- Anatova ransomware is a dangerous type of cyber-attack that targets local files on your PC, but also shared resources on your network.
- Although ransomware is often difficult to get rid of, Anatova can be easily removed if you follow a few easy steps.
- Check our Ransomware section to discover more about this type of cyber-attack.
- Visit our Update & Security Hub to learn more about keeping your PC safe and secure.
Nowadays, cyber-attacks are becoming more and more common and there’s no sign of stopping them any time soon. Not without a proper strategy, that is.
Anatova ransomware, for instance, is a popular (in the infamous kind of way) attack that affected several machines in 2019.
This ransomware was first discovered on a private peer to peer network by McAfee‘s security researchers.
The researchers studied the prepared modular extension of the ransomware and warned its users about its potential to become a serious threat.
Now here’s why it’s hazardous for any device it reaches: Anatova compels PC users to infect their machines by replicating the icon of an application or a game.
Once your device is infected, two things happen: your local files will get encrypted and all the files on network shares will share the same fate.
In the worst-case scenario, where the attacker wins, the victims have to pay a ransom of 10 Dash coins (valued at roughly $700) to get their files decrypted.
How to get rid of Anatova ransomware?
Enable Safe mode with Networking
It’s possible to stop Anatova ransomware dead in its tracks by using Windows’ Safe mode.
Follow the steps explained below to access Safe Mode and get rid of this piece of malware:
Restore system files and settings
- Launch a CMD instance with Administrator rights
- Type cd restore and hit the Enter button
- In the same CMD window type rstrui.exe and hit the Enter button
- Locate the newly-opened System Restore window
- Click the Next button
- Select the restore point that was created before the Aanatova attack
- Click the Next button
- Hit the Yes button to initiate the restoration process
How can I prevent Anatova ransomware?
Now that you got rid of the Anatova ransomware, you’ll need to make sure it won’t come back.
As usual, prevention is better than cure. Therefore, it’s wise to follow a few safety measures whenever you use your PC, especially while online.
- Always use official, confirmed sources whenever you download games, apps, or any other document
- Avoid shady websites, especially ones that are full of ads and pop-ups, or those that ask for notification permissions
- Don’t open emails that look particularly suspicious
- Avoid clicking attachments in email messages, especially if your email client flagged them as spam and blocked their content
- Use trustworthy antivirus, antimalware, and firewall solutions on your PC
- Don’t ignore any security warning you may see while navigating to a suspicious website
Ransomware is usually dangerous because it can lock you out of important documents on your computer.
With that in mind, it’s easy to see why making backup copies of everything important on your machine can be a good way to fight Anatova ransomware.
Even in the worst-case scenario where your files get locked beyond recovery you won’t have to pay a dime to the attacker, knowing well that you have backup copies.
It goes without saying that the backup copies should never ever reside on the same machine or in the same location as the original files.
Otherwise, you’ll face the risk of losing them to ransomware, as well.
Just use a memory stick or an external HDD and disconnect it once the backup is complete.
All things considered, if you’ve been affected by Anatova ransomware, you can easily get rid of it, granted that you have enabled the system restore option on your PC.
If you manage to get rid of Anatova ransomware, don’t forget to backup your files and take all necessary steps to prevent it (or any other similar malware) from ever returning to your PC.