Help please. Cryptowall 3.0 bit me.

[Frederick Skelly]

My personal desk top got infected tonight. Im working from a tablet right now. I thought I stopped the opening of that zip file but obviously didnt. Im not about to click any of their links or download their special SW. Ive already screwed up once tonight. I dont know how high their ransom is, but Im guessing that even if I got my data back Id have backdoors and spyware installed all over the place. This computer is about 4 yrs old, running Vista. I backed up a few months ago and, while inconvenient, could probably live without the data Im losing.

Is there a straight forward way to recover - like go back to my last restore point? Else, I might just go buy a new machine for $500.

Id really appreciate your advice on how to correct this.

Thanks guys.
Fred

[Keith Westfall]

I have a couple of these sites and just hit ctrl>alt>delete, log off and then reboot. Not sure if it will work for all sites though...

[Frederick Skelly]

I have a couple of these sites and just hit ctrl>alt>delete, log off and then reboot. Not sure if it will work for all sites though...

Thanks Keith. Im bitten real good. Rebooting didnt help. (Sigh)

[Phil Thien]

Was your backup drive attached when you got hit?

If not, I'd suggest secure-erasing the drive and then restoring your backup.

[Frederick Skelly]

Was your backup drive attached when you got hit?

If not, I'd suggest secure-erasing the drive and then restoring your backup.

Thanks Phil. It was not attached - one good thing! I appreciate your advice.
Fred

[Peter Stahl]

I loaded some software my Vista PC didn't like, wasn't a virus but got a Blue screen when I rebooted. I did a System Restore from Safe Mode and everything was good again. Do a Google search to see how to do a System Restore for you computer as each one is a little different. You won't lose anything when do this except programs that got loaded (i.e Virus) after the date of the restore you pick.

[Frederick Skelly]

I loaded some software my Vista PC didn't like, wasn't a virus but got a Blue screen when I rebooted. I did a System Restore from Safe Mode and everything was good again. Do a Google search to see how to do a System Restore for you computer as each one is a little different. You won't lose anything when do this except programs that got loaded (i.e Virus) after the date of the restore you pick.

Thanks Peter!

[Chuck Wintle]

My personal desk top got infected tonight. Im working from a tablet right now. I thought I stopped the opening of that zip file but obviously didnt. Im not about to click any of their links or download their special SW. Ive already screwed up once tonight. I dont know how high their ransom is, but Im guessing that even if I got my data back Id have backdoors and spyware installed all over the place. This computer is about 4 yrs old, running Vista. I backed up a few months ago and, while inconvenient, could probably live without the data Im losing.

Is there a straight forward way to recover - like go back to my last restore point? Else, I might just go buy a new machine for $500.

Id really appreciate your advice on how to correct this.

Thanks guys.
Fred

Can you wipe the hard d rive and reinstall windows? Do you have the original install disk? The cryptovirus infections are difficult and a ransom is usually demanded to unlock the computer. If you can go back to a restore point then maybe it will work again. But with your backup files, as was mentioned, are safe but do not connect the external drive until the virus is gone.

[Chuck Wintle]

or possible this youtube video may be of some help...
https://www.youtube.com/watch?v=gPelrlpQIJg

[Tom M King]

Reboot in safe mode. When you turn the computer back on, keep hitting F8 until safe mode is available. You might have to reboot several times until this is successful. Select Safe Mode with Networking so you can use the internet. Download Spyhunter and run it to clear the virus.

edited to add: Sorry I missed the Vista part of the original post. I don't know anything about that.

[John Coloccia]

Buy a new drive (they're cheap) and restore to that.

All of this other advice is going to do absolutely nothing for CryptoWall. Those files on that drive are gone...finito...no more. Getting rid of the virus will do zippo to get the data back. If you'd like to, keep the drive around and wait. They may find these guys and gain access to the private keys, just like they did with CryptoLocker, and then you can get the data back.

[Myk Rian]

Buy a new drive (they're cheap) and restore to that..

^^This^^
What happens is the boot sector gets the infection. You are not going to fix it with Safe Mode, scan programs, anything.
Toss the drive and re-install.
Also consider a new machine. Even Microsoft admits Vista was a bad idea.

[Brian Elfert]

For the future I recommend backing up to the cloud if you have a decent Internet connection. I pay $50 a year with Acronis Cloud, but I also had to spend about $50 for the software. I back up my machine every day both to an external drive and to the cloud. I do both as the hard drive restore will be much faster if my main drive fails. I don't think the virus could get to the files in the cloud, at least not yet.

I know some are worried about data mining and security in the cloud, but I am not that worried about it.

[John Coloccia]

You have to be careful. The crypto-whatever viruses often encrypt cloud data too.

[Larry Frank]

Sorry about your troubles....

Moral of the story....backup...backup....backup.....image file

Do not leave your backup drive attached....