Tech Q&A: Anticipate ransomware, back up and unplug

Steve Alexander, Star Tribune (Minneapolis) on

Published in Business News

Q: My Windows 7 PC recently displayed a notice that my data files had been encrypted (encoded so that they can't be read), and that to decrypt them I needed to contact a specified e-mail address within 24 hours. I didn't respond, and now neither my IT person nor the Trend Micro security company can decrypt my files, which I hadn't backed up. What can I do?

Paul McConville, Outing, Minn.

A: Unfortunately, there's no simple solution for a ransomware attack, in which a hacker gains access to your PC, encrypts your files and demands money to decrypt them.

A few types of ransomware have been cracked by security experts (see, and free software is available to undo the file encryption those programs caused (see But for many other types of ransomware, there is no fix. If you don't contact the hackers and pay the ransom, your files remain encrypted. And there's no guarantee the hackers will decrypt your files just because you pay.

Why is ransomware so hard to overcome? When encryption software is used to lock data files, it generates an electronic key that can unlock them. But in ransomware attacks, only the hackers have the key. Trying to "guess" the key with a program that rapidly tries many possible variations could take from months to lifetimes -- and beyond (see

As a result, you need to be prepared for ransomware attacks. Beyond the obvious advice -- avoid suspicious e-mails and website links -- you should make frequent backups of your files to an external memory device, then unplug that device from the PC. Why? Any memory device that's connected to your PC can have its files encrypted by the ransomware. Most cloud storage services connected to your PC also are vulnerable (others claim to be immune because they save archival copies of your unencrypted files.) Don't take a chance. Disconnect your backup.

Q: My Windows 10 PC recently began to display the error message: "Error in C:\Windows\system\LogiLDA.dll Missing Entry: Logifetch". What's wrong?

Tom Butler, Reading, Pa.

A: The problem is caused by the "Logitech Download Assistant" program, which updates the software for your PC's Logitech mouse. I suggest you disable it by right-clicking on the Task Bar at the bottom of the screen, then choosing Task Manager from the menu. In Task Manager, click on the "startup" tab, and in the resulting list find "LogiLDA." Right-click it, and from the drop-down list choose "disable." (To get future Logitech mouse updates, go to

Sponsored Video Stories from LifeZette

Q: Following the installation of a "critical update" on my Windows 7 PC, I'm unable to access my files because I'm a "temporary user." What can I do?

Mark LaFond, Bemidji, Minn.

About The Writer

Steve Alexander covers technology for the Minneapolis Star Tribune. Readers may write to him at Tech Q&A, 425 Portland Ave. S., Minneapolis, Minn. 55488-0002; email: Please include a full name, city and phone number.

(c)2018 Star Tribune (Minneapolis)

Visit Star Tribune (Minneapolis) at

Distributed by Tribune Content Agency, LLC.



blog comments powered by Disqus