Ransomware is a type of malicious computer software that threatens the user to take some destructive or harmful actions. Ransomware demands the victim to pay up in order to stop it from running a payload or restore modified or stolen information. Typical parasites are usually trojans, malicious computer programs, which are disguised as harmless applications. Such pests get secretly installed to the system.

A typical payload of ransomware parasites is encrypting files containing important, vital data, deleting user sensitive information, corrupting the system or installed software, stealing confidential documents, user identity details, etc.

First of all, most ransomware parasites run a payload. Then they ask the user to pay the ransom in order to restore lost data or bring the system or installed software to its initial state. If the user pays up, he or she receives certain passwords, codes, special instructions or utilities that allow restoring the information or the system. In some cases, ransomware parasites make this automatically. However, one can never know whether the author of the parasite is actually going to remove the threat or just take user money. Navigate to ransomware parasites.

Newest Ransomware

RaaS virus removal steps

July 30th, 2015. What is RaaS? Security experts wart about a newly released ransomware called RaaS, which seems to be the offspring of Tox . To be more precise, RaaS is an encryption tool or ransomware creation tool, which allows to design ransomwares in just a few steps. For that, cyber criminals have to... More...

Delete Police virus

July 24th, 2015. Police virus has been aggressively spreading around and actively infecting computer users since the end of 2011. If you have also been attacked by this dangerous infection, you will definitely know how malicious this virus is: it not only displays a large alert, which pretends to be from a... More...

Removal of FileCoder virus

July 16th, 2015. What is FileCoder? FileCoder (can also be found as Win32/Filecoder.EM, Win32/Filecoder.Q, Win32/Filecoder.AA, Win32/Filecoder.W) is a term, which has been used when discussing about malicious programs that are categorized as 'ransomwares'. If you can't open your photos and... More...


Total Ransomware parasites in our DB: 346

# | A | B | C | D | E | F | G | H | I | J | K | L | M | N | O | P | Q | R | S | T | U | V | W | X | Y | Z

  • Smart HDD September 24th, 2013 | 2 Comments
    Smart HDD is a rogue optimization and defragmentation program. It reports false information about hard drive e...

  • 'Policijos Departamentas Prie Vidaus Reikalų Ministerijos' virus April 16th, 2014 | No Comments
    'Policijos Departamentas Prie Vidaus Reikalų Ministerijos' virus (also known as 'Policijos Departamentas Prie...

  • 'Stop Online Piracy Automatic Protection System' October 9th, 2012 | 1 Comments
    'Stop Online Piracy Automatic Protection System' is a forged message, which should be ignored because it has n...

  • 'You steal music I lock your PC' virus September 24th, 2013 | No Comments
    'You steal music I lock your PC' virus is a dangerous ransomware, which blocks down the system as soon as it i...

  • 'Your Computer is Inactive - System Cleaner is in Progress' October 16th, 2012 | No Comments
    'Your Computer is Inactive -System Cleaner is in Progress' is a fake alert that belongs to ransomware category...

  • ABOUT FILES! Ransomware June 19th, 2015 | No Comments
    What 'ABOUT FILES!'? 'ABOUT FILES!' is a serious notification that may show up on your computer's screen out ...

  • Abu Dhabi Police GHQ virus April 22nd, 2013 | 2 Comments
    Abu Dhabi Police GHQ virus is a dangerous ransomware threat, which should never be trusted and left on your co...

  • ACCDFISA Protection Program December 11th, 2012 | No Comments
    ACCDFISA Protection Program is a ransomware that locks your computer screen and pretends to encrypt your files...

  • AFP virus September 24th, 2013 | 2 Comments
    AFP virus is a ransomware infection, which can also be called as Australian Federal Police virus. If you have ...

  • Agencia Federal de Investigación virus September 24th, 2013 | No Comments
    Agencia Federal de Investigación virus (can also be called as Secretaría de Seguridad Púb...

  • Ai88 ransomware May 26th, 2015 | No Comments
    What is Ai88? Ai88 is a serious computer threat, which can be attributed to the 'ransomware' category. If you...

  • AKM virus September 24th, 2013 | No Comments
    AKM virus (also called as AKM Ihr Computer ist Gesperrt virus or Autoren Komponisten Musikverleger virus) ...

  • All activities of this computer have been recorded October 30th, 2013 | No Comments
    'All activities of this computer have been recorded' is a fake alert that should never be trusted. No matter t...

  • Alpha Crypt virus May 4th, 2015 | No Comments
    What is Alpha Crypt? Alpha Crypt is a serious virus, which should also be categorized as ransomware. Wha...

  • An Garda Siochana virus October 23rd, 2014 | 9 Comments
    ‘An Garda Siochana' is the latest variant of Police virus that pretends to be sent by Ireland&rsquo...

  • Anonymous Ukash Virus November 7th, 2012 | No Comments
    Anonymous Ukash Virus is a ransomware threat, which belongs to a huge group of viruses that all share identica...

  • ANSSI virus July 6th, 2013 | No Comments
    ANSSI virus is a dangerous ransomware that should be avoided. If you want to feel safe, you should always make...

  • Antivirus XP Hard Disk Repair v9 January 23rd, 2012 | 1 Comments
    Antivirus XP Hard Disk Repair v9 is a ransom Trojan that pretends to be legitimate antivirus software. It stat...

  • Archiveus May 7th, 2006 | No Comments
    Archiveus is a typical ransomware trojan that encrypts user documents in the My Documents folder, and protects...

  • Arestocrat virus September 24th, 2013 | No Comments
    Arestocrat virus is a dangerous ransomware, which attacks poorly protected computers and locks them down after...

1 | | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11 | 12 | 13 | 14 | 15 | 16 | 17 | 18 | NEXT


Several ransomware parasites are able to propagate themselves and infect the system without user knowledge. Others must be manually installed as any other software with or without user explicit consent. There are three major ways unsolicited parasites can get into the system.

1. Most ransomware parasites get installed by other threats like worms or trojans. They get into the system without user knowledge and consent and affect everyone who uses a compromised computer. Some threats can be manually installed by malicious computer users who have sufficient privileges for the software installation.

2. Many ransomware pests are distributed by e-mail and through file sharing networks. They arrive in files attached to e-mail messages, come embedded into letters or get downloaded using peer-to-peer applications. These risks have unsuspicious names, and therefore can trick a user into opening or executing them. Once the user opens such letter or file, the ransomware parasite silently installs itself to the system.

3. Some trojans that install ransomware parasites infect certain system and software files. The user may receive such files from trusted sources. Once such a file is executed, a trojan quietly installs itself to the system and drops a ransomware threat.

Ransomware affects mostly computers running Microsoft Windows operating system. Less prevalent threats are created to work on other popular platforms.


- Encrypts user sensitive documents, multimedia objects or any other files containing important information. Leaves only encrypted data, usually deleting the original files.
- Deletes user documents, multimedia objects or any other files containing important information.
- Corrupts the entire system or installed software by deleting essential system components or important parts of installed software.
- Steals login names, passwords, valuable personal documents, identity data and other user sensitive information.
- Sends all gathered data to a predefined e-mail address, uploads it to a predetermined FTP server or transfers it through a background Internet connection to a remote host.
- Freezes the system making it complete unusable.
- Discloses user identity or any other confidential information without user knowledge and consent.
- Rapidly terminates active antivirus, anti-spyware and security-related software processes, disables essential system services and prevents standard system tools from running.
- Degrades overall system performance, decreases system security and causes software instability. Some parasites are badly programmed, they waste too much computer resources and conflict with installed applications.
- Provides no uninstall feature, hides processes, files and other objects in order to complicate its removal as much as possible.
- Demands to pay the ransom.


Ransomware parasites are not widely spread threats and all have practically identical functionality. The following examples illustrate typical nuker behavior.

Ransom is a trojan that threatens to delete important files until the user pays the ransom. Once executed, the parasite installs itself to the system, displays some pornographic images and shows a message threatening to delete one file related to installed software or containing user sensitive information every 30 minutes, until the ransom ($10.99) is fully paid. The trojan explains what it does and demands to transfer the money to the hacker's account. After the user transfers the money, he or she receives a specific number, which allows to uninstall the parasite. Ransom is able to prevent its removal. It launches multiple processes and displays messages when the user tries to terminate the trojan.

Archiveus is a typical ransomware trojan that encrypts user documents in the My Documents folder, and protects encrypted files with a password. The parasite deletes original files and leaves only encrypted archives. If the user opens such an archive, Archiveus displays a message asking the user to enter the password, which can be obtained after paying the ransom by purchasing pharmacy online.


Typical ransomware parasites are very dangerous. Although they usually do not self-replicate and even inform the user about what they are doing, such threats can make all your vital information inaccessible, steal your valuable data and destroy the entire system, if you will not pay up.

Nevertheless, it is highly not recommended to pay ransomware makers for removing their parasites and restoring your information and the system. In most cases you will not receive any passwords, special codes or utilities for removing the infection and restoring your data. The attacker simply will not give them to you, as he has already got what he needed - your money.

Even if the attacker will help you to remove the parasite and restore your data, he still might have your information, which can be used for malicious purposes. This information could be retrieved with the help of installed ransomware pests.


In case of the ransomware infection, do not pay up immediately! Also do not believe in messages stating that the parasite, your system is infected with, is virtually impossible to get rid of, and encrypted, deleted or stolen data cannot be restored without the help from the ransomware author. Usually, such statements are deceptive. Ransomware makers use simple ways to make your data inaccessible. Most antivirus and anti-spyware companies successfully analyze ransomware and find working solutions to remove it and restore victim files, etc. Wait until security software companies will release the updates and then give your system a thorough scan. Most antiviruses and advanced anti-spyware programs will remove the infection, restore your system, your files and important information.

As it was said above, most ransomware parasites are usually trojans, and therefore can be found and removed with the help of effective antivirus products like Symantec Norton AntiVirus, Kaspersky Anti-Virus, Eset NOD32 Antivirus, McAfee VirusScan, eTrust EZ Antivirus, Panda Titanium Antivirus, AVG Anti-Virus. Some advanced spyware removers, which are able to scan the system in a similar way antivirus software does and have extensive parasite signature databases can also detect and remove ransomware and related malicious components. Powerful anti-spyware solutions such as SpyHunter, Spyware Doctor, Spy Sweeper, Ad-Aware SE or eTrust PestPatrol are known for quite fair trojan and ransomware detection and removal capabilities.

Additional resources related to Ransomware:

Attention: If you know or you have a website or page about Ransomware removal, feel free to add a link to this list: add url

more resources
Like us on Facebook
Recent Malware
Ask us
What's your antispyware?
Top rated software
add text box
rss feed
help other
Spreading the knowledge: It is very hard to fight against computer parasites on the Internet alone. If you have a website, we would be more than happy if you would like to cooperate and help us spread the information about latest threats. Remember, knowledge is the most powerful weapon. Help your visitors protect their computers!