How to remove Horsia Ransomware and recover .horsia@airmail.cc files

Horsia is a cryptovirus that belongs to the group of Scarab Ransomware family. After infiltration, it starts to encrypt all sensitive files on victim’s computer and then demands a ransom. All found files are encrypted with AES-256 cipher getting .horsia@airmail.cc extension. For example, “mydoc.doc” will turn into “mydoc.doc.horsia@airmail.cc”. At the end of encryption procedure, the virus creates TXT file (“HOW TO RECOVER ENCRYPTED FILES.TXT”) placing it in each folder as well as replaces your desktop wallpaper with a new one.

Learn More

How to remove HPE iLO Ransomware and recover your files

HPE iLO is a new ransomware-type virus that encrypts data on server systems HPE iLO 4. Notably, the distribution method is very different from many similar viruses. To get into victims’ computers, cybercriminals exploit remote control system (HPE Integrated Lights-Out). After this, they mount malicious ISO image into computers, by opening which, the encryption process is activated.

Learn More

How to remove STOP Ransomware and recover .STOP, .SUSPENDED, .WAITING files

STOP is the name of the virus that encodes files on the infected computer thus making them unavailable for users. Combination of AES and RSA-1024 encryption algorithms are used for this purpose. During encryption, it appends STOP (or .SUSPENDED, .WAITING) extension to all infected files and creates TXT file (!!!YourDataRestore!!!.txt) that contains ransom-demanding message.

Learn More

How to remove Spartacus Ransomware and recover .Spartacus files

Spartacus is a cryptovirus that demands a ransom in exchange for your files. The malware spreads mostly via spam emails with attached SF.exe file and if you accidentally launch executable file, virus will start to infect your system. It scans your system to find more sensitive files like documents, photos, videos and so on. All sensitive files is encoded and gets .Spartacus or [MastersRecovery@protonmail.com].Spartacus extension, for instance, “mydoc.doc” will turn into “mydoc.doc.Spartacus”.

Learn More

How to remove Tron Ransomware and recover .tron files

Tron is a virus that instantly encrypts files once it gets on victim’s computer. Notably, the malware only targets computers outside Russia, suggesting that Tron is yet another offspring of Russian hackers. During the encryption procedure, each infected file gets .tron extension, for instance, “mydoc.doc” will turn into “mydoc.doc.tron”. Then, it displays a lock screen containing information about the amount of ransom.

Learn More

How to remove Java NotDharma Ransomware and recover .java files

Java NotDharma is a cryptovirus, the activity of which took place at the mid-April 2018. The malware got its name due to the similarity to infamous Dharma Ransomware, incidentally, many computer experts initially thought it’s just a new version of Dharma, however, this was not confirmed later. While encrypting, virus adds .java extension to all infected files. For example, “mydoc.doc” will turn into “mydoc.doc.java”.

Learn More