Ransomware is any malware that threatens to delete, damage or read the content of your computer unless you pay up. It's often distributed through an email attachment or by tricking you into downloading it from a website. Modern ransomware can encrypt your data, so there's no easy way to recover it without the decryption key.
How Does Ransomware Spread?
Ransomware has existed in various forms for over 20 years. It is known to be a type of malware where data or files are held hostage on an infected system. Ransomware is spread through spam emails, malicious emails but also through infected USB drives, and software downloads/installations. If you are not sure whether the email you have received is trustworthy, do not open any attachments and delete the message. And make sure to update your antivirus software.
After clicking on an email that appears to be from a legitimate sender or downloading software that was not obtained directly from the manufacturer, the file will install the malware onto your device when you click next without reading any warning screens about what it will do to your device. After this point, you're likely at risk of further infection by other ransomware strains since it can't be removed without paying for it with Bitcoin or another similar cryptocurrency service.
About HELPME Ransomware
The malware, HELPME, is designed to encrypt data (render files unusable) and demand payment for the decryption. Affected files are renamed according to this pattern: original filename, a unique ID assigned to the victim, the cyber criminals' email address, and a ".HELPME" extension. For example, a file like "1.jpg" would appear similar to "1.jpg.[ID-9ECFA84E].[email@example.com].HELPME".
How to Remove Ransomware from My Computer
What should you do if you think your computer might have been infected? The first thing to make sure of is that you have a backup of all your important files. If you do not have a backup, then see if any documents are available online. Next, if your computer is infected with ransomware, then try using the SFC utility which might be able to fix any damaged files. If this doesn't work, search for utilities that will break the encryption on these types of ransomware.
Here are a few steps to help identify and fix the problem:
- Reboot your computer in safe mode with networking
- Scan your PC with anti-virus software from a trusted vendor.
- Perform an Internet search for 'ransomware' and see if a decryptor tool is available
- Perform a file system check with disk check or checking tools.
- Perform a full data backup of your hard drive.
- Perform a full system restore to an earlier time before the ransomware hit your computer