Jump to content

Cryptowall, dns problem

cistern_eve
 Share

Recommended Posts

  • Replies 59
  • Created
  • Last Reply

Top Posters In This Topic

Popular Days

Top Posters In This Topic

Popular Days

Posted Images

cistern_eve

cistern_eve

Posted
  • Author
Posted

Dear Kevin,

 

Hopefully things are visible here. The ISP went out after I ran the update (unrelated) and I needed to leave, so I took a few pictures with my phone before I left. This is what happens after I ran windows update: post-167316-0-74334500-1406260104_thumb.

 

Error code is 80070663, the message is different than before the reboot: "some updates were not installed." When you "view update history," you see this:

 

post-167316-0-88761300-1406260149_thumb.

 

Before the reboot, it did not include the two entries, but was empty.

 

Thank you!

 

CE

Link to post
Share on other sites
cistern_eve

cistern_eve

Posted
  • Author
Posted

Dear Kevin,

 

This troubleshooter gives the following on completion:

 

Issues found
Service registration is missing or corrupt
Fixed
Reset service registration
Completed
Windows Update error 0x80070057(2014-07-25-T-09_46_30A)
Not Fixed
Resetting Windows Update data store
Completed
Problems installing recent updates
Fixed
Repair Windows Update
Completed
Problems installing recent updates
Fixed
Repair Windows Update
Completed

 

Running windows update results in the following error:

 

"Windows could not search for new updates"

Code 80072EE2

 

Thank you,

CE

 

 

Link to post
Share on other sites
cistern_eve

cistern_eve

Posted
  • Author
Posted

Dear Kevin,

I eventually took this issue to MS support. They determined after extensive testing that these updates do not apply to this computer and removed them from the update cue. All other updates install fine and windows update now responds with "windows is up to date"

Are there next steps you had in mind?

Do you have suggestions about file recovery programs? I have photorec ready to go. I tried ShadowExplorer, which does not pull up anything.

Thank you !

CE

Link to post
Share on other sites
kevinf80

kevinf80

Posted
Posted

Unfortunately any data encrypted with the type of infection you had is not recoverable, the only known way is to decrypt with the key supplied if/when you pay the ransom. A good lesson to learn is to keep back ups to an external media source (such as external HD)

 

Run the following to clean up tools we have used etc....

 

Download "Delfix by Xplode" and save it to your desktop.

 

"Delfix link mirror"

 

Double Click to start the program. If you are using Vista or higher, please right-click and choose run as administrator

 

Make Sure the following items are checked:

 


    Activate UAC
    Remove disinfection tools
    Create registry backup
    Purge System Restore
    Reset system settings

 

Now click on "Run" and wait patiently until the tool has completed.

 

The tool will create a log when it has completed. We don't need you to post this.

 

Part of the routine will be to create a registry back up with ERUNT,  the back up will be created here:

 

C:\Windows\ERUNT

 

When all is known to be well with your system you can delete that back up folder if you consider it as not needed...

 

Next,

 

Read the following link to fully understand PC security and best practices, you may find it useful....

 

http://www.bleepingcomputer.com/forums/t/407147/answers-to-common-security-questions-best-practices/#entry2316629

 

Kevin

Link to post
Share on other sites
  • 2 weeks later...
  • Root Admin
AdvancedSetup

AdvancedSetup

Posted
  • Root Admin
Posted

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites
Guest
This topic is now closed to further replies.
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.