Helpdesk Challenge – how to spot and remove ransomware
Ransomware is a particularly distressing type of malware that creates a pop-up blocking all access to your machine unless you pay a fine for alleged illegal activities.
It’s designed to cause panic and alarm, locking your PC out of the blue, before demanding payment to make your system usable again. In short it’s old-fashioned extortion with a modern, digital twist.
Security software reviews – read our expert reviews of the best anti-virus protection.
How to spot a ransomware scam
Below is an example of a typical ransomware scam. The pop-up message appears on your PC, obscuring everything else and preventing you from using any programs. It accuses you of committing illegal online activity and orders you to pay a fine in order to use your computer again.
Hover over the red circles for explanations on how this scam works:
The software often claims to be from a local police authority or even the FBI. The message may have a veneer of authority, such as imagery of police logos, but there’s nothing official about it.
The scams often claim to have found evidence of illegal pornography on the computer, embarrassing targets into paying the stated fine.
In our example above, a huge catalogue of alleged crimes has been listed. However, in reality, no one who had committed any of these crimes would be let off with a fine paid online.
The ransomware message typically demands payment in the form of a voucher from a company such as Ukash, because these don’t leave a trace, unlike regular online bank transfers.
What you should do if your PC is infected with ransomware
You can avoid the scam as you would any malware, by keeping your security software up-to-date.
Whatever you do, never pay the ‘fine’, even if you can’t access your PC. You’ll be putting money into criminal pockets and the payment may not unlock your PC anyway.
If you’re PC does get infected it’s relatively easy to remove most common ransomware, though the methods to do so can vary from infection to infection.
Method 1: If you can still access most of your PC’s functions
1. MalwareBytes Anti-Malware Free is a good, free program that can remove CryptoLocker and similar Ukash ransomware scams. Microsoft’s Safety Scanner is another free alternative. Both can be used alongside your usual security software.
2. Simply download either anti-malware software by clicking on the above links, then follow the on-screen installation instructions.
3. Run a full scan of your PC. Check each of the tick-boxes alongside the detected infections. Next, click on Remove Selected to clear the infected files.
Method 2: If your PC is frozen or locked-up
1. Restart your computer and press the F8 key while the system is booting up. This will allow you to access your PC without using Windows. Use the arrow keys to choose the option Safe Mode with Command Prompt.
2. Using the text cursor that appears, type rstrui.exe and press the Enter key. This should start a Windows System Restore screen that lists saved points within Windows.
3. Choose a restore date from before you were infected, then restore your PC to this point. Download the MalwareBytes Anti-Malware Free software and follow the tips covered in Method 1 to scan and remove infections from your PC.
How to spot a fake virus alert – don’t be fooled by fake security pop-ups
Free or paid-for security software – which is best for protecting your PC?
Security software reviews – we round up the best antivirus security suites
Post a Comment
Your email is never published nor shared. Required fields are marked