How to remove CryptoWall virus and restore your files
- Thread starter raptorizedguy
- Start date
Depends.... if you have backed up your computer, you could restore it to a previous day, but I don't think you've been burning DVD's or USB sticks. If you use any of the cloud services, you could format your computer and restore data from the cloud (Apple cloud, Microsoft etc).
As this is a ransomware, you can't dis-infect it, like Viruses.
hope this helps.
Also, look into this stuff for prevention of future attacks. Also, read the second page, as well.
https://www.foolishit.com/cryptoprevent-malware-prevention/
http://www.welivesecurity.com/2013/...ct-against-ransomware-including-cryptolocker/
https://www.foolishit.com/cryptoprevent-malware-prevention/
http://www.welivesecurity.com/2013/...ct-against-ransomware-including-cryptolocker/
My tech guy didn't back it up but mirrored my data ... Years of excel spreadsheets all Crypted ..
Only if you like to support terrorism and oppression, and to encourage the bastards to continue with their behaviour. There is also NO guarantee that you will get the two keys needed to unlock the RSA encryption.
https://en.wikipedia.org/wiki/RSA_%28cryptosystem%29
[url]https://en.wikipedia.org/wiki/CryptoLocker
[/URL]
The back-up MUST be offline, as much as possible. Mirroring is only good for backup to help against a defective drive, like RAID systems. One of my kids' computer got crypted, and I immediately took it and the home server down to try to save as much as possible. We were lucky, but the bastard cryptolock started to damage the public folders, as well as the drives shared/mapped on the infected computer.
Not having a backup is not your tech guys responsibility, it is like driving without car insurance. Sorry to hear about your files getting lost.
Did the OP lose all his files on the internal harddrive and can't get them back? Or, is his computer "locked" and he can't use his computer at all?
If he could catch the virus early enough, some of the files might have been uncorrupted.
Don't tell anybody. I have all my sensitive stuff on an external harddrive and I keep my live time on the Internet very short when I'm doing sensitive stuff and then I hop off the Internet and disconnect my external harddrive. Please tell me this minimizes my risk of an attack.
It al depends on how long you keep your hard drive connected to the infected computer. I would hazard a guess as to say that any amount of time, no matter how short, is bad and dangerous. Also, it depends on where the virus will reside. My guess is that it resides in a hidden file ini a sub-directory labelled App Data. But, take no chances!
So, the infection is most likely somewhere in the INTERNAL harddrive and not in the external harrddrive so my files in the external should be safe. The solution would then be to remove the old internal harddrive and replace it with a new harddrive and re-install the operating system (always keep your installation disc).
I think that might work. But, check the files on your external hard drive with an anti-virus program before you connect it to your newly installed operating system!
OS installation discs may become a thing if the past.
I have W7 that qualified for the new W10.
Had a choice of doing the upgrade to W10 or DL W10 to a thumbdrive as a bootable ISO file. The ISO file option lets you do a fresh install, which I always preferred, of W10 or any new OS. This also allows you to keep W7 on your original HDD . Got a new SSD for W10. SSDs are cheap now. Used the thumbdrive ISO file and W10 installed in 5 minutes, then took 6 minutes to update and tweak and then W10 was good to go on a new separate SSD. We've had this capability of installing Linux OSs off thumbdrives for years. Glad to see M$ is finally following suit. Always make sure backup files placed on your external drives are clean and you should be OK.
CryptoWall virus is a nasty one requiring you being super vigilante with Windows.
All the more reason I'm glad to be using Linux now, avoiding this worry.
I agree it's a good idea to do an anti-virus (I use the free AVAST) check.
Question: Do I have to check all the files or can I do a small sample? If the small sample is "clean" can I assume the rest of the files are also clean?
To Woodpeckr: Thanks for the info in your post.
You know I wonder how much free Anti-Virus really does these days? The last year and a half I find my scans with AVAST Free & MalewareBytes Free come up clean practically every time compared to 2012-2013 or even more so compared to AVG & Spybot for a few years before that. Also hardly get more than one real-time intervention in a year.
I find it difficult to believe that the Internet is so dramatically safer than it was 2 or 3 years ago but rather more likely that free security software just isn't keeping up and is blind to many current threats & spyware methods. Is that paranoid?
:Eek:
Yes. AVAST, MalewareBytes CCleaner and other free AVs are just getting better all the time.
But Windows remains a security sieve under constant attack. That's why Linux with better security is superior....
