Ransomware question

[Brint Hannay]

A couple of times in the past I have been hit with phony alerts that locked my computer screen--no click anywhere would have any effect. (I must have brought them on myself by clicking on links in websites.) One claimed to be from the FBI, the other claimed to be from Microsoft. Of course, I was directed to call a phone number for "assistance" in unlocking the computer.

I knew these were bogus, but what to do? The solution I hit upon was simply to do a hard shutdown of the computer using the physical power button, then restart and see what happened. I couldn't see what else I could do. In each case upon restart the "lock" screen was gone and the computer functioned normally. I ran Trend Micro and MBAM scans and they came up clean.

My question is: I haven't seen anywhere on the web where this procedure is recommended, but it appeared to have worked. But it seems as though freezing the functioning of the computer required getting malware into the computer itself. Could simply rebooting really have cleared out the problem?

As a general question, non-techies like me are prone to worry that the bad guys may have sophisticated malware that can be on the computer and be undetected by security programs, having gotten "behind their backs", as it were--like those movies where "The call is coming from inside the house!". How realistic is this fear?

[Wiz Feinberg]

What you are describing is not Ransomware. It is a fake security alert that locks your browser, and/or consumes 100% of the cpu, locking up the system. In reality, this is better called Bluffware.

Since Bluffware alerts are browser based, closing the browser, or rebooting the system gets rid of them. They are usually coded to prevent you from closing the browser in the hopes you will phone the scammers for help.

Once you reboot and open your browser, if the browser preferences are set to reopen the previous tabs, it may open to the last visited website where the fake alert was acquired.

Some browsers are more susceptible than others to this kind of scripted attack. Some users are better protected than others with realtime anti-malware solutions that hook into top tier web browsers.

My current operating system and security is Windows 10 Home with Malwarebytes and Microsoft Windows Defender. I browse with the most current version of Firefox, which Malwarebytes hooks into. I use uBlock Origin to block malicious advertising. If I expect to wade into dangerous waters, I turn on NoScript, an Add-on extension for Firefox. It blocks JavaScript based attacks on the spot, before the fake alert pop-ups can be launched. Unfortunately, JavaScript is used for all manner of useful purposes and disabling it breaks many website functions.

[Derrick Unger]

In windows 10 hit control,alt,and delete simultaniously..this will bring up task manager..click your browser, usually is the first thing listed..mine is Edge..then click end..should be able to restart your browser again immediately with no ill effects..I feel sorry for those people that do a hard shutdown with their power button..that can do strange things to your system.

[Richard Sinkler]

I think Ransomeware is pretty much the same, except to unlock your computer, you have to send money. They never give you the info to unlock the computer. You need to give them money using a payment method used at Wal- Mart. Many fall for that. Rebooting doesn't get rid of it like the bluffware you speak of. There's a procedure you have to go through in safe mode. Pain in the butt.

That happened to me twice on my computer. That is more involved to get rid of. I have gotten the same ransomware requesting payment on my iPad, but just rebooting takes care of that.

The FBI one says they found child porn or illegally downloaded music, videos on your hard drive. They say to pay the "ransom" or get arrested.