Ransomware is a type of malware that prevents or limits users from accessing their system. This type of malware forces its victims to pay the ransom through certain online payment methods in order to grant access to their systems, or to get their data back. Some ransomware encrypts files (called Cryptolocker). Other ransomware use TOR to hide C&C communications (called CTB Locker).
Users infected by ransomware should do the following:
- Disable System Restore.
- Run your anti-malware to scan and remove ransomware-related files.
Note that some ransomware requires extra removal steps such as deleting ransomware files in Windows Recovery Console. Be sure to follow all required steps to completely remove the specific ransomware your computer has.
To prevent ransomware infections, keep these things in mind:
- Backup your files regularly.
- Apply software patches as soon as they become available. Some ransomware arrive via vulnerability exploits.
- Bookmark trusted websites and access these websites via bookmarks.
- Download email attachments only from trusted sources.
- Scan your system regularly with anti-malware.
To combat ransomware in your home and home office PCs, try the following products:
- Trend Micro Titanium Internet Security
- Malwarebytes Lifetime license Premium
- McAfee Antivirus Plus 2015 -1-Year / 1-PC
- Emsisoft Anti-Malware
Trend Micro Protection
Trend Micro™ Smart Protection Network™ offers protection for users by blocking this threat from possible points of infection. Specifically, it prevents access to malicious websites hosting ransomware variants, and blocks IP addresses and C&C servers that ransomware variants access. It also blocks spam and email messages verified to carry ransomware disguised as attached files. Most importantly, it detects and deletes ransomware variants if found in the system.