With nasty malware like Locky making the rounds—encrypting its victims’ files, and then refusing to unlock them unless you pay up—ransomware is a serious headache. But not all ransomware is so difficult. Did you know, In 2016 alone, ransomware payouts are closing in on the billion-dollar mark, with a whopping 70% of companies reporting that they paid to have their maliciously-encrypted data liberated after being hit.
If you’re not totally confident with what ransomware is, stop right here and check out this post!
According to CSO online, you can remove many ransomware viruses without losing your files, but with some variants that isn’t the case. Previously discussed are some general steps for removing malware and viruses, but you need to apply some specific tips and tricks for ransomware. The process varies and depends on the type of invader. Some procedures involve a simple virus scan, while others require offline scans and advanced recovery of your files. I categorize ransomware into three varieties: scareware, lock-screen viruses, and the really nasty stuff.
The simplest type of ransomware, aka scareware, consists of bogus antivirus or clean-up tools that claim they’ve detected umpteen issues, and demand that you pay in order to fix them. Some specimens of this variety of ransomware may allow you to use your PC but bombard you with alerts and pop-ups, while others might prevent you from running any programs at all. Typically these invaders are the easiest type of ransomware to remove.
Encrypting malware—such as Locky—is the worst variant, because it encrypts and locks your personal files until you pay up. But even if you haven’t backed up your files, you may have a chance to recover your data.
Before you can free your hostage PC, you have to eliminate the hostage taker.
If you have the simplest kind of ransomware, such as a fake antivirus program or a bogus clean-up tool, you can usually remove it by following the steps using this malware removal guide. This procedure includes entering Windows’ Safe Mode and running an on-demand virus scanner such as Malwarebytes.
If the ransomware prevents you from entering Windows or running programs, as lock-screen viruses typically do, you can try to use System Restore to roll Windows back in time. Doing so doesn’t affect your personal files, but it does return system files and programs to the state they were in at a certain time. The System Restore feature must be enabled beforehand; Windows enables it by default.
For an in-depth removal breakdown, head over to CSO here.
Avoiding ransomware is much the same as avoiding other types of other malware.
Always run a good antivirus utility and keep Windows and browser-related components (Java, Adobe, and the like) updated. Keep your browser clean of junk toolbars and add-ons to prevent adware invasions that could lead to malware infections. Always, always be wary of unexpected email attachments and spam.
And just to beat this dead horse one more time: Always have a good backup system in place, just in case your PC does become infected and you can’t recover your files. Yes, it’s that important.
Here are some additional cyber security tips from the pros, follow these to improve your security posture!