Trojan.Shadowlock
Threat Scorecard
EnigmaSoft Threat Scorecard
EnigmaSoft Threat Scorecards are assessment reports for different malware threats which have been collected and analyzed by our research team. EnigmaSoft Threat Scorecards evaluate and rank threats using several metrics including real-world and potential risk factors, trends, frequency, prevalence, and persistence. EnigmaSoft Threat Scorecards are updated regularly based on our research data and metrics and are useful for a wide range of computer users, from end users seeking solutions to remove malware from their systems to security experts analyzing threats.
EnigmaSoft Threat Scorecards display a variety of useful information, including:
Ranking: The ranking of a particular threat in EnigmaSoft’s Threat Database.
Severity Level: The determined severity level of an object, represented numerically, based on our risk modeling process and research, as explained in our Threat Assessment Criteria.
Infected Computers: The number of confirmed and suspected cases of a particular threat detected on infected computers as reported by SpyHunter.
See also Threat Assessment Criteria.
| Threat Level: | 90 % (High) |
| Infected Computers: | 6 |
| First Seen: | July 9, 2013 |
| Last Seen: | March 7, 2020 |
| OS(es) Affected: | Windows |
Trojan.Shadowlock Image
The Shadowlock ransomware infection is a dangerous Winlocker that takes over the victim's computer in exchange for a ransom. Shadowlock differs from many other ransomware Trojans in that Shadowlock demands that the victim fill out online surveys in order to generate revenue. While most other ransomware Trojans demand payment through an online payment service like Ukash or MoneyPak, ESG security researchers have noted that many newer ransomware infections are recurring to online surveys and similar scams for a more immediate monetization. There are several advantages to this type of scam. As common Police Ransomware scams become more common and computer users become more educated about these types of attacks, they have started to become less effective. The fact that they incapacitate the infected computer completely also makes them less effective in the long run for making money.
Since Shadowlock and similar ransomware infections allow the computer user access to the infected computer after filling out surveys, inexperienced computer users are less likely to remove these types of infections, despite the damage that they do to the infected computer. It is important to note that you should remove Shadowlock or any ransomware infection on your computer using a reliable anti-malware program. Apart from scamming you and trying to steal your money, Shadowlock and similar threats can expose you to numerous other malware threats, compromise your private data and cause severe performance problems on your computer.
Table of Contents
The Traps Behind the Surveys Presented by Shadowlock
The distribution of Shadowlock is often found on underground hacker forums. This infection is advertised as a way to force victims to fill out surveys to unlock their computer. Once a computer has been infected with Shadowlock, this malware infection will display a pop-up window claiming that the victim needs to enter an unlock code in order to gain access to the infected computer. To obtain one of these unlock codes, the victim has to fill out an online survey. While Shadowlock is displaying its pop-up window, the victim cannot access any files or components on the infected computer, including the Start Menu and the Task Manager. System Restore will also not remove Shadowlock. Effectively, Shadowlock takes the victim's computer hostage and refuses to give up control until the computer user fills out online scams.
File System Details
| # | File Name |
Detections
Detections: The number of confirmed and suspected cases of a particular threat detected on
infected computers as reported by SpyHunter.
|
|---|---|---|
| 1. | %AppData%\Cores.exe | |
| 2. | %Temp%\[5 RANDOM LETTERS].exe | |
| 3. | %AppData%\tmps.tmp |
Submit Comment
Please DO NOT use this comment system for support or billing questions. For SpyHunter technical support requests, please contact our technical support team directly by opening a customer support ticket via your SpyHunter. For billing issues, please refer to our "Billing Questions or Problems?" page. For general inquiries (complaints, legal, press, marketing, copyright), visit our "Inquiries and Feedback" page.