Skip to main content
Skip to main content
Microsoft Security Intelligence
Cart 0 items in shopping cart
Sign in
561 entries found. Displaying page 1 of 29.
Updated on Apr 23, 2009
Trojan:Win32/Procesemes.A.dll is a BHO (Browser Helper Object) that blocks the user from browsing any site until the user sends an SMS message to a predefined toll number. It is dropped in the system by Trojan:Win32/Procesemes.A.
Alert level: severe
Updated on May 01, 2009
Trojan:Win32/SMSer.A is a trojan that locks an affected user's computer. It then requests that the affected user send a text message to a premium-charge number in order to unlock the computer.
Alert level: severe
Updated on Nov 15, 2009

Windows Defender detects and removes this threat.

This threat stops you from opening files and displays a message, commonly called a "lock screen". If this threat asks you to pay a fee or fine, do not pay it. The message is a fraud.

It tries to scare you into paying a fine to unlock your PC.

You can read more on our ransomware page.

Alert level: severe
Updated on Nov 09, 2009
Trojan:Win32/Ramtopt.A is a trojan that encrypts files on the local computer.
Alert level: severe
Updated on Oct 23, 2013
Trojan:Win32/Hwolren.A is a malicious program that is unable to spread of its own accord. It may perform a number of actions of an attacker's choice on an affected computer.
Alert level: severe
Updated on May 12, 2017

Windows Defender AV detects and removes this threat.

This ransomware can stop you from using your PC or accessing your data. Unlike other ransomware, however, this threat has worm capabilities. It uses an exploit code for a patched SMB vulnerability, CVE-2017-0145. This vulnerability was fixed in security bulletin MS17-010, which was released on March 14, 2017. We remind all customers to keep computers up-to-date.

The exploit code used by this threat to spread to other computers was designed to work only against unpatched Windows 7 and Windows Server 2008 (or earlier OS) systems. The exploit does not affect Windows 10 PCs.

For more information about this ransomware (which is also known as WannaCrypt, WannaCry, WanaCrypt0r, WCrypt, or WCRY), you can read the following entries on the Windows Security blog and Microsoft Security Response Center:

Our ransomware FAQ page has more information on this type of threat.

The trend towards increasingly sophisticated malware behavior, highlighted by the use of exploits and other attack vectors, makes older platforms so much more susceptible to ransomware attacks. From June to November 2017, Windows 7 devices were 3.4 times more likely to encounter ransomware compared to Windows 10 devices.

Read our latest report: A worthy upgrade: Next-gen security on Windows 10 proves resilient against ransomware outbreaks in 2017.

Alert level: severe
Updated on Aug 24, 2010

Microsoft Defender Antivirus detects and removes this threat.

This threat stops you from loading Windows and displays a full-screen message, commonly called a "lock screen". If this threat asks you to pay a fee or fine, do not pay it. The message is a fraud.

It tries to scare you into paying a fine to unlock your PC.

You can read more on our ransomware page.

The trend towards increasingly sophisticated malware behavior, highlighted by the use of exploits and other attack vectors, makes older platforms so much more susceptible to ransomware attacks. From June to November 2017, Windows 7 devices were 3.4 times more likely to encounter ransomware compared to Windows 10 devices.

Read our latest report: A worthy upgrade: Next-gen security on Windows 10 proves resilient against ransomware outbreaks in 2017.

Alert level: severe
Updated on Nov 23, 2010

Microsoft Defender Antivirus detects and removes this threat.

This threat stops you from loading Windows and displays a full-screen message, commonly called a "lock screen". If this threat asks you to pay a fee or fine, do not pay it. The message is a fraud.

It tries to scare you into paying a fine to unlock your PC.

You can read more on our ransomware page.

The trend towards increasingly sophisticated malware behavior, highlighted by the use of exploits and other attack vectors, makes older platforms so much more susceptible to ransomware attacks. From June to November 2017, Windows 7 devices were 3.4 times more likely to encounter ransomware compared to Windows 10 devices.

Read our latest report: A worthy upgrade: Next-gen security on Windows 10 proves resilient against ransomware outbreaks in 2017.

Alert level: severe
Updated on Nov 23, 2010

Microsoft Defender Antivirus detects and removes this threat.

This threat stops you from loading Windows and displays a full-screen message, commonly called a "lock screen". If this threat asks you to pay a fee or fine, do not pay it. The message is a fraud.

It tries to scare you into paying a fine to unlock your PC.

You can read more on our ransomware page.

The trend towards increasingly sophisticated malware behavior, highlighted by the use of exploits and other attack vectors, makes older platforms so much more susceptible to ransomware attacks. From June to November 2017, Windows 7 devices were 3.4 times more likely to encounter ransomware compared to Windows 10 devices.

Read our latest report: A worthy upgrade: Next-gen security on Windows 10 proves resilient against ransomware outbreaks in 2017.

Alert level: severe
Updated on Feb 02, 2011

Microsoft Defender Antivirus detects and removes this threat.

This threat stops you from loading Windows and displays a full-screen message, commonly called a "lock screen". If this threat asks you to pay a fee or fine, do not pay it. The message is a fraud.

It tries to scare you into paying a fine or texting a premium-charge phone number to unlock your PC.

You can read more on our ransomware page.

The trend towards increasingly sophisticated malware behavior, highlighted by the use of exploits and other attack vectors, makes older platforms so much more susceptible to ransomware attacks. From June to November 2017, Windows 7 devices were 3.4 times more likely to encounter ransomware compared to Windows 10 devices.

Read our latest report: A worthy upgrade: Next-gen security on Windows 10 proves resilient against ransomware outbreaks in 2017.

Alert level: severe
Updated on Jun 10, 2011

Microsoft Defender Antivirus detects and removes this threat.

This threat stops you from loading Windows and displays a full-screen message, commonly called a "lock screen". If this threat asks you to pay a fee or fine, do not pay it. The message is a fraud.

It tries to scare you into paying a fine or texting a premium-charge phone number to unlock your PC.

You can read more on our ransomware page.

The trend towards increasingly sophisticated malware behavior, highlighted by the use of exploits and other attack vectors, makes older platforms so much more susceptible to ransomware attacks. From June to November 2017, Windows 7 devices were 3.4 times more likely to encounter ransomware compared to Windows 10 devices.

Read our latest report: A worthy upgrade: Next-gen security on Windows 10 proves resilient against ransomware outbreaks in 2017.

Alert level: severe
Updated on Aug 29, 2011

Microsoft Defender Antivirus detects and removes this threat.

This threat stops you from loading Windows and displays a full-screen message, commonly called a "lock screen". If this threat asks you to pay a fee or fine, do not pay it. The message is a fraud.

It tries to scare you into paying a fine to unlock your PC.

You can read more on our ransomware page.

The trend towards increasingly sophisticated malware behavior, highlighted by the use of exploits and other attack vectors, makes older platforms so much more susceptible to ransomware attacks. From June to November 2017, Windows 7 devices were 3.4 times more likely to encounter ransomware compared to Windows 10 devices.

Read our latest report: A worthy upgrade: Next-gen security on Windows 10 proves resilient against ransomware outbreaks in 2017.

Alert level: severe
Updated on Nov 16, 2011

Microsoft Defender Antivirus detects and removes this threat.

This threat stops you from loading Windows and displays a full-screen message, commonly called a "lock screen". If this threat asks you to pay a fee or fine, do not pay it. The message is a fraud.

It tries to scare you into paying a fine to unlock your PC.

You can read more on our ransomware page.

The trend towards increasingly sophisticated malware behavior, highlighted by the use of exploits and other attack vectors, makes older platforms so much more susceptible to ransomware attacks. From June to November 2017, Windows 7 devices were 3.4 times more likely to encounter ransomware compared to Windows 10 devices.

Read our latest report: A worthy upgrade: Next-gen security on Windows 10 proves resilient against ransomware outbreaks in 2017.

Alert level: severe
Updated on May 02, 2012

Microsoft Defender Antivirus detects and removes this threat.

This threat stops you from loading Windows or documents and displays a message, commonly called a "lock screen". If this threat asks you to pay a fee or fine, do not pay it. The message is a fraud.

It tries to scare you into paying a fine to unlock your PC.

The trend towards increasingly sophisticated malware behavior, highlighted by the use of exploits and other attack vectors, makes older platforms so much more susceptible to ransomware attacks. From June to November 2017, Windows 7 devices were 3.4 times more likely to encounter ransomware compared to Windows 10 devices.

Read our latest report: A worthy upgrade: Next-gen security on Windows 10 proves resilient against ransomware outbreaks in 2017.

Alert level: severe
Updated on May 04, 2009
Trojan:Win32/SMSer.B is a trojan that locks an affected user's computer. It then requests that the affected user send a text message to a premium-charge number in order to receive a code that they can then use to unlock the computer.
Alert level: severe
Updated on Jan 20, 2011
Trojan:Win32/Bamital.I is a trojan that may redirect user search requests to other sites. It also disables System Restore.
Alert level: severe
Updated on Feb 04, 2011
Trojan:Win32/Calelk.A is a trojan that gains control of the infected computer by locking the screen and preventing the user from using the computer. It then prompts the user to send an SMS to a premium number. Some variants may display adult images.
Alert level: severe
Updated on Dec 13, 2011
Trojan:Win32/Stoberox.A is a malicious program that is unable to spread of its own accord. It may perform a number of actions of an attacker's choice on an affected computer.
Alert level: severe
Updated on Feb 29, 2012
Trojan:Win32/Ransirac.A is a malicious program that is unable to spread of its own accord. It may perform a number of actions of an attacker's choice on an affected computer.
Alert level: severe
Updated on Mar 28, 2012
Worm:Win32/Cridex.D is a worm - a self-propagating program that can spread itself from one computer to another. Worms may spread themselves via a variety of different channels in order to compromise new computers. Commonly, worms may spread directly by copying themselves to removable or network drives, or by attempting to exploit particular vulnerabilities on targeted computers. Worms also often attempt to spread via platforms that require user interaction in order to run. They may send themselves as an attachment to an email or an instant message, or send a link to a copy of themselves in the body of a message. In these cases the message needs to be convincing enough to encourage the victim to click on the link or attachment and run or download a copy of the worm.
Alert level: severe