Browsed by
Tag: virus

Cryptowall: Remove and delete encrypted files

Cryptowall: Remove and delete encrypted files

These are the steps I’m going to be taking to remove the Cryptowall Virus and restoring my files to their previous state.

At present, I have the following means at my disposal.

  • System restore – Including restore shadow volumes
  • Online backups – Onedrive/Google drive
  • Offline backups – Solid state drive backups

Using a combination of these, I intend to restore my files to their previous state.

Step 1: Remove Virus:

To get things rolling again, and make my computer safe to use. I’ve to rid myself of the Virus.

Boot-time scan for viruses

Boot-time Scan

Most anti-virus software worth their salt have this option.

Has to be a boot-time scan to unsure your operating system and the connected files are not affected.

For my computer, which has 220GB used on the hard drive, it took around 3 hours.

Malware Bytes Scan

Malware bytes seeks those pieces of not-yet-virus material.

If you want to prevent your computer from getting the infection again, you need to run this.

JRT Scan

Junkware Removal Tool, or JRT.

Similar to Malware bytes, it simply insures that files associated with dubious activities won’t infect your machine in the future.

You may get some false positives with this, so not everyone likes to use it…

These steps are essential to ensure you have a clean system.

Read More Read More

(Visited 12 times, 1 visits today)
Cryptowall takes over my computer

Cryptowall takes over my computer

So….. Turns out the NHS, Fedex and a number of other companies and organisations have been hit by this same Ransomwear virus.

According to Avast, (who I use), there have been infections in 99 countries in the last 2 days.

Apparently, the NHS are still using windows XP on their computers. A 12 year old operating system.

Windows stopped patching XP on April 8, 2014.

That means it’s a sitting duck for systems using XP.

On my cloudflare account, most attacks come from XP computers, simply because they are so easy to commandeer and bend to the wills of evil hackers.

How to fight ransomwear?

If you, like I, did a search on this, “how to fight ransomwear, get rid of it from your computer”, it turns up a number of companies claiming to be able to ‘fix’ your system for exorbitant amounts of money.

I’ve done my own guide to removing ransomwear from your computer.

It works pretty well.

It worked when I got randsomwear, and you can find it here. My guide to removing ransomwear from your computer.



Cryptowall, ever heard of it? I hadn’t until tonight…

…. Watching Lost this evening… I went to open up VLC player, and I noticed that it was taking a long time to start-up.

Opening Process Explorer, I saw the SVChost, (a common windows task), in explorer.exe taking up around 4% of CPU.

Thought nothing of it. I know SVChost runs in the background carrying out important tasks for the operating system.

Watched Lost, (Series 4 Episode 8, ‘The shape of things to come’), as I finished, this PNG was displaying on Windows picture preview.Crytowall Ransomwear

I’d not opened this file. It was telling me Cryptowall, whilst I was watching lost, had encrypted all the files on my computer using RSA-2048 encryption.

My Pictures Library now looks like this….

Read More Read More

(Visited 24 times, 1 visits today)