Lock93 Ransomware Removal Guide

Lock93 Ransomware could be your next nightmare on “Malware Street” since this malicious program can encrypt your files and this could easily mean losing them for good. This ransomware program most likely comes from Russia because it is bilingual (Russian and English) and these criminals also demand a very low ransom fee, which is characteristic of test runs aimed at Russian speaking countries. However, this does not mean at all that you cannot infect your machine anywhere in the world. We do not recommend that you pay these criminals, no matter how low the price seems to be because there is no guarantee that you will get anything for your money. Of course, this is your decision to make. Nevertheless, we believe that you should remove Lock93 Ransomware immediately, if you want to use your computer again. Let us tell you about the potential risks and how you could avoid such an attack next time.

Our research shows that this dangerous ransomware mostly spreads through spamming campaigns, which is probably the most widely used method for cyber criminals to distribute such infections. You may believe that your spam filter does a perfect job but what if we tell you that certain spam mails may be able to avoid detection and end up in your inbox. But even if some land in your spam folder, because of the sender e-mail addresses and subjects they may use, you could be totally convinced that you must read them right away along with the attached file. As a matter of fact, there is always a file attachment in these mails. This file could be an image (.jpg or .bmp) or a text document (.docm) with malicious macro code that pretend to be an important unpaid invoice or a proof that you gave the wrong credit card details for a certain alleged booking of some kind. When you download and open this file, you actually infect your system with Lock93 Ransomware. This is why we suggest that you be more cautious around your e-mails. One single click could bring this vicious program on board and you could lose all your important files in a matter of a few minutes even if you remove Lock93 Ransomware after noticing it.

Since the other most popular method to spread ransomware programs is done through Exploit Kits, we must warn you to always keep all your browsers and drivers (Java and Adobe Flash) updated from official sources only. These kits can exploit bugs in outdated versions and through malicious web pages they can infect your system. You do not even need to click on any content on such a page as the malicious code initiates the moment the page is loaded in your browser. You can easily end up on such dangerous pages if you click on questionable third-party ads on suspicious websites, for instance.

Once you activate this ransomware, it attacks your media files (music, video, and text), your archives, and third-party program files, and encrypts them. All the affected files get a new ".lock93" extension, which makes it obvious what has hit you. When all the encryption is done, the ransom note called “ИНСТРУКЦИЯ INSTRUCTION.txt” is dropped on your desktop and a window pops up with the same note. You can choose between Russian and English language. This note simply informs you that your files have been encrypted and you have to send an e-mail to oplaticydadeng@mail.ru or zaplatiddeng@yandex.ru in order to get further details with regard to the payment instructions.

You are supposed to pay as little as 1000 Russian Rubels, which is around 16 US dollars, one of the lowest ransom fees we have ever seen. The usual amount ranges from 60 to 600 dollars; although we have found ransomware infections that demand 1200 or even 3200 dollars. Obviously, these insanely high amounts are targeting corporations most likely. In any case, it is possible that this is just a test run for Lock93 Ransomware or simply targets Russian speaking countries with this low fee. But however low this amount is, we do not suggest that you pay these criminals because you may still not be able to recover your files. You are supposed to get a code after you make the transfer and insert this code in the field provided in this ransom note window. But what if you do not get any codes? We recommend that you delete Lock93 Ransomware ASAP if you want to restore your security level.

It is not too complicated to remove Lock93 Ransomware from your computer since all you have to do is delete a few files. If you wonder which ones, please use our instructions below as a reference. Since this ransomware infection does not lock your screen and your system files either, you do not even need to restart your computer in Safe Mode, which makes this process even easier. Of course, it is possible that your system is infected with other malware threats as well or that you cannot protect your computer effectively yourself. Therefore, we suggest that you find and download a trustworthy malware removal program, such as SpyHunter. Keep this tool always updated along with all other software on board and you should have full protection against all known malware infections.

How to remove Lock93 Ransomware from Windows

1. Tap Win+E.
2. Locate the downloaded malicious file and delete it. (This file can have a random name and could be in default places, such as %TEMP%, %userprofile%\downloads and %userprofile%\desktop.)
3. Delete the ransom note from your desktop.
4. Empty your Recycle Bin.
5. Reboot your computer.