Click on screenshot to zoom
Danger level 8
Type: Trojans
Common infection symptoms:
  • Slow Computer
  • System crashes
  • Normal system programs crash immediatelly
  • Connects to the internet without permission
  • Installs itself without permissions
  • Can't be uninstalled via Control Panel

LOCKED_PAY Ransomware

LOCKED_PAY Ransomware is yet another file-encryptor that we put into our list of malware to beware of. This malicious threat is likely to spread via backdoors within your email inbox and remote access systems, but it is always possible that it could be dropped and executed by other malicious infections. According to our malware experts, unguarded operating systems are the ones that this malware attacks successfully, and so it is imperative that you implement all security measures to prevent this malware from slithering in. You must not forget about this even if the malicious threat has invaded your system and encrypted your personal files already because once you delete it, your system will remain vulnerable to new attacks. Of course, right now, you might want to focus on the removal of LOCKED_PAY Ransomware. What about the decryption of your files? Shouldn’t that be the first thing on the agenda? Unfortunately, at the time of research, decrypting files was not possible.

It was discovered that LOCKED_PAY Ransomware comes from the Jigsaw Ransomware family, and so it is not surprising that it is similar to Rodentia Ransomware, .PC-FunHACKED!-Hello Ransomware, and a few other threats that come from this family also. The attackers behind all of these infections want to get money, and they are ready to terrorize users to get what they want. As soon as the malicious infection is executed, files are encrypted. LOCKED_PAY Ransomware adds the “.LOCKED_PAY” extension to the names of the files that it encrypts, and so it should be easy to spot the corrupted files quickly. Needless to say, the files cannot be restored by removing the added extension. Unfortunately, it looks like they cannot be restored at all. That is because a complex encryption algorithm was used, and normal file decryptors cannot crack it. Malware experts have not come up with a free decryptor either, and we cannot promise that it will be created at all. What about the decryptor offered by the attackers? If you think that cybercriminals can be trusted, you are naive. If you do not want to waste money, do not pay the ransom.

The ransom payment that the attackers behind LOCKED_PAY Ransomware expect from you is introduced to you via a window that the infection launches once your personal files are encrypted. According to the message, you have 24 hours to pay a ransom of 0.005 Bitcoin or 800 Monero (at the time of research, 0.005 BTC converted to $42 and 800 XMR converted to $42,000) by sending it to the attackers’ wallet. The address is 1MNRTjvLUs5uMEa3tfZzJRy3qJvC6nEbwj, and it is stated that if you pay the ransom and then click the GET MY DECRYPTION KEY button displayed on the screen, you can get your files restored in no time. If you take this warning seriously, you might decide to pay the ransom, but we do not recommend it. We hope that you do not need to make the difficult decision of whether or not to take the risk because you have backup copies of all of your personal files. Even if you only have some copies, that is still better than nothing. Without a doubt, you must not forget to continue creating backups in the future, after you delete LOCKED_PAY Ransomware, because you want to be prepared for the next file-encrypting or file-removing infection that might attack.

You can follow the instructions below, but only if you can identify the file that launched and executed the threat. If you cannot find it, you will not be able to delete LOCKED_PAY Ransomware completely, and you will need to employ the help of reliable anti-malware software anyway. In this case, it is best to install this software right away, and allow it to clear your system and also secure it. Remember that only protected systems can stand against malware. If you leave your system exposed, it could be attacked by new file-encrypting infections or different kinds of malware altogether. This is what you need to think about if you decide to remove LOCKED_PAY Ransomware manually. Hopefully, you now know what to do to clear your system and protect it in the future, but if there is anything else you want to discuss, do not hesitate to leave a comment below.

LOCKED_PAY Ransomware Removal

  1. Delete all recently downloaded suspicious files.
  2. Tap Win+E keys to access Explorer.
  3. Type %APPDATA% into the field at the top and tap Enter.
  4. Delete the folder named Path if it exists.
  5. Empty Recycle Bin.
  6. Install and run a legitimate malware scanner.
  7. If threats are found, delete them immediately.
Download Spyware Removal Tool to Remove* LOCKED_PAY Ransomware
  • Quick & tested solution for LOCKED_PAY Ransomware removal.
  • 100% Free Scan for Windows

Post comment — WE NEED YOUR OPINION!

Please enter security code:
This is a captcha-picture. It is used to prevent mass-access by robots.