Ransomware is one of the fastest growing security threats in the online world. Over the last few years, ransomware attacks have become increasingly common to the extent that these attacks have evolved into one of the most harmful forms of cyber attack there is.
Ransomware attacks can target any PC user, whether it’s a home computer, endpoints in an enterprise network, or servers used by a government agency or healthcare provider, and prevent you from accessing and using your computer. Ransomware can also encrypt files so you can’t use them, stop certain apps from running (like your web browser), and even demand that you pay money to get access to your PC or files. And most worryingly of all, there is no guarantee that paying the fine or doing what the ransomware tells you will give access to your PC or files again.
While there are many different types of attack with varying levels of sophistication, all kinds of ransomware have one end goal: to demand money with menaces: it takes control of your PC, and wants you to pay to get it back. In general, it’s best to avoid paying.
If you feel you have no choice, then the malware has exposed critical flaws in your malware protection, and backup and recovery procedures. No reputable business should ever find itself in this position – ransomware shouldn’t even get through if a PC is running a fully updated copy of Windows, Microsoft’s SmartScreen or Google Safe Browsing, and up-to-date anti-virus software.
Nowadays, most anti-virus software is familiar with all the common variants of ransomware, and if not, should include heuristics that recognise potentially dangerous activities, such as encrypting files. Unfortunately, users can install ransomware themselves, either by downloading infected files or by running files that arrive in phishing emails. Worryingly, some users have been caught out by ransomware that infects files on the server as well as on individual PCs, when they did not have adequate offline or cloud backups.
Experts in cyber security estimate that the occurrence of ransomware attacks nearly doubled between the first half of 2015 and first half of 2016, but 79 brand new ransomware ‘families’ appeared in the first six months of 2016.
Since the threat of ransomware is sky-rocketing out of control, here’s our pick of the best free and paid ransomware removal tools available right now.
Microsoft’s EMET
Microsoft’s Enhanced Mitigation Experience Toolkit (EMET) helps raise the bar against ransomware attackers by protecting against new and undiscovered threats even before they are formally addressed through security updates or antimalware software.
There are 12 security mitigations in EMET that complement other defence-in-depth security measures, such as Windows Defender and other antivirus software, installing with default protection profiles, such as XML files that contain preconfigured settings for common Microsoft and third-party applications.
HitmanPro.Alert
HitmanPro.Alert turns your computer into a highly undesirable victim by blocking the core techniques and exploits malware uses to hide from antivirus software. It also detects crypto-ransomware, simply by observing the behaviours that these threats exhibit. It even makes sandbox-aware malware terminate itself by vaccinating or ‘camouflaging’ your PC as a virus researcher.
Zemana Anti-Malware
Zemana AntiMalware is a second-opinion malware scanner designed to rescue a computer from ransomware that has infected the computer despite all the security measures taken. It uses cloud-based scanning to reduce detection time for new virus outbreaks and to improve scanning performance. So if a sample is detected as malicious, all Zemana users are protected in the future against that specific threat.
Bitdefender Anti Crypto Vaccine and Anti-Ransomware
Bitdefender’s vaccine tool can protect against known and possible future versions of crypto-ransomware families, such as the CTB-Locker, Locky and TeslaCrypt malwares, by exploiting flaws in their spreading methods. However, keep in mind it’s simply a protection tool that sits in the system tray and alerts you to potential dangers and not a malware removal tool.
Malwarebytes Anti-Ransomware
Malwarebytes Anti-Ransomware uses advanced “proactive” technology that monitors what ransomware is doing and stops it cold before it touches your files. The app doesn’t rely on signatures or heuristics, so it’s light and completely compatible with existing antivirus software. Malwarebytes Anti-Ransomware is said to protect against infections such as CryptoLocker, CryptoWall, or CTBLocker, and can apparently also defeat new ransomware that’s never even been seen before. It’s worth noting however that this software is currently in Beta, so might not be entirely stable and should be installed in non-production environments for testing purposes only.
If you haven’t see our other Ransomware articles, including hints on using PA File Sight to detect a ransomware outbreak on the server, you can see those articles here.