Trojan.Ransomlock.G

Trojan.Ransomlock.G is a technical name for a variant of a Reveton Trojan – the family of ransomware Trojans that are responsible for countless attacks against first-world countries and, in particular, Europe. Trojan.Ransomlock.G, like all Reveton-based ransomware Trojans, displays a pop-up that claims to be from a law enforcement agency and then demands that you pay a legal fee before Trojan.Ransomlock.G unlocks your machine. SpywareRemove.com security analysts alert that there are several reasons why you wouldn't want to pay Trojan.Ransomlock.G's fine – most importantly, the fact that Trojan.Ransomlock.G is illegal software that's unable to respond to any unlock codes or detect any criminal actions on your part. Disabling and removing Trojan.Ransomlock.G with appropriate anti-malware products should be done whenever you see Trojan.Ransomlock.G or any other member of the Reveton family invading your computer.

Why Trojan.Ransomlock.G's 'FBI' May As Well Mean 'For Breaking In'

Reveton-based ransomware Trojans like Trojan.Ransomlock.G Trojans are a staggeringly prolific group of PC threats that have been found to have a high degree of cross-national compatibility. Trojan.Ransomlock.G attacks appear to be specific to the United States, but SpywareRemove.com malware researchers also are very familiar with similar attacks against Canada, most of Europe and parts of the Middle East, as can be exemplified in ransomware Trojans like Guardia di Finanza Ransomware, Poliisi, Tietoverkkorikos Tutkinnan Yksikkö Ransomware, Bundespolizei National Cyber Crimes Unit Ransomware, the Cuerpo Nacional de Policia Virus and the Polícia de Segurança Pública Portuguese Virus.

After Trojan.Ransomlock.G launches (without your permission), Trojan.Ransomlock.G blocks your screen with a borderless web page. This HTML pop-up is designed to look like a warning from the United States FBI and warns you that your PC has been blocked because it has been associated to online crimes – such as visiting illegal sites or downloading pirated files. To enhance the appearance of legal surveillance, Trojan.Ransomlock.G also may display your webcam feed as a way to trick you into thinking that the authorities are watching you.

The bottom line to Trojan.Ransomlock.G's attack is that Trojan.Ransomlock.G insists on the victim transferring money via MoneyPak. SpywareRemove.com malware researchers have found MoneyPak to be one of the favored transaction methods for ransomware Trojans, much like Ukash and Paysafecard for Europe; as such, its inclusion can be considered an easy tip-off to Trojan.Ransomlock.G's nature as illegal and malicious software.

Breaking Trojan.Ransomlock.G's Lock with the Full Support of the Law

Since Trojan.Ransomlock.G isn't associated with the real FBI and is installed without any attempt to detect any criminal activity on the part of its victims, you shouldn't have anything to fear from removing Trojan.Ransomlock.G and ignoring all its fake legal alerts. However, like most ransomware Trojans, Trojan.Ransomlock.G can be difficult to remove by casual means – since Trojan.Ransomlock.G will block you from using other programs or, indeed, even most of your Windows interface.

SpywareRemove.com malware researchers can recommend a way around this problem: booting your computer from a USB device or from Safe Mode. Either solution should be sufficient for disabling Trojan.Ransomlock.G and letting you access any anti-malware programs that Trojan.Ransomlock.G may have blocked. Since Trojan.Ransomlock.G also may make negative changes to your browser's security settings, you should be careful to scan your entire PC when removing a Trojan.Ransomlock.G infection – this will ensure that, hopefully, all of Trojan.Ransomlock.G's changes and hidden components will be deleted.

Technical Details