Sign in with
Sign up | Sign in

How to Use Avast's Ransomware Removal App

By - Source: Tom's Guide US | B 4 comments

UPDATE 6/24/2014: An Avast representative says Avast Ransomware Removal detects more types of Android ransomware than just Simplocker.

Has your Android phone been infected with Simplocker or another type of encrypting ransonware, which infects Android phones and then encrypts files so that you can't access them? Avast Ransomware Removal might be the answer. The free app, from Czech security company Avast, can disable Simplocker or similar types of malware and get your files back for you.

Simplocker is the first true Android crypto-ransomware, but it won't be the last. In addition to blocking other apps, including the phone's Settings and Google Play Store apps, by displaying an obnoxious lockscreen message, Simplocker also encrypts the media files stored on the infected device's SD card. Avast Ransomware Removal eliminates the message screen and decrypts the encrypted media files.

MORE: Best Android Antivirus Software 2014

Typically, if something is encrypted well, there is virtually no way to decrypt it without the encryption key (a sort of password that unscrambles encrypted files). However, Simplocker stores those encryption keys within its code.

"Avast reverse-engineered the key and put it inside our app," an Avast representative told Tom's Guide. 

But don't download Avast Ransomware Removal unless you're already infected with ransomware. When the Avast Ransomware Removal app is installed, it constantly seizes focus -- or displays on top of everything else -- so as to cut in front of the ransomware's lockscreen message. That makes a phone just as unusable as it would be with Simplocker.

But if Simplocker blocks access to the Google Play app, how can you download Avast Ransomware Removal when you do need it? The trick is to download Avast Ransomware Removal remotely, via a computer. Here's how.

UPDATE 6/24/2014: An Avast representative told us that, in its current form, Avast Ransomware Removal detects "most" Android ransomware, not just Simplocker. However, it does not detect the ransomware known as Koler.A. Avast says it will continue to update the app as new ransomware threats appear on the Android platform.

1. In a browser window, navigate to the Google Play Store from your computer.

2. Click the Sign in button in the upper right if you aren't already signed into the same Google account as your Android device. If you are, skip to step 5.

3. Enter your Google email address and password.

4. (Optional) Enter your temporary second password, if you have two-step verification enabled.

5. Go to the "Avast Ransomware Removal" Google Play page by typing it into the search bar or clicking this direct link

6. Click on the green "Install" button beneath the app's name. It will read "Installed" instead of "Install" if you have previously installed it on your phone.

7. In the pop-up that appears, make sure the correct Android device is selected in the dropdown menu (if you only have one device linked to your Google account, this will be the only one listed) and then click "Install." 

8. Click "OK" on your computer screen. 

9. On your Android device, go to your Notifications section and tap on the one that says "avast! Ransomware Removal." (The Notifications screen should be accessible even with a Simplocker infection. On most Android devices, such the Samsung Galaxy S4 used in this tutorial, the Notifications section is accessed by swiping your finger downward from the top of the screen.)

The app will launch and begin scanning your device for Simplocker and any files that have been encrypted by it. During this time, you will not be able to access any of your other apps. You can tap the "Home" button to return to your phone's home screen, but tapping any other app icon will relaunch the Avast Ransomware Removal screen.

10. Once the app is finished removing any Simplocker ransomware, tap the orange "Uninstall" button that appears at the bottom of the screen.

11. Tap "OK" in the following popup, and Avast Ransomware Removal will uninstall itself, so you can go back to using your phone normally.

Email jscharr@tomsguide.com or follow her @JillScharr and Google+.  Follow us @TomsGuide, on Facebook and on Google+.

Discuss
Ask a Category Expert

Create a new thread in the Streaming Video & TVs forum about this subject

Example: Notebook, Android, SSD hard drive

This thread is closed for comments
  • 1 Hide
    RCguitarist , June 24, 2014 12:10 PM
    Great article, Thanks!
  • 0 Hide
    thundervore , June 24, 2014 12:56 PM
    I have encountered Cryptolocker three times in my life while fixing someones PC and "previous versions" always savedthe day (if the user didnt turn it off). On Android i do not see how something like(previous vesions ) will save the day, maybe they should implement something ike it.
  • 3 Hide
    everlast66 , June 24, 2014 4:59 PM
    "How to Use Avast's Ransomware Removal App"
    Essential read for every Android phone owner.
  • Display all 4 comments.
  • 0 Hide
    Draven35 , June 25, 2014 5:09 AM
    I need an article called "How to make Avast stop seeing every workstation application as a potential threat"
Tom’s guide in the world
  • Germany
  • France
  • Italy
  • Ireland
  • UK
Follow Tom’s guide
Subscribe to our newsletter
  • add to twitter
  • add to facebook
  • ajouter un flux RSS
enjoy