Users who fall victim to ransomware should not to reboot their computers because this could make the infection worse under some conditions, Coveware CEO & Co-Founder Bill Siegel warns. Siegel explained that during the process of locating and encrypting data on an infected system, the ransomware executable sometimes “trips, or is blocked by a permission issue and will stop encrypting.” However, “if you reboot the machine, it will start back up and try to finish the job.”
Coveware is warning people because a recent survey found that 30% of Americans who had their computer infected with ransomware, rebooted their system after discovering the infection in an attempt to remove it. It is also important that victims make sure the ransomware is fully wiped from their system before they start data recovery efforts. Otherwise a reboot will result in the recovered files being encrypted again.
Read more: Experts: Don’t reboot your computer after you’ve been infected with ransomware