After working on his doctoral dissertation for two years, Joe, a user, is unable to open his dissertation file.
The screen shows a warning that the dissertation file is corrupted because it is infected with a backdoor,and can only be recovered by upgrading the antivirus software from the free version to the commercial
version. Which of the following types of malware is the laptop MOST likely infected with?

A.
Ransomware

B.
Trojan

C.
Backdoor

D.
Armored virus

Explanation:
Ransomware is a type of malware which restricts access to the computer system that it infects, and
demands a ransom paid to the creator(s) of the malware in order for the restriction to be removed. Some
forms of ransomware encrypt files on the system’s hard drive), while some may simply lock the system
and display messages intended to coax the user into paying.
Ransomware typically propagates as a trojan like a conventional computer worm, entering a system
through, for example, a downloaded file or a vulnerability in a network service. The program will then run
a payload: such as one that will begin to encrypt personal files on the hard drive. More sophisticated
ransomware may hybrid-encrypt the victim’s plaintext with a random symmetric key and a fixed public
key. The malware author is the only party that knows the needed private decryption key. Some
ransomware payloads do not use encryption. In these cases, the payload is simply an application designed
to restrict interaction with the system, typically by setting the Windows Shell to itself, or even modifying
the master boot record and/or partition table (which prevents the operating system from booting at all
until it is repaired)
Ransomware payloads utilize elements of scareware to extort money from the system’s user. The payload
may, for example, display notices purportedly issued by companies or law enforcement agencies which
falsely claim that the system had been used for illegal activities, or contains illegal content such as
pornography and pirated software or media. Some ransomware payloads imitate Windows’ product
activation notices, falsely claiming that their computer’s Windows installation is counterfeit or requires
re-activation. These tactics coax the user into paying the malware’s author to remove the ransomware,
either by supplying a program which can decrypt the files, or by sending an unlock code that undoes the
changes the payload has made.Incorrect Answers:
B: In computers, a Trojan horse is a program in which malicious or harmful code is contained inside
apparently harmless programming or data in such a way that it can get control and do its chosen form of
damage. Ransomware can be distributed as a Trojan but the term Trojan does not specifically describe
the attack in this question.
C: A backdoor in a computer system is a method of bypassing normal authentication securing
unauthorized remote access to a computer while attempting to remain undetected. The backdoor may
take the form of an installed program or may subvert the system through a rootkit. A backdoor is not
what is described in this question.
D: An armored virus is a type of virus that has been designed to thwart attempts by analysts from
examining its code by using various methods to make tracing, disassembling and reverse engineering
more difficult. An Armored Virus may also protect itself from antivirus programs, making it more difficult
to trace. To do this, the Armored Virus attempts to trick the antivirus program into believing its location is
somewhere other than where it really is on the system. An armored virus is not what is described in this
question.

http://en.wikipedia.org/wiki/Ransomware
http://www.webopedia.com/TERM/A/Armored_Virus.html