Ransomware is a type of malicious computer software that threatens the user to take some destructive or harmful actions. Ransomware demands the victim to pay up in order to stop it from running a payload or restore modified or stolen information. Typical parasites are usually trojans, malicious computer programs, which are disguised as harmless applications. Such pests get secretly installed to the system.

A typical payload of ransomware parasites is encrypting files containing important, vital data, deleting user sensitive information, corrupting the system or installed software, stealing confidential documents, user identity details, etc.

First of all, most ransomware parasites run a payload. Then they ask the user to pay the ransom in order to restore lost data or bring the system or installed software to its initial state. If the user pays up, he or she receives certain passwords, codes, special instructions or utilities that allow restoring the information or the system. In some cases, ransomware parasites make this automatically. However, one can never know whether the author of the parasite is actually going to remove the threat or just take user money. Navigate to ransomware parasites.

Newest Ransomware

Please complete a quick survey to continue removal instructions

March 24th, 2015. 'Please complete a quick survey to continue' is annoying message, which blocks the whole PC system and replaces computer's screen with the fake alert asking to complete a quick survey in order to remove it from the screen. However, you have to remove this ransomware from your computer in order... More...

Delete VirLock virus

March 24th, 2015. What is VirLock virus? VirLock virus is a serious ransomware, which acts just like Your Computer Was Automatically Blocked virus , Cryptowall virus ,  Cryptolocker , BitCrypt ,  Critroni ,  Cryptorbit , etc. As its name suggests, this virus can easily lock the entire PC... More...

Delete [email protected]

March 24th, 2015. What [email protected]? Despite the look of an email name, [email protected] is yet another ransomware that may force you to say goodbye for all the photos, documents, videos and other personal files that are placed on your computer. It seems to be a new version of Crypto-ransomware. Similarly to... More...


Total Ransomware parasites in our DB: 326

# | A | B | C | D | E | F | G | H | I | J | K | L | M | N | O | P | Q | R | S | T | U | V | W | X | Y | Z

  • Smart HDD September 24th, 2013 | 2 Comments
    Smart HDD is a rogue optimization and defragmentation program. It reports false information about hard drive e...

  • 'Policijos Departamentas Prie Vidaus Reikalų Ministerijos' virus April 16th, 2014 | No Comments
    'Policijos Departamentas Prie Vidaus Reikalų Ministerijos' virus (also known as 'Policijos Departamentas Prie...

  • 'Stop Online Piracy Automatic Protection System' October 9th, 2012 | 1 Comments
    'Stop Online Piracy Automatic Protection System' is a forged message, which should be ignored because it has n...

  • 'You steal music I lock your PC' virus September 24th, 2013 | No Comments
    'You steal music I lock your PC' virus is a dangerous ransomware, which blocks down the system as soon as it i...

  • 'Your Computer is Inactive - System Cleaner is in Progress' October 16th, 2012 | No Comments
    'Your Computer is Inactive -System Cleaner is in Progress' is a fake alert that belongs to ransomware category...

  • Abu Dhabi Police GHQ virus April 22nd, 2013 | 2 Comments
    Abu Dhabi Police GHQ virus is a dangerous ransomware threat, which should never be trusted and left on your co...

  • ACCDFISA Protection Program December 11th, 2012 | No Comments
    ACCDFISA Protection Program is a ransomware that locks your computer screen and pretends to encrypt your files...

  • AFP virus September 24th, 2013 | 2 Comments
    AFP virus is a ransomware infection, which can also be called as Australian Federal Police virus. If you have ...

  • Agencia Federal de Investigación virus September 24th, 2013 | No Comments
    Agencia Federal de Investigación virus (can also be called as Secretaría de Seguridad Púb...

  • AKM virus September 24th, 2013 | No Comments
    AKM virus (also called as AKM Ihr Computer ist Gesperrt virus or Autoren Komponisten Musikverleger virus) ...

  • All activities of this computer have been recorded October 30th, 2013 | No Comments
    'All activities of this computer have been recorded' is a fake alert that should never be trusted. No matter t...

  • An Garda Siochana virus October 23rd, 2014 | 9 Comments
    ‘An Garda Siochana' is the latest variant of Police virus that pretends to be sent by Ireland&rsquo...

  • Anonymous Ukash Virus November 7th, 2012 | No Comments
    Anonymous Ukash Virus is a ransomware threat, which belongs to a huge group of viruses that all share identica...

  • ANSSI virus July 6th, 2013 | No Comments
    ANSSI virus is a dangerous ransomware that should be avoided. If you want to feel safe, you should always make...

  • Antivirus XP Hard Disk Repair v9 January 23rd, 2012 | 1 Comments
    Antivirus XP Hard Disk Repair v9 is a ransom Trojan that pretends to be legitimate antivirus software. It stat...

  • Archiveus May 7th, 2006 | No Comments
    Archiveus is a typical ransomware trojan that encrypts user documents in the My Documents folder, and protects...

  • Arestocrat virus September 24th, 2013 | No Comments
    Arestocrat virus is a dangerous ransomware, which attacks poorly protected computers and locks them down after...

  • Arma dei Carabinieri virus August 12th, 2013 | No Comments
    Arma dei Carabinieri virus is a dangerous ransomware, which can easily infiltrate those computers that belong ...

  • Association Canadienne des Policiers virus November 15th, 2012 | No Comments
    Association Canadienne des Policiers virus is a ransomware infection, which belongs to Ukash group of viruses....

  • Asterope Locker virus September 17th, 2014 | No Comments
    What is Asterope Locker virus? Asterope Locker virus is a dangerous ransomware, which is used for s...

1 | | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11 | 12 | 13 | 14 | 15 | 16 | 17 | NEXT


Several ransomware parasites are able to propagate themselves and infect the system without user knowledge. Others must be manually installed as any other software with or without user explicit consent. There are three major ways unsolicited parasites can get into the system.

1. Most ransomware parasites get installed by other threats like worms or trojans. They get into the system without user knowledge and consent and affect everyone who uses a compromised computer. Some threats can be manually installed by malicious computer users who have sufficient privileges for the software installation.

2. Many ransomware pests are distributed by e-mail and through file sharing networks. They arrive in files attached to e-mail messages, come embedded into letters or get downloaded using peer-to-peer applications. These risks have unsuspicious names, and therefore can trick a user into opening or executing them. Once the user opens such letter or file, the ransomware parasite silently installs itself to the system.

3. Some trojans that install ransomware parasites infect certain system and software files. The user may receive such files from trusted sources. Once such a file is executed, a trojan quietly installs itself to the system and drops a ransomware threat.

Ransomware affects mostly computers running Microsoft Windows operating system. Less prevalent threats are created to work on other popular platforms.


- Encrypts user sensitive documents, multimedia objects or any other files containing important information. Leaves only encrypted data, usually deleting the original files.
- Deletes user documents, multimedia objects or any other files containing important information.
- Corrupts the entire system or installed software by deleting essential system components or important parts of installed software.
- Steals login names, passwords, valuable personal documents, identity data and other user sensitive information.
- Sends all gathered data to a predefined e-mail address, uploads it to a predetermined FTP server or transfers it through a background Internet connection to a remote host.
- Freezes the system making it complete unusable.
- Discloses user identity or any other confidential information without user knowledge and consent.
- Rapidly terminates active antivirus, anti-spyware and security-related software processes, disables essential system services and prevents standard system tools from running.
- Degrades overall system performance, decreases system security and causes software instability. Some parasites are badly programmed, they waste too much computer resources and conflict with installed applications.
- Provides no uninstall feature, hides processes, files and other objects in order to complicate its removal as much as possible.
- Demands to pay the ransom.


Ransomware parasites are not widely spread threats and all have practically identical functionality. The following examples illustrate typical nuker behavior.

Ransom is a trojan that threatens to delete important files until the user pays the ransom. Once executed, the parasite installs itself to the system, displays some pornographic images and shows a message threatening to delete one file related to installed software or containing user sensitive information every 30 minutes, until the ransom ($10.99) is fully paid. The trojan explains what it does and demands to transfer the money to the hacker's account. After the user transfers the money, he or she receives a specific number, which allows to uninstall the parasite. Ransom is able to prevent its removal. It launches multiple processes and displays messages when the user tries to terminate the trojan.

Archiveus is a typical ransomware trojan that encrypts user documents in the My Documents folder, and protects encrypted files with a password. The parasite deletes original files and leaves only encrypted archives. If the user opens such an archive, Archiveus displays a message asking the user to enter the password, which can be obtained after paying the ransom by purchasing pharmacy online.


Typical ransomware parasites are very dangerous. Although they usually do not self-replicate and even inform the user about what they are doing, such threats can make all your vital information inaccessible, steal your valuable data and destroy the entire system, if you will not pay up.

Nevertheless, it is highly not recommended to pay ransomware makers for removing their parasites and restoring your information and the system. In most cases you will not receive any passwords, special codes or utilities for removing the infection and restoring your data. The attacker simply will not give them to you, as he has already got what he needed - your money.

Even if the attacker will help you to remove the parasite and restore your data, he still might have your information, which can be used for malicious purposes. This information could be retrieved with the help of installed ransomware pests.


In case of the ransomware infection, do not pay up immediately! Also do not believe in messages stating that the parasite, your system is infected with, is virtually impossible to get rid of, and encrypted, deleted or stolen data cannot be restored without the help from the ransomware author. Usually, such statements are deceptive. Ransomware makers use simple ways to make your data inaccessible. Most antivirus and anti-spyware companies successfully analyze ransomware and find working solutions to remove it and restore victim files, etc. Wait until security software companies will release the updates and then give your system a thorough scan. Most antiviruses and advanced anti-spyware programs will remove the infection, restore your system, your files and important information.

As it was said above, most ransomware parasites are usually trojans, and therefore can be found and removed with the help of effective antivirus products like Symantec Norton AntiVirus, Kaspersky Anti-Virus, Eset NOD32 Antivirus, McAfee VirusScan, eTrust EZ Antivirus, Panda Titanium Antivirus, AVG Anti-Virus. Some advanced spyware removers, which are able to scan the system in a similar way antivirus software does and have extensive parasite signature databases can also detect and remove ransomware and related malicious components. Powerful anti-spyware solutions such as SpyHunter, Spyware Doctor, Spy Sweeper, Ad-Aware SE or eTrust PestPatrol are known for quite fair trojan and ransomware detection and removal capabilities.

Additional resources related to Ransomware:

Attention: If you know or you have a website or page about Ransomware removal, feel free to add a link to this list: add url

more resources
Like us on Facebook
Recent Malware
Ask us
What's your antispyware?
Top rated software
add text box
rss feed
help other
Spreading the knowledge: It is very hard to fight against computer parasites on the Internet alone. If you have a website, we would be more than happy if you would like to cooperate and help us spread the information about latest threats. Remember, knowledge is the most powerful weapon. Help your visitors protect their computers!