Malware

Locky.17 removal tips

Malware Removal

The Locky.17 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Locky.17 virus can do?

  • Creates RWX memory
  • The binary likely contains encrypted or compressed data.
  • Network activity detected but not expressed in API logs

Related domains:

z.whorecord.xyz
a.tomx.xyz

How to determine Locky.17?



File Info:

crc32: C13E9D9F
md5: b14d264e33163be98de28c1e8a4732b4
name: B14D264E33163BE98DE28C1E8A4732B4.mlw
sha1: 751ef14924e4d49bd5dff7dfcce49450f5682dd1
sha256: 7506f4f83083064946a0b3514e2e11f8764efecb30ba15d2e0a106adaed4142c
sha512: 2cccb2e8318e0625a41b17aadb6298345e7bf745b66f8bdb34c65658a59c65dbebf1a3d8634e8e453efc75cf6e1b0ca07c345643cdfe03b8b36d3e922781b556
ssdeep: 3072:PC3Oi1CVOlKwKXuZ8K+r8yw3kAqpByXoAu/5jvga+o0qF4L/ws:a3OmfKwKS8KW8hBbFO9vWqG
type: PE32 executable (GUI) Intel 80386, for MS Windows


Version Info:

LegalCopyright: Copyright 2009
InternalName: clouf
FileVersion: 1, 5, 2, 3
CompanyName: Siber Systems
ProductName: clouf Module
ProductVersion: 1, 5, 2, 3
FileDescription: clouf
OriginalFilename: clouf.exe
Translation: 0x0409 0x04b0

Locky.17 also known as:

BkavW32.AIDetect.malware2
K7AntiVirusTrojan ( 004f42381 )
Elasticmalicious (high confidence)
CynetMalicious (score: 100)
CAT-QuickHealRansomware.Locky.WR5
ALYacGen:Variant.Locky.17
CylanceUnsafe
ZillyaTrojan.AgentGen.Win32.62
SangforTrojan.Win32.Save.a
CrowdStrikewin/malicious_confidence_100% (D)
K7GWTrojan ( 004f42381 )
Cybereasonmalicious.e33163
CyrenW32/S-39e4522e!Eldorado
SymantecRansom.TeslaCrypt!g7
ESET-NOD32a variant of Win32/Kryptik.FCFE
APEXMalicious
AvastWin32:RansomX-gen [Ransom]
ClamAVWin.Ransomware.Locky-31470
KasperskyTrojan-Ransom.Win32.Locky.anm
BitDefenderGen:Variant.Locky.17
NANO-AntivirusTrojan.Win32.Locky.evqbmo
SUPERAntiSpywareRansom.Locky/Variant
MicroWorld-eScanGen:Variant.Locky.17
Ad-AwareGen:Variant.Locky.17
SophosML/PE-A + Troj/Locky-FC
BitDefenderThetaGen:NN.ZexaF.34686.iu0@amp14Rii
VIPRETrojan.Win32.Generic.pak!cobra
TrendMicroRansom_HPLOCKY.SM0
McAfee-GW-EditionBehavesLike.Win32.Generic.cc
FireEyeGeneric.mg.b14d264e33163be9
EmsisoftGen:Variant.Locky.17 (B)
SentinelOneStatic AI – Malicious PE
AviraHEUR/AGEN.1124649
eGambitUnsafe.AI_Score_98%
MicrosoftRansom:Win32/Locky!rfn
AegisLabTrojan.Win32.Locky.j!c
GDataWin32.Trojan.Kryptik.FG
AhnLab-V3Win-Trojan/Lockycrypt.Gen
Acronissuspicious
McAfeeRansomware-FPC!B14D264E3316
MAXmalware (ai score=100)
VBA32BScope.Trojan.Ransom
PandaTrj/Genetic.gen
TrendMicro-HouseCallRansom_HPLOCKY.SM0
RisingRansom.Locky!8.1CD4 (TFE:dGZlOgVJ+mglOpRaZg)
YandexTrojan.GenAsa!cbI12U6f1bs
IkarusTrojan-Ransom.Locky
MaxSecureWin.MxResIcn.Heur.Gen
FortinetW32/Kryptik.FBEY!tr
AVGWin32:RansomX-gen [Ransom]
Paloaltogeneric.ml

How to remove Locky.17?

Locky.17 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment