FOR CUSTOMERS

Close

Library
My library

+ Add to library

Search
Search

Contact us
24/7 Tech support | Rules regarding submitting

Send a message

A query form

Call us

+7 (495) 789-45-86

Forum

Your tickets

New ticket

Call us

+7 (495) 789-45-86

Profile

EN

RU CN DE EN ES FR IT JP KZ UZ PL BY
Close
News

News by topic

Virus alerts
The Anti-virus Times
News boxes
Press center

Back to the news list

Doctor Web warns of file block Trojan

December 12, 2008

Doctor Web reports on discovery of a new Trojan — Trojan.Locker.8 — that emerged on the Internet on December 9, 2008. This malicious program blocks access to files and folders on a hard drive and offers a victim to contact authors of the malware for instructions to regain access to their information

The two megabyte Trojan file packed by ASPack is rather large for malware When the Trojan is launched, a key generator Window appears on the screen. While the window has nothing to do with actual activities of the malicious program, it shows that Trojan.Locker.8 can be disguised as a key generator designed by crackers to activate software products by Adobe Systems.

Key generator for Adobe Systems products
Once launched Trojan.Locker.8 renames files and folders on all disk partitions except the system partitions. New file names violate Windows file naming standards so files become inaccessible even though their content is unchanged. After that the program creates its copy (answer.exe) on the desktop and on all partitions containing inaccessible files. Running the file shows a warning message that informs a user that his data has been locked and offers to contact offers of the Trojan to unlock using contact information provided in the message.

Files on the system drive also become inaccessible including files placed in my documents and on the desktop even though the virus makers claim that no changes are done to the system drive..

Doctor Web offers a free utility to unlock access to files in a system compromised by the Trojan. It can be downloaded from the official web-site of the company. Doctor Web strongly advises against contacting the virus makers.

Tell us what you think

To ask Doctor Web’s site administration about a news item, enter @admin at the beginning of your comment. If your question is for the author of one of the comments, put @ before their names.


Other comments