WHAT IS RANSOMWARE?

Ransomware is a type of malicious computer software that threatens the user to take some destructive or harmful actions. Ransomware demands the victim to pay up in order to stop it from running a payload or restore modified or stolen information. Typical parasites are usually trojans, malicious computer programs, which are disguised as harmless applications. Such pests get secretly installed to the system.

A typical payload of ransomware parasites is encrypting files containing important, vital data, deleting user sensitive information, corrupting the system or installed software, stealing confidential documents, user identity details, etc.

First of all, most ransomware parasites run a payload. Then they ask the user to pay the ransom in order to restore lost data or bring the system or installed software to its initial state. If the user pays up, he or she receives certain passwords, codes, special instructions or utilities that allow restoring the information or the system. In some cases, ransomware parasites make this automatically. However, one can never know whether the author of the parasite is actually going to remove the threat or just take user money. Navigate to ransomware parasites.

Newest Ransomware

CoinVault virus

November 21st, 2014. What is CoinVault virus? CoinVault virus is a very serious cyber threat that is used for stealing people's money. Similarly to CryptoGraphic Locker virus , FBI virus and many other ransomware threats, this virus is capable of encrypting various files that are kept on user's computer.... More...

FBI virus

November 6th, 2014. FBI virus is a sneaky malware, which can get into its target computer undetected with a help of Trojan.LockScreen . As soon as it gets inside, this scamware presents itself as 'The FBI Federal Bureau Investigation' and shows an aggressively-designed alert. This alert claims that computer... More...

SuperCrypt virus

November 4th, 2014. What is SuperCrypt virus? SuperCrypt virus is a dangerous ransomware that can easily infect the system without asking its owner's permission. Fortunately, you can hardly miss the fact that your computer was affected by such cyber threat because it blocks the system and starts showing a... More...

DATABASE OF Ransomware PARASITES

Total Ransomware parasites in our DB: 313


# | A | B | C | D | E | F | G | H | I | J | K | L | M | N | O | P | Q | R | S | T | U | V | W | X | Y | Z

    28
    1
  • Smart HDD September 24th, 2013 | 2 Comments
    Smart HDD is a rogue optimization and defragmentation program. It reports false information about hard drive e...

  • 'Stop Online Piracy Automatic Protection System' October 9th, 2012 | 1 Comments
    'Stop Online Piracy Automatic Protection System' is a forged message, which should be ignored because it has n...

  • Abu Dhabi Police GHQ virus April 22nd, 2013 | 2 Comments
    Abu Dhabi Police GHQ virus is a dangerous ransomware threat, which should never be trusted and left on your co...

  • ACCDFISA Protection Program December 11th, 2012 | No Comments
    ACCDFISA Protection Program is a ransomware that locks your computer screen and pretends to encrypt your files...

  • AFP virus September 24th, 2013 | 2 Comments
    AFP virus is a ransomware infection, which can also be called as Australian Federal Police virus. If you have ...

  • Agencia Federal de Investigación virus September 24th, 2013 | No Comments
    Agencia Federal de Investigación virus (can also be called as Secretaría de Seguridad Púb...

  • AKM virus September 24th, 2013 | No Comments
    AKM virus (also called as AKM Ihr Computer ist Gesperrt virus or Autoren Komponisten Musikverleger virus) ...

  • All activities of this computer have been recorded October 30th, 2013 | No Comments
    'All activities of this computer have been recorded' is a fake alert that should never be trusted. No matter t...

  • An Garda Siochana virus October 23rd, 2014 | 9 Comments
    ‘An Garda Siochana' is the latest variant of Police virus that pretends to be sent by Ireland&rsquo...

  • Anonymous Ukash Virus November 7th, 2012 | No Comments
    Anonymous Ukash Virus is a ransomware threat, which belongs to a huge group of viruses that all share identica...

  • ANSSI virus July 6th, 2013 | No Comments
    ANSSI virus is a dangerous ransomware that should be avoided. If you want to feel safe, you should always make...

  • Antivirus XP Hard Disk Repair v9 January 23rd, 2012 | 1 Comments
    Antivirus XP Hard Disk Repair v9 is a ransom Trojan that pretends to be legitimate antivirus software. It stat...

  • Archiveus May 7th, 2006 | No Comments
    Archiveus is a typical ransomware trojan that encrypts user documents in the My Documents folder, and protects...

  • Arestocrat virus September 24th, 2013 | No Comments
    Arestocrat virus is a dangerous ransomware, which attacks poorly protected computers and locks them down after...

  • Arma dei Carabinieri virus August 12th, 2013 | No Comments
    Arma dei Carabinieri virus is a dangerous ransomware, which can easily infiltrate those computers that belong ...

  • Association Canadienne des Policiers virus November 15th, 2012 | No Comments
    Association Canadienne des Policiers virus is a ransomware infection, which belongs to Ukash group of viruses....

  • Asterope Locker virus September 17th, 2014 | No Comments
    What is Asterope Locker virus? Asterope Locker virus is a dangerous ransomware, which is used for s...

1 | | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11 | 12 | 13 | 14 | 15 | 16 | NEXT

WAYS OF INFECTION

Several ransomware parasites are able to propagate themselves and infect the system without user knowledge. Others must be manually installed as any other software with or without user explicit consent. There are three major ways unsolicited parasites can get into the system.

1. Most ransomware parasites get installed by other threats like worms or trojans. They get into the system without user knowledge and consent and affect everyone who uses a compromised computer. Some threats can be manually installed by malicious computer users who have sufficient privileges for the software installation.

2. Many ransomware pests are distributed by e-mail and through file sharing networks. They arrive in files attached to e-mail messages, come embedded into letters or get downloaded using peer-to-peer applications. These risks have unsuspicious names, and therefore can trick a user into opening or executing them. Once the user opens such letter or file, the ransomware parasite silently installs itself to the system.

3. Some trojans that install ransomware parasites infect certain system and software files. The user may receive such files from trusted sources. Once such a file is executed, a trojan quietly installs itself to the system and drops a ransomware threat.

Ransomware affects mostly computers running Microsoft Windows operating system. Less prevalent threats are created to work on other popular platforms.

WHAT RANSOMWARE DOES?

- Encrypts user sensitive documents, multimedia objects or any other files containing important information. Leaves only encrypted data, usually deleting the original files.
- Deletes user documents, multimedia objects or any other files containing important information.
- Corrupts the entire system or installed software by deleting essential system components or important parts of installed software.
- Steals login names, passwords, valuable personal documents, identity data and other user sensitive information.
- Sends all gathered data to a predefined e-mail address, uploads it to a predetermined FTP server or transfers it through a background Internet connection to a remote host.
- Freezes the system making it complete unusable.
- Discloses user identity or any other confidential information without user knowledge and consent.
- Rapidly terminates active antivirus, anti-spyware and security-related software processes, disables essential system services and prevents standard system tools from running.
- Degrades overall system performance, decreases system security and causes software instability. Some parasites are badly programmed, they waste too much computer resources and conflict with installed applications.
- Provides no uninstall feature, hides processes, files and other objects in order to complicate its removal as much as possible.
- Demands to pay the ransom.

RANSOMWARE EXAMPLES

Ransomware parasites are not widely spread threats and all have practically identical functionality. The following examples illustrate typical nuker behavior.

Ransom is a trojan that threatens to delete important files until the user pays the ransom. Once executed, the parasite installs itself to the system, displays some pornographic images and shows a message threatening to delete one file related to installed software or containing user sensitive information every 30 minutes, until the ransom ($10.99) is fully paid. The trojan explains what it does and demands to transfer the money to the hacker's account. After the user transfers the money, he or she receives a specific number, which allows to uninstall the parasite. Ransom is able to prevent its removal. It launches multiple processes and displays messages when the user tries to terminate the trojan.

Archiveus is a typical ransomware trojan that encrypts user documents in the My Documents folder, and protects encrypted files with a password. The parasite deletes original files and leaves only encrypted archives. If the user opens such an archive, Archiveus displays a message asking the user to enter the password, which can be obtained after paying the ransom by purchasing pharmacy online.

CONSEQUENCES OF RANSOMWARE INFECTION

Typical ransomware parasites are very dangerous. Although they usually do not self-replicate and even inform the user about what they are doing, such threats can make all your vital information inaccessible, steal your valuable data and destroy the entire system, if you will not pay up.

Nevertheless, it is highly not recommended to pay ransomware makers for removing their parasites and restoring your information and the system. In most cases you will not receive any passwords, special codes or utilities for removing the infection and restoring your data. The attacker simply will not give them to you, as he has already got what he needed - your money.

Even if the attacker will help you to remove the parasite and restore your data, he still might have your information, which can be used for malicious purposes. This information could be retrieved with the help of installed ransomware pests.

HOW TO REMOVE RANSOMWARE?

In case of the ransomware infection, do not pay up immediately! Also do not believe in messages stating that the parasite, your system is infected with, is virtually impossible to get rid of, and encrypted, deleted or stolen data cannot be restored without the help from the ransomware author. Usually, such statements are deceptive. Ransomware makers use simple ways to make your data inaccessible. Most antivirus and anti-spyware companies successfully analyze ransomware and find working solutions to remove it and restore victim files, etc. Wait until security software companies will release the updates and then give your system a thorough scan. Most antiviruses and advanced anti-spyware programs will remove the infection, restore your system, your files and important information.

As it was said above, most ransomware parasites are usually trojans, and therefore can be found and removed with the help of effective antivirus products like Symantec Norton AntiVirus, Kaspersky Anti-Virus, Eset NOD32 Antivirus, McAfee VirusScan, eTrust EZ Antivirus, Panda Titanium Antivirus, AVG Anti-Virus. Some advanced spyware removers, which are able to scan the system in a similar way antivirus software does and have extensive parasite signature databases can also detect and remove ransomware and related malicious components. Powerful anti-spyware solutions such as SpyHunter, Spyware Doctor, Spy Sweeper, Ad-Aware SE or eTrust PestPatrol are known for quite fair trojan and ransomware detection and removal capabilities.

Additional resources related to Ransomware:

Attention: If you know or you have a website or page about Ransomware removal, feel free to add a link to this list: add url



more resources
Like us on Facebook
News
Subscribe
Ask us
Parasites
Tags
Files
What's your antispyware?
Compare
add text box
rss feed
help other
Spreading the knowledge: It is very hard to fight against computer parasites on the Internet alone. If you have a website, we would be more than happy if you would like to cooperate and help us spread the information about latest threats. Remember, knowledge is the most powerful weapon. Help your visitors protect their computers!