The word ransomware conjures images of kidnappers and ransom notes. But that doesn't quite capture the reality of PC ransomware. In fact, "it\u2019s not always obvious when ransomware is the problem," says Mike Cobb, director of engineering at data recovery and digital forensics firm DriveSavers.For example, when ransomware affects a server and the storage connected to it, \u201cthe remote user trying to access the shared volume will not have seen the ransom note and the files will no longer open up properly. It will look like corruption to the users and until the system admin looks at the server to see the ransom note all users can be chasing their tails.\u201dIf you think you might be a victim of ransomware, here are the signs Cobb says you should look for:1. A splash screen blocks accessThe most obvious sign that you're infected with ransomware is a splash screen upon startup that prevents you from using the computer and provides instructions on how to pay the ransom to restore access.If you encounter a screen like this, you're likely a victim of lock screen ransomware.2. Files that won't openIf you are unable to open individual files on your machine and get an error message like one of these, you might be a victim of encryption ransomware:Windows: \u201cWindows can\u2019t open this file\u2026 To open this file, Windows needs to know what program you want to use to open it. Windows can go online to look it up automatically, or you can manually select from a list of programs that are installed on your computer.\u201dMac: \u201cThere is no application set to open the document\u2026 Search the App Store for an application that can open this document, or choose an existing application on your computer.\u201d3. Odd or missing file extensionsThose letters after the dot at the end of a file name are the file extension. They let your computer know what type of file it needs to read. Common file extensions include .doc, .exe, .pdf and .jpeg.Files encrypted by ransomware often have extensions that end with something like .crypted or .cryptor. Many times, these files are missing file extensions altogether. In all of these instances, the Finder will display a blank icon for the file type.4. You've received instructions for paying the ransomIf your computer has been infected with ransomware, the hacker responsible will have left payment instructions for you. Remember, the hacker wants you to read these files because their ultimate goal is to get paid, so the files should be somewhat easy for you to find.Look for .txt or .html files that begin with an underscore (_) followed by clear language in all caps, such as \u201c_OPEN ME\u201d, \u201c_DECRYPT YOUR FILES\u201d or \u201c_YOUR FILES HAVE BEEN ENCRYPTED.\u201d There will be at least one instruction file located in every folder that contains data that has been encrypted by the ransomware.I've got ransomware. Now what do I do?Cobb emphasizes that you shouldn't open the instruction files unless you intend to pay the ransom. But the question of whether or not to pay is itself controversial.Many experts say this should be a last resort, while others, like, Trend Micro's Christopher Budd say you should never pay a ransom. "Remember, you\u2019re dealing with criminals," writes Budd in a blog post. "There\u2019s no guarantee you\u2019ll actually get all your files back."Here are the three steps Budd says you should follow instead of paying the ransom:Turn off your computer and disconnect it from the internet.Restore from backup if you've got one.If that doesn't work, you can visit Trend Micro's ransomware resource page for additional help.