Jump to content


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.


Windows 7 Restore Points

  • Please log in to reply
3 replies to this topic

#1 TechWannaB


  • Members
  • 1 posts
  • Gender:Male
  • Local time:02:15 AM

Posted 18 September 2014 - 01:30 PM

I have a really bad problem.  I got the CryptoWall virus/Ransomware.  I will not pay the ransom, but I did download and install R-Studio.  I learned of this application while researching about CryptoWall.  I have recovered a-lot of restore points and want to copy them to the Proper directory "System Volume Information" and sub directories.  However, I can't seem to recognize them after putting them there.  Please help as I am not to knowledgeable and in over my head here. 


thanks in advance for any advice.

Edited by hamluis, 18 September 2014 - 02:35 PM.
Moved from Win 7 to Gen Security - Hamluis.

BC AdBot (Login to Remove)


#2 dc3


    Bleeping Treehugger

  • Members
  • 30,756 posts
  • Gender:Male
  • Location:Sierra Foothills of Northern Ca.
  • Local time:12:15 AM

Posted 18 September 2014 - 01:52 PM

You should open a topic in the Virus, Trojan, Spyware, and Malware Removal Logs forum.
Before posting your topic there you will need to read and follow the instructions in the Preparation Guide For Use Before Using Malware Removal Tools and Requesting Help.
This forum is always busy, for this reason it may take a couple of days before a member of the Malware Removal Team will be able to get to your topic.  Do not add anything once you have posted your log.  The Malware Removal Team members look for topics which have not been addressed, if you post any additional information it will make it appear that the topic is being addressed.
After you have posted your new topic a Moderator will close this topic.  

Family and loved ones will always be a priority in my daily life.  You never know when one will leave you.





#3 rp88


  • Members
  • 3,067 posts
  • Gender:Not Telling
  • Local time:08:15 AM

Posted 18 September 2014 - 03:59 PM

NEVER pay a ransom to a scumbag, it only makes them come back for more. The problem is that unlike a country refusing to pay a ransom you don't have an equivalent of special forces that you can send in to exact justice upon the people handing out that horrific virus, maybe there should be some kind of open source hunting and punishing of the creators of ransomware. If it is out of police jurisdictions perhaps the people should take the fight to the criminals. There would be a lot less viruses of an angry mob of their neighbours came round to the house of malware creators and gave them a piece or two of many thousands of angry minds.

Back on this site, for a while anyway, been so busy the last year.

My systems:2 laptops, intel i3 processors, windows 8.1 installed on the hard-drive and linux mint 17.3 MATE installed to USB

#4 quietman7


    Bleepin' Janitor

  • Global Moderator
  • 51,932 posts
  • Gender:Male
  • Location:Virginia, USA
  • Local time:03:15 AM

Posted 18 September 2014 - 04:32 PM

A repository of all current knowledge regarding CryptoWall is provided by Grinler (aka Lawrence Abrams), in this tutorial: CryptoWall and DECRYPT_INSTRUCTION Ransomware Information Guide and FAQ

Reading that Guide will help you understand what CryptoDefense does and provide information for how to deal with it and possibly decrypt/recover your files. At this time there is no fix tool for CryptoWall.

There is also a lengthy ongoing discussion in this topic: CryptoWall - new variant of CryptoDefense. Rather than have everyone start individual topics, it would be best (and more manageable for staff) if you posted any questions, comments or requests for assistance in that topic discussion.
...from the above topic.

CryptoWall victims,

If you are thinking about paying the ransom, have decided to pay, or want to help test a few things for me, Please email me at Decryptorbit@outlook.com or PM me first.

There may be other options for you, or can receive assistance with the infection.

Nathan (DecrypterFixer), Security Colleague Post #273

The BC Staff
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users