Ransom:Win32/Critroni
Ransom:JS/Brolo.A
Microsoft security software detects and removes this family of threats.
This ransomware family can lock your web browser by showing you a message that asks you to pay a fine. The message can pretend to be from a law enforcement agency and tells you to pay money to unlock your browser.
They can also stop you from closing your web browser, using the address bar, or pressing any shortcut keys.
You can be infected with this threat when you visit or are redirected to a malicious website.
See the Ransom:JS/Brolo family description for more information.
Ransom:Win32/Ascrirac.A
Windows Defender detects and removes this threat.
This threat encrypts your files and displays a webpage that asks you to pay a fee to unlock them.
It tries to scare you into paying a fine to unlock your PC.
You can read more on our ransomware page.
Ransom:Win32/Genasom.BG
Microsoft Defender Antivirus detects and removes this threat.
This threat stops you from loading Windows and displays a full-screen message, commonly called a "lock screen". If this threat asks you to pay a fee or fine, do not pay it. The message is a fraud.
It tries to scare you into paying a fine or texting a premium-charge phone number to unlock your PC.
You can read more on our ransomware page.
The trend towards increasingly sophisticated malware behavior, highlighted by the use of exploits and other attack vectors, makes older platforms so much more susceptible to ransomware attacks. From June to November 2017, Windows 7 devices were 3.4 times more likely to encounter ransomware compared to Windows 10 devices.
Read our latest report: A worthy upgrade: Next-gen security on Windows 10 proves resilient against ransomware outbreaks in 2017.
Ransom:Win32/Genasom.BQ
Microsoft Defender Antivirus detects and removes this threat.
This threat stops you from opening your files and displays a message, commonly called a "lock screen".
It tries to scare you into paying a fine to unlock your PC.
You can read more on our ransomware page.
The trend towards increasingly sophisticated malware behavior, highlighted by the use of exploits and other attack vectors, makes older platforms so much more susceptible to ransomware attacks. From June to November 2017, Windows 7 devices were 3.4 times more likely to encounter ransomware compared to Windows 10 devices.
Read our latest report: A worthy upgrade: Next-gen security on Windows 10 proves resilient against ransomware outbreaks in 2017.
Ransom:Win32/Genasom.EI
Microsoft Defender Antivirus detects and removes this threat.
This threat stops you from loading Windows and displays a full-screen message, commonly called a "lock screen". If this threat asks you to pay a fee or fine, do not pay it. The message is a fraud.
It tries to scare you into paying a fine to unlock your PC.
You can read more on our ransomware page.
The trend towards increasingly sophisticated malware behavior, highlighted by the use of exploits and other attack vectors, makes older platforms so much more susceptible to ransomware attacks. From June to November 2017, Windows 7 devices were 3.4 times more likely to encounter ransomware compared to Windows 10 devices.
Read our latest report: A worthy upgrade: Next-gen security on Windows 10 proves resilient against ransomware outbreaks in 2017.
Ransom:Win32/Genasom.KD
Microsoft Defender Antivirus detects and removes this threat.
This threat stops you from loading Windows and displays a full-screen message, commonly called a "lock screen". If this threat asks you to pay a fee or fine, do not pay it. The message is a fraud.
It tries to scare you into paying a fine to unlock your PC.
Our ransomware FAQ page has more information on this type of threat.
The trend towards increasingly sophisticated malware behavior, highlighted by the use of exploits and other attack vectors, makes older platforms so much more susceptible to ransomware attacks. From June to November 2017, Windows 7 devices were 3.4 times more likely to encounter ransomware compared to Windows 10 devices.
Read our latest report: A worthy upgrade: Next-gen security on Windows 10 proves resilient against ransomware outbreaks in 2017.
Ransom:Win32/SyncCrypt.A
Microsoft Defender Antivirus detects and removes this threat.
This ransomware can stop you from using your PC or accessing your data. It encrypts target files and adds the file name extension .kk.
After encrypting files, it leaves a ransom note, which contains instructions to pay a "ransom" in the form of Bitcoins. It then runs a batch file to delete itself from the computer.
This ransomware may be downloaded from the web by Trojan downloaders, such as TrojanDownloader:JS/Telicodeq.A.
Our ransomware FAQ page has more information on this type of threat.
The trend towards increasingly sophisticated malware behavior, highlighted by the use of exploits and other attack vectors, makes older platforms so much more susceptible to ransomware attacks. From June to November 2017, Windows 7 devices were 3.4 times more likely to encounter ransomware compared to Windows 10 devices.
Read our latest report: A worthy upgrade: Next-gen security on Windows 10 proves resilient against ransomware outbreaks in 2017.
Ransom:Win32/Dereilock.A
Windows Defender AV detects and removes this threat.
This ransomware can stop you from using your PC or accessing your data. It might ask you to pay money to a malicious hacker.
Our ransomware FAQ page has more information on this type of threat.
The trend towards increasingly sophisticated malware behavior, highlighted by the use of exploits and other attack vectors, makes older platforms so much more susceptible to ransomware attacks. From June to November 2017, Windows 7 devices were 3.4 times more likely to encounter ransomware compared to Windows 10 devices.
Read our latest report: A worthy upgrade: Next-gen security on Windows 10 proves resilient against ransomware outbreaks in 2017.
Ransom:Win32/Reveton
Microsoft Defender Antivirus detects and removes this threat.
This threat locks your PC and displays a full-screen message, commonly called a "lock screen".
It pretends to be from the FBI or a national police force and tries to scare you into paying a fine to unlock your PC.
Typically, this threat gets on your PC when you visit a hacked webpage.
Our ransomware FAQ page has more information on this type of threat.
The trend towards increasingly sophisticated malware behavior, highlighted by the use of exploits and other attack vectors, makes older platforms so much more susceptible to ransomware attacks. From June to November 2017, Windows 7 devices were 3.4 times more likely to encounter ransomware compared to Windows 10 devices.
Read our latest report: A worthy upgrade: Next-gen security on Windows 10 proves resilient against ransomware outbreaks in 2017.
Ransom:JS/Krypterade.A
Windows Defender detects and removes this threat.
This ransomware locks your PC and shows a full-screen message, commonly called a "lock screen".
It tries to convince you to pay a fine by claiming your PC has been used for illegal activities without your knowledge. The message is a fraud.
Ransom:Win32/Tescrypt
Windows Defender detects and removes this threat.
This ransomware can stop you from using your PC or accessing your data. It might ask you to pay money to a malicious hacker.
See the Win32/Tescrypt ransomware family description for more information.
As of April 2015, we have observed an increase in Tescrypt activity as it gets dropped by a few exploit kits such as Exploit:SWF/Axpergle (Angler), Exploit:JS/Neclu (Nuclear), JS/Fiexp (Fiesta), and JS/Anogre (Sweet Orange).
Our ransomware page has more information on this type of threat.
Ransom:Win32/Tescrypt.R
Windows Defender detects and removes this threat.
This ransomware can stop you from using your PC or accessing your data. It might ask you to pay money to a malicious hacker.
Our ransomware page has more information on this type of threat.