Home / Spyware Help / Lomix Ransomware Removal Guide

Lomix Ransomware Removal Guide

by 0 Comments

Do you know what Lomix Ransomware is?

Lomix Ransomware is a dangerous computer infection that is very similar to CryptoWire Ransomware. It is very likely that both programs were created by the same developers, or were based on the same engine. Since the previously released CryptoWire Ransomware could be acquired by almost anyone, it would be no surprise if this new infection is simply a more developed version of the old program. On the other hand, it does not matter how intricate the program might be. The bottom line is that you have to remove Lomix Ransomware from your computer at any cost.

This program probably entered your computer with a spam email attachment. Spam email campaigns are the most common distribution method employed by ransomware developers. Although they could also use website exploit kits and even remote desktop access programs. It only shows that users have to be extremely careful when they browse the web because a malicious infection could be only one stray click away. Also, if you are not sure whether the email attachment is safe or not, you can always scan the file with your security tool before you open it. If you do not have such a tool, perhaps it is time to invest in one.

Our research team says that the only thing that makes Lomix Ransomware different from the CryptoWire Ransomware infection is its ransom note. When the encryption is complete, this new program will display a notification which says you need to purchase a decryption key. The previously released program required users to pay $200USD for the decryption key. Lomix Ransomware raises the stakes a little bit higher: It says you need to pay $500USD in bitcoins to acquire the decryption key. Also, it asks you to contact the hackers directly via the wambeng.watson@gail.com email address.Lomix Ransomware Removal GuideLomix Ransomware screenshot
Scroll down for full removal instructions

Other than that, Lomix Ransomware is pretty much like its predecessor. It employs the AES-256 encryption algorithm to affect the files, and it drops the very same files and creates the same tasks as the other ransomware program. Although our researchers do not mention anything about the 30MB limit, so it is very likely that the people behind Lomix Ransomware have fixed that. Previously, CryptoWire Ransomware could only encrypt files that were smaller than 30MB, so there was a chance that some files would remain intact even after the encryption has been completed. The research team has pointed out that this feature might get tweaked in the future, and so it means that this new ransomware does not have the size limit anymore, and any file can be affected.

Where does the malware look for the target files? Lomix Ransomware is programmed to scan your computer the moment it gets installed. It will then locate the %USERPROFILE% directory and check all the subfolders in it. Once the target is set, the program will encrypt all the files in the directory. Although some users keep their files in different directories (especially if they do not like the default settings), this directory is one of the most important ones, where sometimes the system even keep shortcuts to cloud storage. So, in the worst-case scenario, Lomix Ransomware could also encrypt your files that are not physically on your computer.

Of course, when such thing happens, it might seem that purchasing the decryption key will solve all of your problems at once, but we strongly discourage you from doing so. There is always a chance that the communication between the ransomware and its creators may falter, and you could be left without your files AND your money.

Therefore, you should consider removing Lomix Ransomware right now with a licensed antispyware tool. Once your computer is clean, you can delete the infected files to make space for the new ones. Where do you get healthy files? How about your external hard drive? We are pretty sure you have one. Also, have you checked just how much data you have saved in your email inbox? There is quite a lot of information stored in social media and blogs these days, so we are sure that you could retrieve most of your files without must difficulty. The key point here is not to succumb to the demands of cyber criminals.

How to Remove Lomix Ransomware

  1. Locate the most recently launched file.
  2. Delete the file. Press Win+R and open Run prompt.
  3. Type %PROGRAMFILES(x86)%\Common Files into the Open box.
  4. Click OK and find a random-name malicious file. Delete it.
  5. Press Win+R again and type %WINDIR%\System32\Tasks. Click OK.
  6. Find a random 10-digit name task file. Delete it.
  7. Scan your computer with the SpyHunter free scanner.

In non-techie terms:

It goes without saying that no malicious program should be taken lightly. But when we encounter encrypting ransomware programs, we should be extremely careful. Lomix Ransomware will try to swindle you out of your money by holding your files hostage. You can remove Lomix Ransomware by following the instructions above, but if you do not feel confident about that, you can also invest in a computer security application that will do the job for you.