Troj/Ransom-HC
Threat Scorecard
EnigmaSoft Threat Scorecard
EnigmaSoft Threat Scorecards are assessment reports for different malware threats which have been collected and analyzed by our research team. EnigmaSoft Threat Scorecards evaluate and rank threats using several metrics including real-world and potential risk factors, trends, frequency, prevalence, and persistence. EnigmaSoft Threat Scorecards are updated regularly based on our research data and metrics and are useful for a wide range of computer users, from end users seeking solutions to remove malware from their systems to security experts analyzing threats.
EnigmaSoft Threat Scorecards display a variety of useful information, including:
Ranking: The ranking of a particular threat in EnigmaSoft’s Threat Database.
Severity Level: The determined severity level of an object, represented numerically, based on our risk modeling process and research, as explained in our Threat Assessment Criteria.
Infected Computers: The number of confirmed and suspected cases of a particular threat detected on infected computers as reported by SpyHunter.
See also Threat Assessment Criteria.
| Threat Level: | 90 % (High) |
| Infected Computers: | 25 |
| First Seen: | July 5, 2012 |
| Last Seen: | April 26, 2022 |
| OS(es) Affected: | Windows |
Troj/Ransom-HC is a ransomware infection that will demand an exorbitant ransom of three thousand Euros! Basically, Troj/Ransom-HC will claim that the victim's computer's contents were encrypted and will give the victim 96 hours to unlock the infected system. Troj/Ransom-HC displays a message telling the victim to send an ID number to one of two email addresses on Live or Gmail. If the ransom is not paid, the Troj/Ransom-HC message claims that it will contact law enforcement in order to report supposed child pornography data on the infected computer system. The Troj/Ransom-HC message is written with poor grammar and spelling, betraying the fact that Troj/Ransom-HC has no way of being associated with a real law enforcement agency.
First detected in July of 2012, the Troj/Ransom-HC ransomware infection quickly gained the attention of PC security researchers due to the outrageous scope of its demands – most ransomware infections will demand payment of a couple hundred of dollars at the most, so a three thousand Euro ransom is nearly unheard of. Detected as Troj/Ransom-HC, it belongs to a category of malware that blocks access to the infected computer system and displays a harassing, threatening message demanding the payment of a ransom. Inexperienced computer users, who are less likely to have a back up for their data, can become extremely alarmed at the appearance of this threatening message, and may give in to this scam. Even if computer users do not fall for Troj/Ransom-HC's claims of contacting the police, the loss of essential files can be enough of an incentive for paying the required three thousand Euros.
Troj/Ransom-HC uses the following threatening message in broken English:
Your files has been descryptes using 256-bit Advanced Encryption Standart. To decrypt your files send us email with your ID to our special email: [REDACTED] or [REDACTED]
Because your computer has been hacked or someone spamming from your computer. You must pay a penalty within 96 hours otherwise we will send report to the Police with special password to decrypt some files wich contains spam software and child pornography files. (this special password is only for this files, not for all your files. Password for all your files we will send you only after payment). If first 48 hours will be ended you must pay 3000 Euro.
Enter password for the encrypted file: ______________
Do Not Become a Victim of Troj/Ransom-HC
ESG security researchers strongly advise against paying Troj/Ransom-HC's ransom. There are simply no guarantees that paying the three thousand Euro will do anything to remove this malicious ransomware message or that the criminals behind this threat will not raise the ransom again. The fact that Troj/Ransom-HC also has absolutely no connection to law enforcement means that there is no deadline for removing this threat. Instead, ESG malware researchers recommend using a reliable anti-malware program to scan your computer system, starting Windows up from an independent source such as an external drive or shared network drive.
Submit Comment
Please DO NOT use this comment system for support or billing questions. For SpyHunter technical support requests, please contact our technical support team directly by opening a customer support ticket via your SpyHunter. For billing issues, please refer to our "Billing Questions or Problems?" page. For general inquiries (complaints, legal, press, marketing, copyright), visit our "Inquiries and Feedback" page.