contador Saltar al contenido

Ransomware: what they are, how to remove them and defend themselves

In recent years it has spread more and more new threat, due to a latest generation malware, which does not cause damage to the affected PC, but creates enormous inconveniences, as it encrypts your personal files, making them incomprehensible and unusable, attacking above all important files for the user and normalizing everything only upon request for payment of a ransom. The name of this threat ransomware, one of the most dangerous malware out there, capable of panicking even the most computer savvy. In this article we will see what are ransomware, how they spread and what to do for remove them without paying avoiding future infections.

Here is a quick index of our article:

What are ransomware

THE ransomware they are particular malware with characteristics similar to trojans and worms (as they spread) whose only purpose is to blackmail the PC owner as messages like:

Do you want to use your favorite programs again? Do you want to access those important files on your hard drive again? You will have to pay (or at least what the bad guys hope) via PayPal or other forms of payment (Bitcoins and other cryptocurrencies are in great demand, due to the difficulty with which it is possible to trace the owner of the virtual wallets).

ransomware_screen "width =" 565 "height =" 417 "srcset =" https://www.webnextconf.eu/wp-content/uploads/2019/12/Ransomware-what-they-are-how-to-remove-them-and-defend.jpg 565w, https://www.giardiniblog.it/ wp-content / uploads / 2018/05 /reen_ransomware-300x221.jpg 300w, https://www.giardiniblog.it/wp-content/uploads/2018/05/schermata_ransomware-80x60.jpg 80w "data-lazy-sizes = "(max-width: 565px) 100vw, 565px" /></p>
<p>In many cases these screens are shown with various shades of color and especially with ever-changing messages, often customized according to the country where the PC is located: it is not uncommon to find ransomware with messages about the Postal Police, Guardia di Finanza or other forces of the order, with the intent to scare the user as much as possible and induce him to pay.</p>
<p>In the meantime, the paralyzed PC, you cannot use any program, you can only brutally turn it off from the power button. If you do not act in time to solve the threat, the ransomware cripter increasingly files, making it impossible to recover them without intervening properly.</p>
<h3 id=How ransomware spreads

Pecking a particularly "easy" ransomware, that's why they are among the most widespread threats among modern PCs. The methods by which this type of threat spreads are the following:

  • Advertising messages: the most common method for ransowmare; some banners or pop-up pages can carry the infection as soon as they are shown, therefore it is not necessary even to click to infect the PC (for example, open a video and you will find your PC blocked immediately);
  • phishing: the second vehicle of infection is certainly phishing via email, where you are invited to visit an infected page for any reason, (often banking or postal problems) by infecting the PCs as soon as the page loading has been completed;
  • Via other network PCs: some ransomware have worm characteristics, therefore they spread rapidly through the internal LAN, among all the PCs that show the same vulnerability (as in the case of WannaCry, which exploited a Windows vulnerability to spread quickly);
  • Crack and modified software: one of the most "ancient" methods and still widely used to spread malware integrating them into crack, keygen and modified premium programs. The infection in this case is the direct consequence of turning to computer piracy to obtain legally purchasable programs.

The dangers of a ransomware

The dangers of ransomware are numerous, given how this type of malware works. First of all, you risk lose imported documents saved on your PC, until the payment of the ransom or the unlocking of the files through the dedicated tools; then not said that paying solves the problem, because the bad guys hardly respect the agreements freeing the PC from the threat (they can do it, as they can't do it), so you risk losing money and data!

Then let's not forget that since it is malware, it could always hide inside the PC, make us believe that it disappeared and then come back again to look for money and to make us waste a lot of time. As a last threat it should be remembered that some ransomware encrypt files with advanced algorithms, not yet violated by cyber security houses: if the files are encrypted with these methods, you may lose the file or files forever without recovery possibility.

With a ransomware you don't mess around, in these cases it is preferable to really avoid them rather than being in front of them. Below you can find some of the most popular ransomware that have hit PCs in recent years:

  • Cryptokluchen
  • Lortok
  • Democry
  • Bitman (TeslaCrypt)
  • Chimera
  • Crysis
  • WannaCry
  • CoinVault
  • Bitcryptor
  • Wildfire
  • Shade
  • Xorist

How to avoid ransomware infections

To avoid ransomware infections you can follow simple tips, applicable on any PC.

Enable Defender's anti-ransomware protection

Windows Defender integrated on Windows 10 allows you to protect some folders from the action of ransomware, so that we can protect ourselves in case of encryption. To activate this protection, simply open the Windows Defender Security Center from the Start menu and go to the menu Virus and threat protection -> Ransomware protectionand enable the voice Controlled access to folders.

Controlled folder access

IObit Malware Fighter 6

The first software instead that I recommend to use to prevent threats from ransomware IObit Malware Fighter 6, available for download from the following link.

DOWNLOAD |IObit Malware Fighter 6

Iobit Malware Fighter

This program boasts an effective anti-ransomware system (available in the Pro version of the program) that prevents the encryption of files and the blocking of PC activities, so as to render completely any type of ransomware and in general any type of malware.

Antiransomware "width =" 502 "height =" 484 "srcset =" https://www.webnextconf.eu/wp-content/uploads/2019/12/1577501523_511_Ransomware-what-they-are-how-to-remove-them-and-defend.jpg 502w, https://www.giardiniblog.it/ wp-content / uploads / 2018/05 / Antiransomware-300x289.jpg 300w, https://www.giardiniblog.it/wp-content/uploads/2018/05/Antiransomware-436x420.jpg 436w "data-lazy-sizes = "(max-width: 502px) 100vw, 502px" /></p>
<p>To protect the folders from unauthorized access and modifications (such as those carried out by a ransomware), the Safe Deposit Box functionality (also available in the Pro version) is available, which protects the folders indicated by the harmful action of any malware.</p>
<p><img class=

This program is definitely the best system to protect a PC in the hands of an inexperienced user from the attack of ransomware, so as to also avoid the loss of files.

Kaspersky Free

Another way to avoid ransomware infections is to use a complete antivirus that is effective in blocking malicious links and all types of threats before they can do harm; the best free antivirus for Windows 10 currently Kaspersky Free, downloadable from the following link.

DOWNLOAD | Kaspersky Free

Kaspersky_Free "width =" 772 "height =" 575 "srcset =" https://www.webnextconf.eu/wp-content/uploads/2019/12/1577501523_268_Ransomware-what-they-are-how-to-remove-them-and-defend.jpg 772w, https://www.giardiniblog.it/ wp-content / uploads / 2018/05 / Kaspersky_Free-300x223.jpg 300w, https://www.giardiniblog.it/wp-content/uploads/2018/05/Kaspersky_Free-768x572.jpg 768w, https: // www. giardiniblog.it/wp-content/uploads/2018/05/Kaspersky_Free-600x447.jpg 600w, https://www.giardiniblog.it/wp-content/uploads/2018/05/Kaspersky_Free-80x60.jpg 80w, https: //www.giardiniblog.it/wp-content/uploads/2018/05/Kaspersky_Free-265x198.jpg 265w, https://www.giardiniblog.it/wp-content/uploads/2018/05/Kaspersky_Free-696x518.jpg 696w, https://www.giardiniblog.it/wp-content/uploads/2018/05/Kaspersky_Free-564x420.jpg 564w "data-lazy-sizes =" (max-width: 772px) 100vw, 772px "/></p>
<p>Just install it and forget it, the antivirus will take up little memory space and act decisively and punctually in the event of threats from ransomware or any other type of malware.</p>
<h3 id=How to remove ransomware

To remove a ransomware you can use dedicated tools (starting from the assumption that your antivirus has failed to stop the threat and / or has been deactivated) which can be downloaded free of charge below (you can use them in Safe Mode or from recovery disk):

To unlock the files that have fallen victim to ransomware (they must be treated separately, it is not enough to remove the ransomware to unlock them) you can use the following tools:

I remind you that not all encrypted files can be decrypted in the current state, therefore it is always better to periodically make backup copies so that you can recover files lost due to ransomware.