Dear Geeks,
I've recently had some problems with the cryptowall virus, or "save_your_files virus".
I followed many different procedures, which I've found on the net, trying to avoid the fake ones.
Please, mind that currently I have no important files on this pc, so I don't need to restore them (which seems to be the real problem). I just want to have a 100% healthy pc.
What I tried:
The number 5 of this guide
https://malwaretips....ncrypted-virus/
which is to say:
-Malwarebytes (it found cryptowall -about 6 different files- and removed it)
-Hitman (for a doublecheck, it found only one issue, which I think wasn't correlated with the virus)
Safe mode
I found many videos that suggested this solution. In my OS (Windows 8.1) I didn't find the same path that they showed.
I followed 2 different paths:
1) Local Machine -> software -> Microsoft -> Run (which was empty in my case, and in many videos wasn't)
2) Current User (or something like that) -> software -> Microsoft -> (here one video found a folder named "cryptowall", nothing like this happened to me) - Run (which was empty in my case, and in many videos wasn't)
So I didn't really found anything useful (maybe because Malwarebyte had already deleted them?)
This Guide
http://www.wintips.o...yptowall-files/
which is to say:
-Roguekiller to stop the virus running the processes (it didn't find anything)
-Malwarebytes (as I had just run it, I didn't repeat it)
-Deleting temporary folders
Now, I don't really know if I've get rid of the virus itself. If i run again any antimalware, they don't find anything. On the other hand, when I start the pc there are still some popups, such as the image and the html file.
I could maybe eliminate them going to the starting processes, but as they could be a signal of the virus' presence I didn't do it yet,
Can you help me? Do you think i still have the virus or not? How to resolve best the problem (and the popups)?
Thank you
Edited by Aarcam, 06 December 2015 - 09:27 AM.