We’ve all heard about it at this point, you open an email, and all of a sudden it seems, your important documents and files get hijacked, encrypted and unable to be opened. Ransomware is no joke, if you’re a victim of it, your options of getting your files back are very limited. You actually only really have three options (and only one for the really serious kinds), pay up, recover from a backup (you are backing up, aren’t you! 🙂 ) or find a decrypting tool.
How can you tell if you’ve been a victim of ransomware?
Easy, if you have documents/photos/any file really, that for some reason has an additional extension, (ie. example.doc.encrypted), and you have a notepad file on your desktop, you’ve been a victim of ransomware. If you open that notepad, it’ll probably tell you where you can transfer your bitcoin currency, the amount of time you have to do so, and what they’ll do if you don’t comply. But don’t stress out yet! Actually, if you see the ransomware is called “Locky”, you might want to stress a little, this one can’t be unlocked yet.
Good question! First, you’re going to want a non-encrypted copy of a file you have. If you all your stuff is encrypted, there’s something you can do. You know those sample pictures that come in your “My Pictures” folder? Well, those are probably encrypted. But the good thing is that you can just open another Windows machine that has the same version (Windows 10, 7, etc) since they all use the same sample pictures.
Next, you’re going to want to go to this website.https://id-ransomware.malwarehunterteam.com/
You’ll upload the ransomware letter, a file that’s been encrypted, and then a copy of the same file that hasn’t been encrypted (this is where the sample pictures come in handy). The site will scan to see what version of ransomware has been attacking your computer, then send you to the decrypting tool if it’s available.
You’ll run the tool, then that’s it!
Be very cautious of what emails you open. One of the most popular ways of putting ransomware on a computer is sending an email disguised as a FedEx or UPS email saying that you need to download a file or follow a link to check the tracking info of a package you don’t remember ordering. When reading anything suspicious that asks you to follow a link or download a file, don’t. Just be careful of what you download and what links you follow and you should be in the clear from ransomware.
As always, if you need help with this kind of stuff… we’d be more than happy to help with this issue or any others you’re having. Just call us and we’ll schedule an in-person visit, a shop dropoff time or a remote session if you’d like!
We’ll elaborate further on how to avoid ransomware in a future article.
San diego Computer Help