3 Replies Latest reply on Aug 7, 2016 7:13 AM by Peter M

    Does McAfee Livesafe remove or prevent Ransomwear?

    kensantori

      I am running Livesafe in realtime scan mode and it did not prevent a Ransomwear program from encrypting all my datafiles.

       

      1 Are my settings wrong?

      2 or Do I need another product

      3. can I recover and remove it?

        • 1. Re: Does McAfee Livesafe remove or prevent Ransomwear?
          Peter M

          Moved to Malware Discussion > Home User Assistance.

           

          Ransomware is caused by surfing or downloading/file sharing unwisely and then clicking a key or your mouse when you see the first sign of trouble.

          That activates it.  Always power straight off when you see something like this happening, guidelines in the link below.

          Nothing will prevent them 100% because there are new versions out every day.

          **What's the name of it?**

          Try rebooting into Safe Mode and starting System Restore from there.

          If it boots to your desktop successfully in Safe Mode, click Windows key + R then type rstrui.exe

          That should bring it up in a list above - start it from there and see if you can go back to before it happened.

          If successful temporarily disable System Restore to delete the infection.

           

          Anti-Spyware/Malware/Hijacker Tools

          • 2. Re: Does McAfee Livesafe remove or prevent Ransomwear?
            catdaddy

            kensantori,

                                     I might add if I may, always keep a 'Backup' of your system as well. This will assist you in not having to pay to regain your system files/programs. As Colleague ExBrit stated, you have to be diligent in paying close attention as to what you allow/click on.

            • 3. Re: Does McAfee Livesafe remove or prevent Ransomwear?
              Peter M

              Asking again, what's the name of this Ransomware? 

              I would imagine there is general protection but these things are configured to sneak in past any antivirus and are activated by the user when  they click anything or key anything in.

              They are revised by the malware developers almost daily to fool any detection.

              If you read the link I provided in my first answer you'll see that MalwareBytes have a standalone Beta Anti-Ransomware tool, but note it's Beta, meaning it's only being tested and is only intended as a possible preventive measure not a cure.

              Once ransomware hits there isn't much you can do other than format and reinstall your system.  Paying the ransom only makes the crooks stronger and has no guarantees that you'll get your system back intact. Hopefully you keep backups as Catdaddy has said.