Trojan.Ransom.HM
Posted: April 13, 2012
Threat Metric
The following fields listed on the Threat Meter containing a specific value, are explained in detail below:
Threat Level: The threat level scale goes from 1 to 10 where 10 is the highest level of severity and 1 is the lowest level of severity. Each specific level is relative to the threat's consistent assessed behaviors collected from SpyHunter's risk assessment model.
Detection Count: The collective number of confirmed and suspected cases of a particular malware threat. The detection count is calculated from infected PCs retrieved from diagnostic and scan log reports generated by SpyHunter.
Volume Count: Similar to the detection count, the Volume Count is specifically based on the number of confirmed and suspected threats infecting systems on a daily basis. High volume counts usually represent a popular threat but may or may not have infected a large number of systems. High detection count threats could lay dormant and have a low volume count. Criteria for Volume Count is relative to a daily detection count.
Trend Path: The Trend Path, utilizing an up arrow, down arrow or equal symbol, represents the level of recent movement of a particular threat. Up arrows represent an increase, down arrows represent a decline and the equal symbol represent no change to a threat's recent movement.
% Impact (Last 7 Days): This demonstrates a 7-day period change in the frequency of a malware threat infecting PCs. The percentage impact correlates directly to the current Trend Path to determine a rise or decline in the percentage.
Ranking: | 14,633 |
---|---|
Threat Level: | 5/10 |
Infected PCs: | 375 |
First Seen: | April 13, 2012 |
---|---|
Last Seen: | October 14, 2023 |
OS(es) Affected: | Windows |
Trojan.Ransom.HM is a ransomware Trojan that's distributed through the same channels that also distribute popular and illegal media files, such as torrent networks. Like many ransomware Trojans, Trojan.Ransom.HM will claim that all of your computer's files have been encrypted (encoded to make using them impossible) and insists that you pay a fee to unlock a decryption code to regain your music, documents, etc. Unlike most Trojans of its type, however, Trojan.Ransom.HM actually follows through on its encryption threat. However, SpywareRemove.com malware researchers strongly advise you to hold tight onto your money, since various PC security companies are already at work on cracking Trojan.Ransom.HM's simplistic encryption technique. Regardless of what happens to your files, anti-malware software should be used to remove Trojan.Ransom.HM and insure that your PC is disinfected with a bare minimum of long term damage.
Trojan.Ransom.HM: the Anti-Translator That Turns Your Files into Gibberish
While most ransomware Trojans are designed by hackers that aren't interested in the coding effort that's required to follow through on their accompanying threats, Trojan.Ransom.HM has a fully-functional payload that includes an encryption attack against commonly-used file types. Files that are affected by Trojan.Ransom.HM's attack include shortcuts, movies, music, text, .pdf and .html files. In addition to being made effectively unusable due to the encryption, Trojan.Ransom.HM-afflicted files will also display a pink icon and have the tag '.EnCiPhErEd' appended to their names. A pop-up by Trojan.Ransom.HM will explain the situation as well as encourage you to purchase a code that supposedly will reverse the encryption attack.
At the time of this writing, there isn't a freely-available decryption method for Trojan.Ransom.HM's attack. However, SpywareRemove.com malware research team advises patience over giving Trojan.Ransom.HM's hacker partners your money, since the encryption method is being analyzed by multiple PC security companies and is known to be relatively primitive and, thus, easily crackable. Trojan.Ransom.HM's pop-up message will also state that Trojan.Ransom.HM has caught your PC being used for illegal downloading activities, but it should be stressed that Trojan.Ransom.HM's message is an automated one that isn't indicative of actual crimes that your machine may or may not have been used to commit. A Trojan.Ransom.HM pop-up is identifiable by the following text:
How to Keep Your Program Files Free of the Pink of a Trojan.Ransom.HM Assault
Since even removing Trojan.Ransom.HM with appropriate anti-malware products will not reverse Trojan.Ransom.HM's file encryption, SpywareRemove.com malware experts noticed that using both good security software and basic safety practices you can avoid a Trojan.Ransom.HM infection in the first place. Trojan.Ransom.HM is known to be distributed throughout the same networks that also carry illegal media files (which Trojan.Ransom.HM conveniently accuses you of downloading) and is likely to be mislabeled or bundled with other applications.
Since Trojan.Ransom.HM is still a recent PC threat, keeping your anti-malware programs updated with respect to their threat databases is an important part of identifying Trojan.Ransom.HM before Trojan.Ransom.HM can install itself. SpywareRemove.com malware researchers endorse keeping your anti-malware products on a self-updating status whenever possible, since this will minimize the risk of a successful Trojan.Ransom.HM infection without any added trouble on your part.
Technical Details
Additional Information
# | Message |
---|---|
1 | 'Attention! All your files are encrypted! |
2 | During the day you receive the answer with the code. |
3 | To restore your files and access them, send code Ukash or Paysafecard nominal value of EUR 50 to the e-mail Koeserg@gmail.com. |
4 | You are using unlicensed programms! |
5 | You have 5 attempts to enter the code. If you exceed this date all data is irretrievably spoiled. Be careful when you enter the code!' |
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.