1 of 2
Danger level 7
Type: Trojans
Common infection symptoms:
  • Slow Computer
  • System crashes
  • Connects to the internet without permission
  • Installs itself without permissions
  • Can't be uninstalled via Control Panel

LockOn Ransomware

LockOn Ransomware may cause huge devastation on your computer by encrypting all your personal files if it find a way to your system in the future. However, right now it seems that only a test version has hit the web and started spreading, which may not -- if at all -- cause too much harm. In fact, this first version seems to only attack files in one directory, which may not even be there on your system. In other words, if you do not have the targeted directory on your PC, no encryption occurs. The other good bit of news is -- however strange it may sound to talk about anything "good" when it comes to ransomware -- that encryption, in this case, only starts up if you click a button in the ransom note window. But no matter how innocent this version may sound or look, you do need to take it just as seriously because we are not talking about a potentially unwanted program; this is or rather, will be a ransomware program that may encrypt all your important files, which you may never see again. Who knows when the finished version hits the web and starts ruining its victims files? You need to be prepared and try to prevent the next attack from happening. But first and foremost, you need to remove LockOn Ransomware from your computer.

This malware infection may mostly use spamming campaigns to spread on the net. This is a favored method by cyber criminals because they can relatively easily infect computer users in big numbers. Right now you may be thinking that there is no way you would open a spam mail, let alone view its attachment, but let us beg to differ. Unfortunately, spam mails have become rather tricky and it may not be as easy to spot them as it used to be in the "olden" days with obviously fake sender names and e-mail addresses, and subject lines that were screaming "IT IS A SCAM" right in our face. Nowadays a spam may make you feel guilty and curious how come you may have forgotten to pay a fine or settle an invoice, which is usually claimed to have happened. Most people would want to see the content of such a mail even if out of pure curiosity. The problem is that when you save and run the attached file, you actually activate this malicious attack, which also means that you cannot delete LockOn Ransomware without consequences. Well, maybe this time you can get away with it just fine and without losing any files really. However, if it were a fully functioning ransomware, as its future version may well be, you could easily lose all your important files by the time you could even think about whether to delete LockOn Ransomware or rather pay the ransom fee to recover your files.

We do not have any information yet regarding the encryption algorithm this ransomware infection may use but it is quite likely one of the AES algorithms, which are very popular among cyber criminals who also like to combine it with RSA-1024 or RSA-2048 to make it virtually impossible to crack or hack the encryption, and recover files. However, sometimes malware hunters actually do succeed and can come out with a free tool to help victims recover their files. So it is always worth trying to find such a tool when hit by ransomware; although, we do not advise to do so if you are not an advanced user.

After you run this infection, it displays its application window, which is actually its ransom note window. It tells you that your files have been encrypted and your computer locked and that you should not try to decrypt your files any other way or else your computer could be "destroyed." As a matter of fact, there is no amount given that you are supposed to transfer in Bitcoins, which is yet another error and sign that this is not a finished infection. This application window offers you 5 languages (English, French, Italian, Turkish, and Spanish) to choose from. The interesting thing about this threat is that the encryption only activates if you press the "Check" button. Also, this ransomware will only encrypt file in "%HOMEDRIVE%\Users\Exploits\Desktop\test" folder if there is any on your system. The affected files are supposed to have a random name with random characters and a ".lockon" extension appended. You can also drop a file named "Key.txt" on your desktop containing your decryption key if you press the "Fake paye (test)" button, which, again, is not very characteristic of a well-functioning ransomware program. No matter how unfinished this malicious program may seem to you, we recommend that you remove LockOn Ransomware ASAP.

The first move to make if you are ready to act is end the malicious process right away so that you can delete the malicious file you have downloaded recently. Please follow our instructions below if you feel up to the task. If not, you can always download a reputable anti-malware program like SpyHunter to take care of all your system security issues automatically. That is what we call a real peace of mind that all security-minded people may enjoy to have in their virtual world.

Remove LockOn Ransomware from Windows

  1. Open the Task Manager (tap Ctrl+Shift+Esc).
  2. Find the malicious process in the list.
  3. Right-click on the process and choose Properties.
  4. Memorize the Location field content to be able to find the malicious executable file.
  5. Click OK.
  6. Click End task and close the Task Manager.
  7. Tap Win+E.
  8. Locate the malicious executable file and bin it.
  9. Empty your Recycle Bin and restart your PC.
Download Spyware Removal Tool to Remove* LockOn Ransomware
  • Quick & tested solution for LockOn Ransomware removal.
  • 100% Free Scan for Windows

Post comment — WE NEED YOUR OPINION!

Please enter security code:
This is a captcha-picture. It is used to prevent mass-access by robots.