WannaCry: What to do if your computer is infected

You'd think everyone by now would know not to open attachments in dodgy emails, but the spread of the WannaCry ransomware has proven many still don't.

Computer security experts have doled out the usual advice - keep your computer's operating system up to date and ignore emails from strangers. But what can you do if you - or more likely, your parents or grandparents - have a lapse in judgement and fall victim?

Here are a few options you might want to consider - but first, one you definitely shouldn't.

Pay the hackers off

When WannaCry takes over your computer, it creates encrypted copies of your files, and deletes the originals. That means you can't use those files until they're decrypted. Helpfully, the hackers provide a tool for doing just that - you've just got to pay US$600.

Do not do this, under any circumstances. It only encourages them, and it's a waste of your money.

Reset your computer

For the vast majority of viruses, a good old-fashioned reset will set your computer right. I don't mean turning it off and turning it on again - hackers are bit cleverer than that. I mean literally wiping the hard drive clean and starting with a fresh installation of Windows.

For users of Windows 10, it's easy - open your settings, go to the 'update and security' section, choose 'recovery', then 'reset this PC'. From there you can choose whether to keep your files or go scorched earth, and wipe everything clean - since your files are encrypted, you want the second option.

Reset Windows PC
What you'll see on Windows 10 (file)

Now hold on, you're probably thinking - won't this delete the very files I'm trying to recover? Yes, yes it will. Only go down this route if you want to nuke WannaCry at all costs, or all your important files are backed up in the cloud - in which case you can re-download them afterwards.

If you're on an older version of Windows, it's generally a bit trickier to reset your computer, often involving the original discs (remember those?!). There are plenty of how-to guides on the internet - find a reputable website and follow the instructions, or if you're not confident, enlist a professional or young person with an interest in ancient tech.

If you want a picture guide on how to reset Windows 10, check out laptopmag.com's guide here

Restore your computer to a previous state

If you're not prepared to wipe everything and start again, recent versions of Windows allow you to roll back the operating system to a previous state. Usually this is used to uninstall an update or app that didn't quite go right. How-to-Geek has a guide on how to do this on Windows 7, 8 and 10, as does Microsoft. 

The problem with WannaCry, however, is that a system restore doesn't affect files - so even though this might get rid of the malware (though it's not guaranteed), the files might still be encrypted.

Bleepingcomputer has a short guide on a related, but slightly different trick - how to use system restore to roll back file versions. As the site explained it's not a guaranteed fix, but worth a shot if your files aren't backed up anywhere. 

Download a tool

A number of sites over the past few days have started offering apps which claim to be able to remove WannaCry.

If you decide to go down this route, proceed with caution - just like you're not supposed to trust emails from strangers, the same goes for strange websites.

Some apps on offer require payment, others probably won't work and many are bound to contain viruses of their own. A few Newshub has looked at were so complex, you'd need a pretty advanced level of computer knowledge to safely navigate their installation and operation.

WannaCry in action (file)
WannaCry in action (file)

Others might be easy to install, but come with additional apps you never asked for or won't do the job unless you pay for a licence - and paying up is what we're trying to avoid here!

If an app is being offered by a known, legitimate software security company - like Symantec, AVG, Sophos for example - you can probably assume it won't do any harm, even if it doesn't succeed in eliminating WannaCry. Same goes for popular, trusted anti-malware offerings like MalwareBytes and Spybot.

A number of websites are also offering tools to decrypt files locked up by WannaCry - same advice applies here. Be careful, and don't do anything you don't quite understand.

Follow a step-by-step guide

Some websites have guides on how to manually remove WannaCry, but again - proceed with caution.

Though they're much less likely to deliberately harm your computer than any apps you might download off the internet, it's very easy to break vital parts of your computer's operating system if you don't understand what you're doing.

For example, many guides Newshub looked at suggested making edits to the Windows registry - if that phrase means nothing to you, it's best you stay well away.

Here's a tip Microsoft itself has suggested - disabling the very Windows function, SMBv2, which contained the flaw. Of course, if your version of Windows is up to date with its security patches, this isn't necessary - the flaw WannaCry exploits was actually fixed back in March.

This site has another step-by-step method you could try that involves booting your computer into what's called 'safe mode'.

Again however, none of these methods are likely to decrypt your files - but could stop any more ending up that way.

How to keep your files safe even if you do get infected

A cloud - not the Cloud (Getty)
A cloud - not the Cloud (Getty)

You might have heard of something called 'the cloud'. No, it's not a literal cloud, or that wavy building on the Auckland waterfront.

In computer terms, the cloud literally just means someone else's computer - usually thousands and thousands of them, packed into warehouses in cold climates.

If your important files are duplicated in the cloud, then even if your computer gets infected, you can have the peace of mind copies of them are kept safe elsewhere.

So how do you get your files in the cloud? It's easy - there are plenty of apps to choose from, including Google Drive, Microsoft Onedrive and Dropbox. Most have a free offering, but if you need more storage it usually only costs a few bucks a month.

Many of them work by creating a folder on your computer, and anything that goes into that folder gets uploaded to the cloud, safe and sound in case anything ever happens to your machine. It really is that simple.

But of course, the old advice is still the best - don't open dodgy emails, resist the urge to click on everything you see on the internet, and it's unlikely you'll have problems with ransomware and viruses in the first place.

Good luck!


Contact Newshub with your story tips: