LockMe Ransomware

Posted by Lisa Blanc on February 20, 2018

What is LockMe Ransomware?

LockMe Ransomware is a malicious file-encrypting application you could accidentally receive after downloading suspicious data, for example, email attachments from unknown senders, setup files from untrustworthy file-sharing web pages, etc. If it happens, you may lose all of your data located on the infected device as the malware enciphers it with a strong cryptosystem. Such files cannot be opened without a decryption tool and a specific decryption key. Unfortunately, these means might be available only to the cyber criminals who created this malicious application, and they are not sharing them free of charge. Needless to say, even if you can pay the asked ransom, we do not think it would be wise considering there are no refunds and no reassurances. If you cannot decide what to do yet, you should keep reading our report and learn more about LockMe Ransomware. For those who have already decided to eliminate the malware, we would recommend sliding a bit below the text where we will place removal steps.

Where does LockMe Ransomware come from?

Researchers at Anti-spyware-101.com say LockMe Ransomware could travel with questionable Spam emails. Any email sent by someone you are not familiar with and carrying files you were not expecting to receive should be considered as suspicious. For safety reasons, it would be smarted not to open such files or at least scan them with a legitimate antimalware tool. What’s more, the malware could settle in after launching malicious setup files downloaded from torrent or other sites offering pirated software. One way or the other, if the device got infected with this ransomware, it means you might have been too careless with questionable data. If this is the case, we advise you always to confirm the file is not dangerous before opening it and avoid web pages or other sources that might contain malicious software. Plus, to ensure the system is safe and make it less vulnerable to various threats the user could pick a legitimate antimalware tool.

How does LockMe Ransomware work?

First of all, the malware should check the infected computer to identify if it contains targeted data and estimate how many files the infection could encipher. To our knowledge, LockMe Ransomware is after user’s personal or private data, for example, text documents, photos, archives, etc. During the encryption process, the malicious application should lock each file with a secure cryptosystem and mark it with .lockme extension. For instance, a file named family_reunion.jpg would turn into family_reunion.jpg.lockme. There is no point in trying to remove this second extension because even if you do so, the enciphered files will still be unreadable.

Soon after LockMe Ransomware enciphers all targeted files, it should drop a text file titled README_FOR_DECRYPT_YOUR_FILES.txt on user’s Desktop or other locations where he would immediately notice it. The text inside of it says the files can be encrypted only if the user transfers 0.03 BTC into a specific Bitcoin account. Then it says the user should contact the cyber criminals via email (LockMecQqL3Ruyi7V0RfZ@tutamail.com). The text does not say how exactly the malware’s creators would help with the decryption, but usually, in such situations, they promise to send a decryptor. The problem is you cannot be certain they will hold on to their end of the deal, and once the money gets transferred, you will not be able to get it back. Under such circumstances, we advise victims not to pay the ransom and remove the malicious application immediately.

How to eliminate LockMe Ransomware?

For starters, the user could try to find the suspicious file he may have opened before the device got infected. The step by step instructions available at the end of the text will explain how to look for it and how to erase it as well. On the other hand, if you find it a bit too challenging you could employ a legitimate antimalware tool and perform a full system scan. Afterward, the user should be able to get rid of LockMe Ransomware and other possible threats by merely pressing the given deletion button.

Erase LockMe Ransomware

  1. Press Ctrl+Alt+Delete.
  2. Navigate to Task Manager.
  3. Search for the malware’s process.
  4. Select this process and click End Task.
  5. Leave Task Manager.
  6. Click Windows key+E.
  7. Navigate to the following paths:
    %TEMP%
    %USERPROFILE%\desktop
    %USERPROFILE%\downloads
  8. Find the file that infected the device.
  9. Right-click the malicious file and press Delete.
  10. Search for README_FOR_DECRYPT_YOUR_FILES.txt, right-click it and press Delete.
  11. Close File Explorer.
  12. Empty Recycle bin.
  13. Restart the system. 100% FREE spyware scan and
    tested removal of LockMe Ransomware*
Disclaimer
Disclaimer
Trojans

Leave a Comment

Enter the numbers in the box to the right *