How to decrypt the files/documents that are encrypted by locky virus/spyware?

• Open your task Manager by pressing CTRL+SHIFT+ESC keys simultaneously
• Locate the process of the Ransomware. Have in mind that this is usually a random generated file.
• Before you kill the process, type the name on a text document for later reference.
• Navigate to your %appdata%/roaming folder and delete the executable.
• Then open your Windows Registry Editor and navigate to

HKEY_LOCAL_MACHINE\\Software\\Locky\\id HKEY_CURRENT_USER\\Software\\Locky\\pubkey HKEY_CURRENT_USER\\Software\\Locky\\paytext HKEY_CURRENT_USER\\Software\\Locky\\completed

The virus temporary creates an “svchost.exe” process with the Description “svchost.exe”. When the encryption of your files finishes it deletes itself from the system.

Remove CryptoLocker virus with Malwarebytes Anti-Malware Free

i fully agree with the answers been added by experts..........thanks.

Take the drive to a data recovery specialist who should be able to use a hardware solution such as (Salvation Data) to remove the password or in the least be able to perform an extensive/intensive forward/reverse scan of your drive to recover the data.

Malwarebytes and HitmanPro can detect and remove this infection, but these programs cannot recover your encrypted files due to the nature of asymmetric encryption, which requires a private key to decrypt files encrypted with the public key.

agree with answer given by mr. Muhammad adnan Qumar