Ransomware is perhaps one of the most dangerous forms of malware out there - ransomware locks down your computer in some way, often they encrypt your files, they then ask for you to pay a price to gain access to whatever was locked. An example of ransomware can be found here.
Preventing your computer from getting Ransomware:
The first things you need to ensure to help protect your computer are listed below - along with instructions on how to do them.
Please note that the following information generally applies to Windows 7 and newer operating systems
Ensure you have an up-to-date antivirus software installed on your computer. (If you're running Windows 8 or above, Windows Defender is a full antivirus program that comes preinstalled. It should show up under all apps, alternatively you can search for it in Start. If you have Windows 7, Microsoft provides a free antivirus called Microsoft Security Essentials as it comes with a version Windows Defender that is not a full antivirus and will not protect against all malware. If you would like to see other antivirus, Microsoft provides a list here.)
Make sure your computer's operating system is up-to-date. (In Windows 10, you can check for updates in the Settings app, in Windows 8, you can use PC Settings or Control Panel and in older versions of Windows, you can use Control Panel. If you have troubles, you can find the Windows Update troubleshooter in Control Panel\System and Security\Security and Maintenance\Troubleshooting and Settings > Update and security > Troubleshoot in the Windows 10 Creators Update)
Backup your files (We recommend using Microsoft OneDrive as it is a free and easy to use cloud storage provider plus it also has versioning features that allow you to restore files to previous versions, you can also use other cloud storage services. Alternatively, you can use the backup options in Settings and Control Panel to an external drive, just make sure you disconnect the drive as if your computer can access it and is infected, the data on the drive will be affected as well!
Enable extra protection features, such as Windows SmartScreen, SmartScreen scans content to ensure it is safe (This is on and can be configured for Windows 8 and 10 in Control Panel\System and Security\Security and Maintenance or in Windows Defender Security Centre in Windows 10 Creators update. On lower Windows versions, it can be only be enabled for and can be configured in Internet Explorer)
Enable Firewall. (Windows Firewall is on by default in Windows, you can find Firewall settings in Control Panel\System and Security\Windows Firewall and in Windows Defender Security Centre in Windows 10 Creators Update)
Ensure you have a junk filter enabled for your email provider and/or email client software. (You should check junk and spam options in your email provider's website's settings and/or your email client software's settings)
Be careful of what you download, what websites you visit, what emails you open, etc. (Remember, if it's too good to be true, it is too good to be true!)
Following these steps should have make your computer more safe & secure!
If you've been infected:
Firstly, you should disconnect the infected machine from the network to prevent it from spreading to more computers.
Secondly, we don't advise paying the ransom as it is a lot of money and there is a high chance they won't even bother to decrypt your files. You also need to accept that you cannot decrypt your files without the key, so if you do not have a backup and really want to get your files back, you can try paying the ransom.
If you do have a backup of your files, you're in luck. But STAY AWAY from it until the ransomware is REMOVED from EVERY computer connected to your network, otherwise, your backup will be encrypted by the ransomware. You might also be in luck if you use cloud syncing services, such as OneDrive or Google Drive, but before you continue CLOSE the syncing software or PAUSE syncing so that the infected files do not sync. If some or all infected files sync, something you can try is see if the cloud provider has any options for restoring previous versions of files, for example, in OneDrive, you might be able to restore a previous version of a file by right clicking ot tapping and holding on the file and selecting the 'Version history' option.
In order to remove the ransomware from a computer, you should perform a full scan with your antivirus program (If you have Windows 8 or 10 and haven't installed an antivirus product, open up Windows Defender/Windows Defender Security Centre, it is a pre installed full antivirus software, you can find it in all apps or by searching in start. If you have Windows 7, download Microsoft Security Essentials, a free antivirus software from Microsoft here. For older Windows versions or if you don't like Microsoft Security Essentials or Windows Defender, check out this list of reputable antivirus products here. Before you start the scan, make sure to update the antivirus software and definitions. In Windows Defender and Microsoft Security Essentials, this can be done via the update tab, as shown below:
For Windows Defender Security Centre (Introduced in the Windows 10 Creators Update), it can be done via Virus & threat protection > Protection updates
After you've updated, perform a full scan via the Home tab in Windows Defender and Microsoft Security Essentials:
Or via Virus & threat protection > Advanced Scan in Windows Defender Security Centre:
Only once the virus is removed should you attempt to restore a backup or resume syncing files, this is so that the backup or synced files don't get encrypted as well.
If you need further assistance, tell us in the comments or contact us.