What is Locket ransomware? And how does it carry out its attack?

Locket ransomware is a new ransomware threat that appears to be still under development as it doesn’t encrypt files at the time of writing. However, it can lock a computer’s screen and insist victims to pay 0.1424 ransom in Bitcoins within the given period of time. So even though the files are safe from encryption, victims won’t be able to access their computers much less their files. According to security experts, this screen locker is intends to imitate CryptoLocker ransomware which emerged at the end of 2016. Thankfully, unlike CryptoLocker, Locket ransomware is not able to encrypt files yet.
After it has managed to infect the computer, it displays the following message on the locked screen:
“Your PC has been locked by the Locket ransomware!
Access to your PC has been blocked. This means that you wont be able to access your local files. which include Documents. Videos. Music. etc… You also cant use your installed programs! In order to unlock your compiler, youll need a password. In order to get it, a payment of 0.1424 Sitcom is required
The password is unique for your PC III
F.A.Q. It’s possible to make the payment via Bitcon. the most reliable anonymous payment form. Don’t you have a Bitcoin address ? Creating it is very simple. and money can be easily transfered from a Credit Card/PayPal. If the payment won’t be received within the time-limit. all your files will be deleted. And there’s no way to recover them.
Click on “Pay now” to get your password. Any attempt to damage this software will lead to an immediate destruction of your files.
[Type password|BUTTON] [Back|BUTTON] [Pay now|BUTTON]”
As per the ransom note on the locked screen, victims are given approximately 72 hours to pay the ransom through Bitcoins. Clearly, this ransomware is trying to intimidate victims by threatening to delete all the files stored in the infected computer if they try to remove Locket ransomware from the device or refuse to pay the ransom. This is only an empty threat as the files are safe from Locket ransomware unless this ransomware gets an update. So if you are one of the unfortunate victims of this ransomware, it would be wise to remove this ransomware before its developers decide to update it into something that could encrypt files. As for unlocking your computer, the code will be given later on in the removal guide provided below.
How does Locket ransomware proliferate?
It isn’t clear yet how Locket ransomware proliferate but security experts reckoned that it could spread through spam emails. On the other hand, it is also likely to spread on P2P file sharing sites so you have to be mindful in downloading videos, audios and other files from peer-to-peer sharing sites. A lot of users are lured into getting programs and other expensive content for free. Cyber crooks take advantage of this by injecting a malicious code into the program or the file responsible in installing malware like Locket ransomware into the computer.
Obliterate Locket ransomware from your computer using the instructions below.
Step 1: Click the “Type password” button and type in the code ul62bfqSA in the field to unlock your computer
Step 2: Pull up the Task Manager by tapping Ctrl + Shift + Esc keys on your keyboard.

Step 3: Go to the Processes tab and look for Locket Ransomware – 1.0 and then end its process.

Step 4: Exit the Task Manager and open Control Panel by pressing the Windows key + R, then type in appwiz.cpl and then click OK or press Enter.

Step 5: Look Locket Ransomware – 1.0 and then uninstall it.

Step 6: Close Control Panel and tap Win + E keys to open File Explorer.
Step 7: Navigate to the following locations and look for Locket ransomware’s installer and other related files and delete them all.

  • %TEMP%
  • %USERPROFILE%\Downloads
  • %USERPROFILE%\Desktop

Step 8: Close the File Explorer.
Before you proceed to the next steps below, make sure that you are tech savvy enough to the point where you know exactly how to use and navigate your computer’s Registry. Keep in mind that any changes you make will highly impact your computer. To save you the trouble and time, you can just use PC Cleaner Pro, this system tool is proven to be safe and excellent enough that hackers won’t be able to hack into it. But if you can manage Windows Registry well, then by all means go on to the next steps.
Step 9: Tap Win + R to open Run and then type in regedit in the field and tap enter to pull up Windows Registry.

Step 10: Navigate to the listed paths below and look for the registry keys and sub-keys created by Locket ransomware.

  • HKEY_CURRENT_USER\Control Panel\Desktop\
  • HKEY_USERS\.DEFAULT\Control Panel\Desktop\
  • HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run
  • HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce

Step 11: Delete the registry keys and sub-keys created by Locket ransomware.
Step 12: Close the Registry Editor.
Step 13: Empty your Recycle Bin.
To make sure that Locket is completely removed and that nothing is left behind, use the following antivirus program. To use it, refer to the instructions below.
Perform a full system scan using SpyRemover Pro. To do so, follow these steps:

  1. Turn on your computer. If it’s already on, you have to reboot
  2. After that, the BIOSscreen will be displayed, but if Windows pops up instead, reboot your computer and try again. Once you’re on the BIOS screen, repeat pressing F8, by doing so the Advanced Option shows up.

  1. To navigate the Advanced Optionuse the arrow keys and select Safe Mode with Networking then hit
  2. Windows will now load the SafeMode with Networking.
  3. Press and hold both R key and Windows key.

  1. If done correctly, the Windows Run Boxwill show up.
  2. Type in explorer http://www.fixmypcfree.com/install/spyremoverpro

A single space must be in between explorer and http. Click OK.

  1. A dialog box will be displayed by Internet Explorer. Click Run to begin downloading the program. Installation will start automatically once download is done.

  1. Click OK to launch it.
  2. Run SpyRemover Pro and perform a full system scan.

  1. After all the infections are identified, click REMOVE ALL.

  1. Register the program to protect your computer from future threats.


logo main menu

Copyright © 2023, FixMyPcFree. All Rights Reserved Trademarks: Microsoft Windows logos are registered trademarks of Microsoft. Disclaimer: FixMyPcFree.com is not affiliated with Microsoft, nor claim direct affiliation. The information on this page is provided for information purposes only.

DMCA.com Protection Status

Log in with your credentials

Forgot your details?