Trojan:HTML/Ransom.A
Posted: May 9, 2012
Threat Metric
The following fields listed on the Threat Meter containing a specific value, are explained in detail below:
Threat Level: The threat level scale goes from 1 to 10 where 10 is the highest level of severity and 1 is the lowest level of severity. Each specific level is relative to the threat's consistent assessed behaviors collected from SpyHunter's risk assessment model.
Detection Count: The collective number of confirmed and suspected cases of a particular malware threat. The detection count is calculated from infected PCs retrieved from diagnostic and scan log reports generated by SpyHunter.
Volume Count: Similar to the detection count, the Volume Count is specifically based on the number of confirmed and suspected threats infecting systems on a daily basis. High volume counts usually represent a popular threat but may or may not have infected a large number of systems. High detection count threats could lay dormant and have a low volume count. Criteria for Volume Count is relative to a daily detection count.
Trend Path: The Trend Path, utilizing an up arrow, down arrow or equal symbol, represents the level of recent movement of a particular threat. Up arrows represent an increase, down arrows represent a decline and the equal symbol represent no change to a threat's recent movement.
% Impact (Last 7 Days): This demonstrates a 7-day period change in the frequency of a malware threat infecting PCs. The percentage impact correlates directly to the current Trend Path to determine a rise or decline in the percentage.
| Threat Level: | 9/10 |
|---|---|
| Infected PCs: | 61 |
| First Seen: | May 9, 2012 |
|---|---|
| OS(es) Affected: | Windows |
Trojan:HTML/Ransom.A is an HTML component of the Ukash Virus family, a group of ransomware Trojans that lock down the infected PC and display misleading pop-up alerts that claim to be from a regional legal entity (such as the Metropolitan Police). Although Trojan:HTML/Ransom.A's pop-up text will attempt to lure you into paying a ransom to wiggle out of this lock down, SpywareRemove.com malware researchers stress that Trojan:HTML/Ransom.A-related PC threats are incapable of detecting the crimes that have supposedly been connected to your PC and aren't linked to any form of legal authority. Since Trojan:HTML/Ransom.A's pop-up will block you from using other programs until the accompanying Trojan is deleted, it's suggested for you to use any one of several methods (such as booting into Safe Mode or booting from a removable hard drive) to disable Trojan:HTML/Ransom.A and the related ransomware Trojan before you scan your computer with suitable anti-malware software.
Trojan:HTML/Ransom.A: a Trojan Pop-Up from Sea to Shining Sea (and Everywhere Else, Too)
Trojan:HTML/Ransom.A is the pop-up component of a family of ransomware Trojans that specialize in masquerading as law enforcement for cyber crimes. Most Trojans from Trojan:HTML/Ransom.A's family (such as Bundespolizei National Cyber Crimes Unit Ransomware, the Strathclyde Police Ukash Virus, the Scotland Yards Ukash Virus, Police Nationale FR Ransomware, Royal Canadian Mount Police (RCMP) Ransomware or Police Central e-crime Unit (PCEU) ransomware) will lock down your PC and prevent you from using any major functions or programs until you've transferred a sizable fee via Ukash or Paysafecard. The text of Trojan:HTML/Ransom.A's alert will attempt to imply that Trojan:HTML/Ransom.A is part of a regional law enforcement agency that's conducting this attack as a form of legal action, but SpywareRemove.com malware experts note that Trojan:HTML/Ransom.A is never connected with any type of real legal entity.
Because the contents of Trojan:HTML/Ransom.A's warnings can vary by country, you may find unusually personal details in its fake alert, which can even include your IP address. Another fact worth noting is that Trojan:HTML/Ransom.A's text typically accuses the victim of being involved in some form of highly embarrassing media-viewing activity, such as child pornography, although SpywareRemove.com malware experts have found that other forms of warnings (such as threats against illicit music file transfers) have also emerged in recent variants of Trojan:HTML/Ransom.A's Trojans.
Peeling Back Trojan:HTML/Ransom.A's Warning Window to Find Your Perfectly Intact PC Beneath It
While Trojan:HTML/Ransom.A is insistent that you should pay a heavy fee for its removal, SpywareRemove.com malware researchers note that this is unnecessary to regain access to your computer. Unlike most ransomware Trojans, Trojan:HTML/Ransom.A-related Trojans don't attempt to make any serious attacks against your PC, other than displaying Trojan:HTML/Ransom.A to block you from using the rest of the Windows interface. Due to the simplistic nature of this attack, you can circumvent it and use suitable anti-malware programs to delete Trojan:HTML/Ransom.A and its fellow Ukash Virus by using any of the following tactics, all of which are recommended by SpywareRemove.com malware researchers:
- Launching Windows in Safe Mode, which can disable many PC threats that use basic Registry-based startup exploits, including Trojans that are linked to Trojan:HTML/Ransom.A.
- Booting Windows from a removable hard drive or a network-shared hard drive.
- Booting to a separate operating system – SpywareRemove.com malware experts note non-Windows OSes as particularly ideal for the purpose of shutting down Trojan:HTML/Ransom.A, since Ukash Viruses are specific to Windows platforms.
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.