Trojan.Ransomlock!gen4

Trojan.Ransomlock!gen4 Description



Trojan.Ransomlock!gen4 is a behavioral (or ‘heuristic’) identification label that’s applied to certain types of Trojans. Variants of Trojan.Ransomlock!gen4 are capable of different attacks, but probable threats that SpywareRemove.com malware experts have noted include frozen operating systems, fake warning messages for criminal activity, fake infection alerts, the installation of other forms of harmful software and attempts to steal money or personal information (including bank-related info). Despite the high level of harm that Trojan.Ransomlock!gen4 can cause, Trojan.Ransomlock!gen4 is only capable of attacking Windows-based computers. Recent Trojan.Ransomlock!gen4 attacks have focused on spreading Trojan.Ransomlock!gen4 via spam e-mail messages about Muammar Gaddafi’s passing, and SpywareRemove.com malware experts encourage you to avoid interaction with e-mail links from unusual sources to protect your PC from Trojan.Ransomlock!gen4.

Trojan.Ransomlock!gen4: a Generalized Danger with a Timing-Specific Lure


Even though Trojan.Ransomlock!gen4 has been a danger to Windows computers for some time now, recent events have conspired to give Trojan.Ransomlock!gen4 a new way of infecting your PC. Much like Mal/Behav-103, BKDR_EXDEPH.A and BKDR_IRCBOT.DAM, Trojan.Ransomlock!gen4 uses spam e-mail messages to spread itself, while claiming to be a movie link that depicts the demise of dictator Muammar Gaddafi. Although SpywareRemove.com malware experts have found that Trojan.Ransomlock!gen4 spam e-mail does contain genuine footage of this event, the links that are provided also include an installer for Trojan.Ransomlock!gen4 which launches itself without permission.

Brazilian Internet-goers are especially in danger of being targeted by this Trojan.Ransomlock!gen4 attack, since most Trojan.Ransomlock!gen4 spam messages have focused on that country.
Download SpyHunter Spyware Scanner
Naturally, the content isn’t in English, although a translation has been provided below, along with a transcription of the original subject line:

Subject: Novo video nao divulgado por ter imagens fortes mostra Kadhafi pedindo misericordia de joelhos e seus guardas sendo executados

Subject: New video not released due to disturbing images, shows Gadhafi asking for mercy on his knees and his guards being executed.

Ironically, the link accesses Korean websites (specifically, subdomains of noticias.removed.co.kr) to install Trojan.Ransomlock!gen4.

Recovering from a Trojan.Ransomlock!gen4 Attack and Putting This Deadly Genie Back into Its Jar


Like most Trojans, Trojan.Ransomlock!gen4 will try to avoid detection, and you should use appropriate anti-malware applications to find and remove Trojan.Ransomlock!gen4. Your security programs may also detect Trojan.Ransomlock!gen4 by one of its aliases, which include TrojanDownloader:Win32/Cutwail.BE, Trojan-Banker.Win32.Qhost.mmu and Mal/EncPk-AAT. Trojan.Ransomlock!gen4 can attack most versions of Windows, such as Windows 2K, XP, NT and Server 2003.

Risks from Trojan.Ransomlock!gen4 attacks can vary due to the nature of the Trojan itself, as well as due to instructions that Trojan.Ransomlock!gen4 may receive from control servers. SpywareRemove.com malware experts forewarn against the following possibilities:
  • Having Windows locked and being unable to access any meaningful programs or functions. This is usually accompanied by some form of request for money (which is the ‘ransom’ part of the ‘ransomlock’ moniker). Under no circumstances should you pay this fee instead of deleting Trojan.Ransomlock!gen4 with suitable security software.
  • Having security and anti-malware programs blocked. Methods of working around this Trojan.Ransomlock!gen4 attack include using a Safe Mode boot, booting from a USB device or renaming the program file to a generic file name like ‘explorer.exe.’
  • Experiencing browser hijacks that create pop-ups or redirect your browser to unsafe websites.
  • Noticing the presence of unusual and malicious types of software, such as fake AV programs, spyware programs, worms or viruses.
  • Experiencing a loss of private data (such as passwords or account login names) to hackers who will use this information for criminal purposes.


Trojan.Ransomlock!gen4 Automatic Detection Tool (Recommended)


Is your PC infected with Trojan.Ransomlock!gen4? To safely & quickly detect Trojan.Ransomlock!gen4, we highly recommend you run the malware scanner listed below.



Technical Details

File System Modifications

Tutorials: If you wish to learn how to remove malware components manually, you can read the tutorials on how to find malware, kill unwanted processes, remove malicious DLLs and delete other harmful files. Always be sure to back up your PC before making any changes.
  • The following files were created in the system:
    # File Name Detection Count
    1 file.exe 593
    2 file.exe 506
Posted: November 2, 2011 | By
Share:
Follow Me on Pinterest More More
Threat Level: 9/10
1 Star2 Stars3 Stars4 Stars5 Stars (No Ratings Yet)
Loading ... Loading ...
Rate this article:
Detection Count: 97
Home Malware ProgramsTrojans Trojan.Ransomlock!gen4

Leave a Reply

What is 3 + 5 ?
Please leave these two fields as-is:
IMPORTANT! To be able to proceed, you need to solve the following simple math (so we know that you are a human) :-)