CryptoWall 3.0 Virus Alert!!

[Hawk]

I've just been hit by the Ransom Virus "CryptoWall 3.0" 

I wondered why my HDD was almost continually working. I thought it was windows doing it's catalogue indexing after I updated windows!

This virus Encrypts all data on your HDD and then sends you a ransom note. The encrypted data is apparently irretrievable and I've just lost 3 weeks of all my hard work!!  They need to start finding these IDIOTS and string them up in public by their BALLS!!!!!

Now I've got to do a total fresh OS re-install. 

Back up your work guys! 

Hawk.

[HornetMaX]

Rule #1: when you visit .. heemm ... "unsafe" websites, use Sandboxie (http://www.sandboxie.com/).

The ransomware will only encrypt the content of the sandbox (i.e. close to nothing and surely nothing important).

MaX.

[JamoZ]

In order for such a virus to do its work, you`ve surely have to install or open something right? In all my years of visiting obscure websites i`ve never been hit by anything more then a unwanted toolbar, startpage or some other form of light malware.

Tough luck Hawk

[Napalm Nick]

Damn shame Hawk  and I know this is too late but...

My top tip for backup is just to take a simple system image using windows 7/8/10 system image backup onto an external drive at regular intervals. If HDD fails or virus wipes just load up the image with the OS recovery disk (that you create)  and you are up and running in less than the time for a cup of tea.

No need for external programs its all built in already and it is simple. Another example is I just upgraded my SSD from 120 - 240Gb. Took an image, popped in the 240, loaded the image on it, boom racing again. 

Do it today, tomorrow will be too late - you know its true.

[HornetMaX]

In order for such a virus to do its work, you`ve surely have to install or open something right?

Not necessarily. There are so many vulnerabilities around (flash, java, the browsers, adobe fonts, whatever) that it becoming ridiculous ...

MaX.

[Hawk]

In order for such a virus to do its work, you`ve surely have to install or open something right?

Not necessarily. There are so many vulnerabilities around (flash, java, the browsers, adobe fonts, whatever) that it becoming ridiculous ...

MaX.

All I did since getting back online was install a new version of Adobe Flash Player, the latest graphics card driver, and the latest WinTV V8 driver. I turned off my anti virus to get the WinTV driver to install properly, but thinking about it, I think maybe it was installing the Adobe Flash driver that did it, because I installed it from a pop-up notification and I've been hit by a irritating(but not harmful) virus before when installing from an apparently bogus Flash pop-up new driver notification.
First time I've been hit by a fatal system virus in all my computing years! Just would have to have been right now when I had a lot of work done without backing it up. 

Anyway.... A hard lesson learned and thanks for the comments and advice guys. Appreciated. 

Hawk.

[Napalm Nick]

Despite the WinTV installation with AV disabled suggests this was the door to the Virus it wasn't and sometimes this has to be done.

Modern Crypto virus in all its various forms are usually deployed by rogue flash and Java installs. You got yours from this Flash pop-up I am 99.999% sure.

Never update anything from a pop up - ever, no matter how much it is appealing to your "that's handy and its free" human nature.

Make sure you have the latest Flash from get.adobe.com and latest Java from Java.com no where else - ever. In fact if you don't need Java get rid. Allow their auto check for new versions during install.

All software - from the manufacturers website only!

I am sorry for your loss   its not your fault. A PC is a tool and like other tools we shouldn't have to worry about being scammed when we use it. However, if anyone pays the fee to recover their data then they are part of the problem.

[HornetMaX]

Installing from a pop-up ? You mean you don't  have a pop-up blocker ? Man, really ...

MaX.

[Hawk]

Absolutely agree with what you say there above Nick. I'm sure it was the Flash pop-up install that let the virus in too.

Actually I have flash flagged to notify me of any updates, but usually I just close the pop-up and, as Nick says, go direct through the official websites, but this pop-up came at a busy time for me so I took the easy way out and just clicked for it to install(I'll never do that again). I should've known better for sure, because I've been stung in the past by the same scam but it only installed a non-fatal virus which was quickly dealt with.

@Max: Yes I do have the windows pop-up blocker active(not the best pop-up blocker I know) which deals with most pops-ups, but then again I don't suffer from irritating pop-ups hardly at all so.... 
Actually the flash player update pop-up did come up very often - too often for usual update periods for my liking. I think next time I update I will flag it to not notify me and just rely on myself to visit the official site and update whenever I see a new update there; after all, flash player updates are not vitally important to have the latest updates as soon as they are released so...

Thanks guys. 


Hawk.

[Napalm Nick]

Just beware that you normally get a Java or Flash update to seal a hole that a hacker has found and compromised, rather than any performance update, these days (more true for Java than flash but...). How long you go without that hole sealed depends if you update at release or when you get round to it. 

[HornetMaX]

Just beware that you normally get a Java or Flash update to seal a hole that a hacker has found and compromised, rather than any performance update, these days (more true for Java than flash but...). How long you go without that hole sealed depends if you update at release or when you get round to it. 

Actually between java and Flash, Flash is probably the worst of the two.
Probably one of the visionary things that S.Jobs did/said: get rid of flash asap.

MaX.

[Hawk]

Just beware that you normally get a Java or Flash update to seal a hole that a hacker has found and compromised, rather than any performance update, these days (more true for Java than flash but...). How long you go without that hole sealed depends if you update at release or when you get round to it. 

Point noted Nick. Thanks mate. 

Hawk

[Hawk]

Just beware that you normally get a Java or Flash update to seal a hole that a hacker has found and compromised, rather than any performance update, these days (more true for Java than flash but...). How long you go without that hole sealed depends if you update at release or when you get round to it. 

Actually between java and Flash, Flash is probably the worst of the two.
Probably one of the visionary things that S.Jobs did/said: get rid of flash asap.

MaX.

I couldn't agree with you more Max..... I HATE Flash, especially when it's being used for website builds and animated/movie flash advert-banners.... I hate flash with a passion! Websites should go back to being built purely with HTML and normal graphics, they used to work a lot better and respond faster too.

Hawk.
PS: Flash for movies or games is okay with me. Thought I'd just say that in a small defence of what flash should stick to with developers. 

[Napalm Nick]

But Flash saved the universe, we should always remember that.

[HornetMaX]

But Flash saved the universe, we should always remember that.

Yeah, as the Queen used to say: Flash ... hahaaaaa ...

MaX.