L0cked Ransomware Removal Guide

Do you know what L0cked Ransomware is?

L0cked Ransomware is a malicious application that can enter your system without asking your permission. Normally, such a threat should encipher all personal files or even some part of program data, but our computer security specialists say the sample they obtained did not do anything else besides changing the default wallpaper and showing a ransom note. In other words, the malware may not encrypt your files, but it could try to convince you otherwise and demand you pay a ransom. Needless to say, instead of putting up with any demands we would advise to remove L0cked Ransomware immediately. If you keep reading this report, we will explain you more about the malicious program’s working manner. Moreover, users who need any assistance while deleting the infection can use the removal guide available just a bit below the main text or leave us a comment at the end of this page.

So far it is yet unknown how users may come across L0cked Ransomware, although there are a few versions. One of the most popular methods to distribute file-encrypting threats is to send files that do not look harmful via Spam emails. To be more precise, the user could receive an attachment looking like a text document, a picture, etc. Next, to such a file, you might notice a text explaining why it is essential to open the delivered file immediately. Obviously, instead of launching it we would recommend erasing it or scanning the suspicious file with a reputable antimalware tool. Another possible scenario is the threat might travel with fake updates, malicious installers, or other harmful data users could encounter while visiting torrent or other unreliable P2P file-sharing networks, and so on.L0cked Ransomware Removal GuideL0cked Ransomware screenshot
Scroll down for full removal instructions

Furthermore, once the infection gets installed, it may change your default wallpaper with a JPG picture called “BK.” We call it the short version of the malware’s ransom note since it does not provide as much information as one can see on the malicious program’s window that should be launched around the same time the picture gets changed. L0cked Ransomware’s complete ransom note mentions the same email address (decryptorsoon301@aol.com), but unlike the text on the specified JPG image, it demands you to pay a particular sum in Bitcoins. It seems users have around seven days to pay or it is said the price will be raised, and eventually, the malware’s note claims it will erase encrypted files. However, as we explained at the beginning of the text, the sample we tested did not encipher data on our computer. Therefore, paying the ransom would be most unnecessary. Truth to be told, we would never recommend making a payment since cybercriminals cannot be trusted and there is always a chance they can scam the victim.

All things considered, it seems if you come across L0cked Ransomware, there is nothing else to do but to erase it. Users who think they can deal with the threat manually could follow the removal guide available a bit below. It will explain how to get rid of this malware step by step. The other way to eliminate the malicious program once and for all is to install a reputable antimalware tool and let it delete the infection for you.

Eliminate L0cked Ransomware

  1. Click Ctrl+Alt+Delete simultaneously.
  2. Pick Task Manager.
  3. Take a look at the Processes tab.
  4. Locate a process related to the malicious program.
  5. Select this process and press the End Task button.
  6. Click Windows Key+E.
  7. Navigate to the suggested paths:
    %TEMP%
    %USERPROFILE%Desktop
    %USERPROFILE%Downloads
  8. Find a file that was opened when the system got infected.
  9. Right-click the malicious file and select Delete.
  10. Change your default wallpaper.
  11. Navigate to %PUBLIC%\Pictures and locate a picture called BK.jpg.
  12. Right-click BK.jpg and select Delete.
  13. Leave File Explorer.
  14. Restart the computer.

In non-techie terms:

L0cked Ransomware would be a vicious threat if it was fully developed, but since the cybercriminals did not program it to encipher files yet, the malware might not cause any trouble to ones who encounter it. On the other hand, it may scare some users for a moment as it could display a ransom note claiming all files are ruined. Hopefully, users who come across L0cked Ransomware will check if their data was actually enciphered before panicking. The easiest way to do so is to double-click your photos, pictures, videos, and other personal data. Provided, the system recognizes it, and it can be opened, you should assume nothing happened. Under such circumstances, our computer security specialists would recommend paying no attention to the ransom note. Instead, the user should get rid of the malicious program either manually by following the removal guide available above or with a reputable antimalware tool of his choice.