Ransom:Win32/Dircrypt.C
Windows Defender detects and removes this threat.
The threat might get into your PC through spam emails or by being downloaded by other malware.
It encrypts your files and holds them for ransom; it demands that you pay to get access to your files back. It might display a message that looks like this:
It can also lower your PC's security by changing certain settings.
Read more about threats like this in our ransomware page.
Ransom:MSIL/Tarocrypt.B
Windows Defender detects and removes this threat.
This threat is a member of the Ransom: MSIL/Tarocrypt family.
This ransomware can stop you from using your PC or accessing your data. It might ask you to pay money to a malicious hacker.
Our ransomware page has more information on this type of threat.
Ransom:Win32/Genasom.GC
Microsoft Defender Antivirus detects and removes this threat.
This threat stops you from loading Windows and displays a full-screen message, commonly called a "lock screen". If this threat asks you to pay a fee or fine, do not pay it. The message is a fraud.
It tries to scare you into paying a fine to unlock your PC.
You can read more on our ransomware page.
The trend towards increasingly sophisticated malware behavior, highlighted by the use of exploits and other attack vectors, makes older platforms so much more susceptible to ransomware attacks. From June to November 2017, Windows 7 devices were 3.4 times more likely to encounter ransomware compared to Windows 10 devices.
Read our latest report: A worthy upgrade: Next-gen security on Windows 10 proves resilient against ransomware outbreaks in 2017.
Ransom:Win32/Genasom.OPY
Microsoft Defender Antivirus detects and removes this threat.
This threat stops you from loading Windows and displays a full-screen message, commonly called a "lock screen". If this threat asks you to pay a fee or fine, do not pay it. The message is a fraud.
It tries to scare you into paying a fine to unlock your PC.
You can read more on our ransomware page.
The trend towards increasingly sophisticated malware behavior, highlighted by the use of exploits and other attack vectors, makes older platforms so much more susceptible to ransomware attacks. From June to November 2017, Windows 7 devices were 3.4 times more likely to encounter ransomware compared to Windows 10 devices.
Read our latest report: A worthy upgrade: Next-gen security on Windows 10 proves resilient against ransomware outbreaks in 2017.
Ransom:Win32/Genasom.JV
Microsoft Defender Antivirus detects and removes this threat.
This threat stops you from loading Windows and displays a full-screen message, commonly called a "lock screen". If this threat asks you to pay a fee or fine, do not pay it. The message is a fraud.
It tries to scare you into paying a fine to unlock your PC.
Our ransomware FAQ page has more information on this type of threat.
The trend towards increasingly sophisticated malware behavior, highlighted by the use of exploits and other attack vectors, makes older platforms so much more susceptible to ransomware attacks. From June to November 2017, Windows 7 devices were 3.4 times more likely to encounter ransomware compared to Windows 10 devices.
Read our latest report: A worthy upgrade: Next-gen security on Windows 10 proves resilient against ransomware outbreaks in 2017.
Ransom:Win32/Ergop.A
Microsoft Defender Antivirus detects and removes this threat.
This ransomware can stop you from using your PC or accessing your data.
It encrypts files and uses .707, .725, .726, .astra, .crypt, .ocean, or .txt as file name extension for encrypted files. It leaves a ransom note with the file name how_open_files.hta, RECOVER-FILES.html, or !back_files!.html.
Our ransomware FAQ page has more information on this type of threat.
The trend towards increasingly sophisticated malware behavior, highlighted by the use of exploits and other attack vectors, makes older platforms so much more susceptible to ransomware attacks. From June to November 2017, Windows 7 devices were 3.4 times more likely to encounter ransomware compared to Windows 10 devices.
Read our latest report: A worthy upgrade: Next-gen security on Windows 10 proves resilient against ransomware outbreaks in 2017.
Ransom:Win32/Genasom
Microsoft Defender Antivirus detects and removes this threat.
This threat stops you from loading Windows and displays a full-screen message, commonly called a "lock screen". If this threat asks you to pay a fee or fine, do not pay it. The message is a fraud.
It tries to scare you into paying a fine to unlock your PC.
Our ransomware FAQ page has more information on this type of threat.
The trend towards increasingly sophisticated malware behavior, highlighted by the use of exploits and other attack vectors, makes older platforms so much more susceptible to ransomware attacks. From June to November 2017, Windows 7 devices were 3.4 times more likely to encounter ransomware compared to Windows 10 devices.
Read our latest report: A worthy upgrade: Next-gen security on Windows 10 proves resilient against ransomware outbreaks in 2017.
Ransom:Win32/Reveton.N
Microsoft Defender Antivirus detects and removes this threat.
Ransom:Win32/Reveton.N is ransomware that demands a fine for the supposed possession of illicit material or unauthorized online activities. It displays a full screen image, localized according to your location, with payment instructions. Read more about ransomware on our Ransomware page.
Our ransomware FAQ page has more information on this type of threat.
The trend towards increasingly sophisticated malware behavior, highlighted by the use of exploits and other attack vectors, makes older platforms so much more susceptible to ransomware attacks. From June to November 2017, Windows 7 devices were 3.4 times more likely to encounter ransomware compared to Windows 10 devices.
Read our latest report: A worthy upgrade: Next-gen security on Windows 10 proves resilient against ransomware outbreaks in 2017.
Ransom:Win32/Nobig
Microsoft Defender Antivirus detects and removes this threat.
This ransomware can stop you from using your PC or accessing your data. It might ask you to pay money to a malicious hacker to restore your files.
This ransomware is distributed though spam emails with malicious document attachments.
Our ransomware FAQ page has more information on this type of threat.
The trend towards increasingly sophisticated malware behavior, highlighted by the use of exploits and other attack vectors, makes older platforms so much more susceptible to ransomware attacks. Trends show that Windows 7 devices are more likely to encounter ransomware compared to Windows 10 devices.
Read our latest report: A worthy upgrade: Next-gen security on Windows 10 proves resilient against ransomware outbreaks in 2017.
Ransom:Win32/Trasbind.A
Microsoft security software detects and removes this threat.
This trojan stops you from using your PC by showing an alert message screen. This screen can include adult content and might ask you to pay a "fine" or fee to unlock your PC.
This threat also replaces important Windows system files with copies of itself.
Due to the damage this threat can do to your PC, you might need to reinstall some files from a Windows installation disc, or a backup source.
Windows 10 protects you from ransomware. Read more:
Windows 10 Creators Update provides next-gen ransomware protection
Ransom:Win32/Adslock.A
Windows Defender detects and removes this threat.
This threat stops you from loading Windows and displays a full-screen message, commonly called a "lock screen". If this threat asks you to pay a fee or fine, do not pay it. The message is a fraud.
It tries to scare you into paying a fine to unlock your PC.
Windows 10 protects you from ransomware. Read more:
Windows 10 Creators Update provides next-gen ransomware protection
You can read more about this type of threat on our ransomware page.
Ransom:Win32/Rokku.A
Windows Defender detects and removes this threat.
This ransomware can stop you from using your PC or accessing your data. It might ask you to pay money to a malicious hacker. It can also be downloaded by other malware like JS/Nemucod as its payload.
Windows 10 protects you from ransomware. Read more:
Windows 10 Creators Update provides next-gen ransomware protection
Our ransomware page has more information on this type of threat.
Ransom:Win32/Pagongcrypt
Windows Defender detects and removes this threat.
The threat renames and encrypts some files on your PC. It might ask you to pay money to a malicious hacker.
Our ransomware FAQ page has more information on this type of threat.
Read our latest report: Ransomware 1H 2017 review: Global outbreaks reinforce the value of security hygiene.
Ransom:Win32/Teerac.E
Windows Defender detects and removes this threat.
This ransomware malware encrypts your files and shows you a webpage that asks you to pay a fee to unlock them.
It can be installed on your PC by other malware, such as TrojanDownloader:O97M/Donoff, or when you open a spam email attachment.
There is more information available in the Win32/Teerac family description.
Our ransomware FAQ page has more information on this type of threat.
Read our latest comprehensive ransomware report:
Ransomware 1H 2017 review: Global outbreaks reinforce the value of security hygiene
Ransom:MSIL/Zuquitache.A
Windows Defender detects and removes this threat.
This ransomware can encrypt the files on your PC so that you can't access them. Threats in this ransomware family can be installed from Trojan:BAT/Zuquitache.
Our ransomware page has more information on this type of threat.