Microsoft Defender Antivirus detects and removes this threat. This ransomware can stop you from using your PC or accessing your data. It might ask you to pay money to malicious hacker.

We have seen this threat distributed by exploit kits (Neutrino, Axpergle, and Exploit:Win32/CVE-2016-0034), and through URLs embedded in spam emails that points to malicious macro downloaders.

Our ransomware FAQ page has more information on this type of threat.

The trend towards increasingly sophisticated malware behavior, highlighted by the use of exploits and other attack vectors, makes older platforms so much more susceptible to ransomware attacks. From June to November 2017, Windows 7 devices were 3.4 times more likely to encounter ransomware compared to Windows 10 devices.

Read our latest report: A worthy upgrade: Next-gen security on Windows 10 proves resilient against ransomware outbreaks in 2017.

Windows Defender detects and removes this threat.

The threat renames and encrypts some files on your PC. It might ask you to pay money to a malicious hacker.

Our ransomware FAQ page has more information on this type of threat.

Read our latest report: Ransomware 1H 2017 review: Global outbreaks reinforce the value of security hygiene.

Microsoft Defender Antivirus detects and removes this threat. 

This ransomware can stop you from using your PC or accessing your data. It encrypts target files and adds the file name extension .kk. 

After encrypting files, it leaves a ransom note, which contains instructions to pay a "ransom" in the form of Bitcoins. It then runs a batch file to delete itself from the computer.

This ransomware may be downloaded from the web by Trojan downloaders, such as TrojanDownloader:JS/Telicodeq.A.

Our ransomware FAQ page has more information on this type of threat.

The trend towards increasingly sophisticated malware behavior, highlighted by the use of exploits and other attack vectors, makes older platforms so much more susceptible to ransomware attacks. From June to November 2017, Windows 7 devices were 3.4 times more likely to encounter ransomware compared to Windows 10 devices.

Read our latest report: A worthy upgrade: Next-gen security on Windows 10 proves resilient against ransomware outbreaks in 2017.

Windows Defender AV detects and removes this threat.

This ransomware can stop you from using your PC or accessing your data. It might ask you to pay money to a malicious hacker.

Our ransomware FAQ page has more information on this type of threat.

The trend towards increasingly sophisticated malware behavior, highlighted by the use of exploits and other attack vectors, makes older platforms so much more susceptible to ransomware attacks. From June to November 2017, Windows 7 devices were 3.4 times more likely to encounter ransomware compared to Windows 10 devices.

Read our latest report: A worthy upgrade: Next-gen security on Windows 10 proves resilient against ransomware outbreaks in 2017.

It is distributed as a spam file attachment that tries to trick you into downloading and opening it.

You can read more on our ransomware page.

Windows Defender detects and removes this threat.

This threat shows a full-screen message preventing you from accessing your desktop. The message tells you to pay a ransom to regain access to your PC. This type of threat is called ransomware.

It can be installed by other malware, such as Backdoor:Win32/Bedep.

You can read more about this type of malware our ransomware page.

Find out ways that malware can get on your PC.  

Windows Defender detects and removes this threat.

This ransomware can stop you from using your PC or accessing your data. It might ask you to pay money to a malicious hacker.

See the Win32/Tescrypt ransomware family description for more information.

As of April 2015, we have observed an increase in Tescrypt activity as it gets dropped by a few exploit kits such as Exploit:SWF/Axpergle (Angler), Exploit:JS/Neclu (Nuclear), JS/Fiexp (Fiesta), and JS/Anogre (Sweet Orange).

Our ransomware page has more information on this type of threat.

Windows Defender detects and removes this threat.

This ransomware locks your PC and shows a full-screen message, commonly called a "lock screen".

It tries to convince you to pay a fine by claiming your PC has been used for illegal activities without your knowledge. The message is a fraud.

This threat is a malicious program that is unable to spread of its own accord. It may perform a number of actions of an attacker's choice on an affected computer.