Ransomware advice

Ransomware is a virus or other unwanted software that locks your entire computer.  When you have ransomware you can’t do anything including removing the ransomware or recovering your data.  I make a distinction between this type of program and cryptoviruses (even when the cryptovirus demands a ransom), as the approach to removing them differs.

What can you do about ransomware?

If your computer is locked out there are several things you can still do, even if you can’t use the computer normally.  Each of these should be tried, as each will lead to solutions, but most ransomware will prevent some of these.

  1. First, boot in safe mode.  If you can boot is safe mode you may have several options:
    1. You will probably be able to run an antivirus program, but sometimes even in safe mode the virus will obstruct your security software;
    2. You may be able to uninstall the problem program from the programs list in the control panel, but they don’t always appear in this list;
    3. You may be able to backup your data, which you should do, if you can, as soon as you have started the virus scan.
  2. The next option is to boot into system restore.  You can then restore windows to the state it was in before your system was hijacked.
  3. If nothing else works, in most cases you can remove the hard drive, install it as a second drive or external on something else, and recover your data and scan the drive for viruses.  You may need technical help for this.
  4. The last option is always a return to factory settings, if your system supports this, or a full reinstall off Windows.  Reinstalling Windows may seem frightening, but the upside is that it takes a finite amount of time.  It is very important that you have a backup of your data as a clean install of Windows and restoration of factory settings should both be considered destructive processes.

Ransomware prevention

As with any viruses, you are better of avoiding ransomware than cleaning it up later.  The normal safety precautions all apply.

  1. Install good security software.  We recommend Emsisoft.
  2. Don’t run a program if you don’t know the author of the program.

Should I pay the ransom?

No.  It should never be necessary to pay the ransom.  There are many reports of people paying the ransom and regaining control of their computers, but there are at least as many reports of ransomers not returning control.  It should be obvious that you would be dealing with criminals, and criminal behaviour should not be encouraged.  If you are thinking of paying then ask yourself how you can guarantee that you are dealing with conscientious criminals.

Can we help?

Yes.  We have helped a number of people regain control of their computers.  We can always attend this type of problem urgently.  Contact a computer technician for more information.