step 1: Download the AutoLocky Decrypter by Emsisoft and save it at a place where you can easily locate it:
Step 2: Run AutoLocky Decrypter as an administrator. Make sure your computer still has the encrypted files by AutoLocky on it. After starting it, you should see a pop-up detecting a key set by this ransomware. It looks like this:
Step 3: Press OK and then you should see the main panel of the decrypter. From there you can simply select C:\ or choose a folder whose files you want to be decrypted. After you have made your selection, you should click on the “Decrypt” button to start the process:
Step 4: After the process has started you should see on the live feed of the decrypter whether or not your files have been decrypted.
AutoLocky Decryption – Conclusion
Similar to the Locky ransomware, AutoLocky claims to use AES and RSA encryption algorithms that generate two unique decryption keys. However, the situation is completely different, because if this virus were impenetrable, researchers wouldn’t be able to create a decryptor for it.
Whatever the case may be, the situation with AutoLocky and other ransomware viruses like it is becoming more and more widespread. This is the main reason why we have decided to prepare several protection tips to maximize your ransomware protection in the future and avoid such situations in the future. Because, unlike this virus, there are many like it (Zepto, Cerber2, CryptoWall) for which there is no decryptor and users are left with no choice but to either pay the ransom or sit put while a decryption becomes available. This is why we advise you to follow these instructions to greatly increase ransomware protection: