LMAOxUS ransomware Removal Guide

Users probably seldom realize that by downloading and installing video games from third-party websites they can get infected with dangerous malware. For instance, it is possible to get infected with LMAOxUS ransomware by launching unofficial Minecraft installers. Thus, the desire to acquire a game for free can result in something a lot worse, with your files and the most important documents getting locked up. With this description, we give you the manual removal instructions for LMAOxUS ransomware, and also more information about the infection and what it does. You need to know your enemy before you fight it.

Our research suggests that this infection is an open-source ransomware program. It means that the people who use it to make money have not created the infection from scratch. Instead, they used an already existing primary code, taken from the EDA2 ransomware project. They customized it, and then released LMAOxUS ransomware into the wild with third-party Minecraft installers. Needless to say, it is not possible to get infected with this program if you acquire your Minecraft copy via the official channels. Only downloading the game from unreliable sources can result in this annoying infection.

When the infection takes place, LMAOxUS ransomware encrypts a number of user’s files in the following folders and directories: Desktop, Downloads, MyMusic, and MyPictures. Does this mean that keeping files in other folders would save them from getting encrypted? Most likely. But that applies only to this one infection, so any other ransomware program might as well encrypt all of your folders in the C: drive, so it is not something universal. When we deal with ransomware infections, we have to deal with them on the case-by-case basis, and this new infection is really disturbing.

What’s more, when the cyber criminals display the ransom fee that says you have to pay around $120USD in bitcoins to retrieve your files, they say that they are just “a broke college student in need of money.” And they “don’t care about your data,” having “nothing personal against you.” That is not much of a consolation considering that they still want you to pay the ransom during the limited amount of time. It also says that if you fail to meet the deadline, your data will be lost for good. Now, is it necessary to pay the ransom fee? Sure, LMAOxUS ransomware might issue the decryption key, but paying the money would not solve anything. You would only encourage these criminals to continue their reign of terror.

Instead, you should remove all the program’s files from your computer, and then scan your PC with the SpyHunter free scanner to be sure that you have located all the malicious threats. As for your files, it will not be possible to restore them manually because the program uses the AES algorithm to encrypt them and then the RSA algorithm to encrypt the AES key that locks up your files. However, if you regularly backup your files on an external hard drive, or if you keep copies of your data on some cloud storage, you can transfer the healthy copies back once you have removed LMAOxUS ransomware and all the encrypted files.

If you require detailed guidance through the removal process, please feel free to contact us by leaving a comment below.

How to Delete LMAOxUS ransomware

1. Open your Downloads folder.
2. Delete the suspicious Minecraft installer files.
3. Press Win+R and enter %TEMP% into the Open box.
4. Click OK and remove the lmaoxus.exe file (if found).