How to remove virus from a folder
How to best describe the .Lock File Virus? What makes it dangerous?
We’ve already mentioned what this family of viruses is called – ransomware. Much like its name hints at, the main purpose of these malicious pieces of software is to steal money from you one way or another. This can also be referred to as ransom, while at the same time your PC is to be considered the hostage. the .Lock File Virusand ransomwares in general have several ways to lock up your computer, restrict your access to it and ultimately encrypt your files, preventing you from using them. If this same computer happens to be your work station, then the problem is even more critical. To understand what ransomware applications are, one must know the intentions behind their creation.
Unfortunately, there are people who prefer to use their knowledge for criminal intentions such as developing malicious software. They use the fear experienced by users who have no idea what to do when infected by their software. Then, they take their chance to provide a “saving grace” sort of deal. Namely, pay a random sum of money, usually in the hundreds, in exchange for your files back. While this may seem like a viable option at first, especially when you find yourself in a pinch, do always know that this is not the case and giving these people money is only a temporary solution. Chances are that they will harass you again one day.
Some of them like to leave backdoors inside your OS in case they want to go back in easily some time later. At the end of the day, these people do not deserve your hard earned money. Accepting their offer is only going to motivate them further and inspire them to continue their malicious acts, harming more people. It’s a vicious cycle, but breaking it is as easy as saying a no.
The best thing you can do is to always have a keen eye for the software you install. If you get lucky enough to spot the virus in the process of doing its malicious acts, you have a better chance at stopping it before it does too much damage. Anything that seems suspicious should not be downloaded even if you trust it to some extent. The virus developers employ various social engineering methods to trick you into believing that their software is useful and safe to download. It’s not hard to spot when something is fishy and with some training you’ll almost always spot which download is bait and which isn’t.
What to do when infected? What can you do to stop it before it’s too late?
If you happen to be infected already, then there are a several things to look out for if you wish to spot the virus.
- Sometimes it will be already too late by the time you notice, since the easiest symptoms is the one where all of your files get encrypted with changed names and icons. However, that’s the last stage and it will be too late by then.
- Unusually high resource usage even when idle in task manager is your first sign that something is wrong. If you act at that exact moment, you could catch your attacker dead in its tracks.
- If you are past the encryption stage, then there’s only one thing left to do. You need to remove the virus. You can do that by doing several things.
- One of your options is using the restore point feature in Windows (if it’s available).
- The next thing to do is to remove the virus directly by following the removal steps below.
- You can also use our recommended removal tool for the easiest uninstallation of the .Lock File Virus.
Reboot in Safe Mode (use this guide if you don’t know how to do it).
This is the first preparation.
The first thing you must do is Reveal All Hidden Files and Folders.
- Do not skip this. the .Lock File Virus may have hidden some of its files.
Hold the Start Key and R – copy + paste the following and click OK:
notepad %windir%/system32/Drivers/etc/hosts
A new file will open. If you are hacked, there will be a bunch of other IPs connected to you at the bottom. Look at the image below:
If there are suspicious IPs below “Localhost” – write to us in the comments.
Type msconfig in the search field and hit enter. A window will pop-up:
Go in Startup —> Uncheck entries that have “Unknown” as Manufacturer.
Press CTRL + SHIFT + ESC simultaneously. Go to the Processes Tab. Try to determine which ones are a virus. Google them or ask us in the comments.
Right click on each of the virus processes separately and select Open File Location. End the process after you open the folder, then delete the directories you were sent to.
Type Regedit in the windows search field and press Enter. Once inside, press CTRL and F together and typethe virus’s Name.
Search for the ransomware in your registries and delete the entries. Be extremely careful – you can damage your system if you make a big mistake.
Type each of the following in the Windows Search Field:
- %AppData%
- %LocalAppData%
- %ProgramData%
- %WinDir%
- %Temp%
Delete everything in Temp. The rest just check our for anything recently added. Remember to leave us a comment if you run into any trouble!
How to Decrypt files infected with the .Lock File Virus
There is only one known way to remove this virus successfully – reversing your files to a time when they were not infected. There are two options you have for this:
The first is a full system restore. To do this type System Restore in the windows search field and choose a restore point. Click Next until done.
Your second option is a program called Recuva
Go to the official site for Recuva and download it from there – the free version has everything you currently need.
When you start the program select the files types you want to recover. You probably want all files.
Next select the location. You probably want Recuva to scan all locations.
Now click on the box to enable Deep Scan. The program will now start working and it may take a really long time to finish – maybe even several hours if your HDD is really big, so be patient and take a break if necessary.
You will now get a big list of files to pick from. Select all relevant files you need and click Recover.
No comments:
Post a Comment