Cryptowall Virus

glicky · 15 May 2014 at 11:59AM

I wonder if any of you kind folks can help me please?

My friend has this Cryptowall virus on her computer which has completely ruined it. Slow as hell and cannot do hardly anything on it. Can't even get into Malwarebytes or MSE. Says it has to be gotten into by an administrator, but when I go in as an administrator, it still won't let me do anything. Has messed up the e-mail too. It won't even allow me to go into Safe Mode.

Anyone know how to get rid of it or do I need to take it into an engineer?

Your help would be appreciated. Thanks in advance.

GunJack · 15 May 2014 at 12:34PM

basically, you can't get their files decrypted without paying the ransom, it's a new variant of Cryptolocker. Clean install of OS and replace pics/docs/music from their backup, or full disk image restore from their last backup image....

what do you mean, what backups?

glicky · 15 May 2014 at 12:39PM

GunJack wrote: »

basically, you can't get their files decrypted without paying the ransom, it's a new variant of Cryptolocker. Clean install of OS and replace pics/docs/music from their backup, or full disk image restore from their last backup image....

what do you mean, what backups?

Sorry.. I'm not tech minded. Could you please explain.

bod1467 · 15 May 2014 at 12:44PM

Basically your mate if funked. The PC needs to be completely rebuilt from scratch. (i.e. using the reinstall partition that came on the PC, or using a reinstall disk that came with the PC or which was created when the PC was first run*).

And then reload all the necessary apps from the installation disks** and then reinstate the files/photos etc. from the backups that were made***

* This WAS done, wasn't it?
** The installation disks ARE available, aren't they?
*** Your mate DOES have backups, doesn't he?

glicky · 15 May 2014 at 12:48PM

bod1467 wrote: »

Basically your mate if funked. The PC needs to be completely rebuilt from scratch. (i.e. using the reinstall partition that came on the PC, or using a reinstall disk that came with the PC or which was created when the PC was first run*).

And then reload all the necessary apps from the installation disks** and then reinstate the files/photos etc. from the backups that were made***

* This WAS done, wasn't it?
** The installation disks ARE available, aren't they?
*** Your mate DOES have backups, doesn't he?

Thanks.

No she doesn't have back ups

Are all her documents "funked" too?

So basically....... "bin it"?

GunJack · 15 May 2014 at 12:57PM

glicky wrote: »

Thanks.

No she doesn't have back ups

Are all her documents "funked" too?

So basically....... "bin it"?

no, not bin it, the pc will work again AFTER a complete re-install of the operating system (whichever version of windows was on it)...

....but all her pics/music/docs stored on it are funked....

GunJack · 15 May 2014 at 1:00PM

IF there's a recovery partition on the hdd, you could reinstall from that, then use CCleaner's free space wiper to wipe the rest of the drive to ensure no trace is left of the actual virus...

glicky · 15 May 2014 at 1:21PM

GunJack wrote: »

IF there's a recovery partition on the hdd, you could reinstall from that, then use CCleaner's free space wiper to wipe the rest of the drive to ensure no trace is left of the actual virus...

There is a recovery drive on the computer but it looks like it's infected that because on there it says Decrypt Instructions

GunJack · 15 May 2014 at 1:28PM

oh well, shame - sometimes they escape the initial infection

If you supply the full make & model of the laptop a certain niftydigits may be able to find a machine-specific windows installation disk for it

... you may need to PM him

Cryptowall Virus

Comments

Confirm your email address to Create Threads and Reply

🚀 Getting Started

Categories

Is this how you want to be seen?

Get our FREE Weekly email full of deals & guides - and it’s spam-free