Trojan.Reveton.F belongs to an infamous Reveton group of ransomware Trojans which infect unprotected Windows systems all over the world. The sinister program travels with the help of clandestine drive-by downloads, immediately after which it presents with an unauthorized computer’s lock down. The ransomware application can change Internet settings, drop malignant files to the Local Disk, inject codes into chrome.exe, firefox.exe, iexplore.exe or opera.exe and ever terminate the Task Manager in order to circumvent the removal. Regardless, you need to remove Trojan.Reveton.F from the computer right away and this report will help you get rid of the horrendous infection within minutes.
It has been found out that the malicious program can contact remote servers (e.g. 220.127.116.11 and whatwillber.com) and download malignant files to execute highly illicit processes. If the PC was infected with FileMem.dll, schemers could steal your personal data, which could be used in additional scams. Another dangerous component install_0_msi.exe, or roper0dun.exe, could be used to add programs to the system’s auto-start or could be utilized as a rootkit. This would make it impossible to detect and delete Trojan.Reveton.F from the computer. Despite this, the most dangerous component of the bunch is Lock.dll, which can lock-down your PC and display bogus, misleading notifications.
Many Windows users who are in the same position as you will recognize the computer’s infection by other names, including Polska Policja virus, L’accès à votre ordinateur a été fermé Virus or Polícia de Segurança Pública Portuguesa Virus. You might also come across Ukash virus or Paysafecard virus names, which have been attributed to the ransomware infections that actually are a part of the Trojan.Reveton.F. This is due to the fact that the Trojan is an invisible program that displays different interfaces, depending on your current location.
Once the Trojan is infiltrated into the operating system, cyber criminals can discover your IP address and, according to your country and your language, can display localized notifications. The alert you are presented with is completely fictitious; however, you will be forced to think that it has been sent to you by legal, law enforcement institutions. The bogus warning will claim that you have broken certain laws and that you need to use Ukash, Paysafecard or Green dot Moneypak to pay a fine. Needles to say, this is fictional, and if you pay the demanded sum of money, there is no guarantee that your PC will be unlocked.
An example of a fictitious Trojan.Reveton.F screen-locking notification:
The process of illegal activity is detected. According to UK law and Metropolitan Police Service and Strathclyde Police investigation your computer is locked! […] To release a lock your computer you should pay the fine in amount of £ 100. In the case of ignoring the payment, the program will remove illegal materials while keeping your personal information is not guaranteed.
The fake warning will appear on your screen every time you turn on the PC. This, however, does not mean that it is impossible to remove Trojan.Reveton.F. If you follow the instructions below you will be able to unlock the screen and delete the infection with the assistance of automatic removal tool SpyHunter. Manual removal is not something you should get involved in because the Trojan has rootkit capabilities and could regenerate if you do not delete all existing components.
Windows Vista and Windows 7: