Home computer XP connected to home network now infected with CryptoWall 3.0
Unsure if CryptoWall 3.0 finished its job 100 % because I have taken the following steps before I discovered what I had.
Unknowingly suspected something was wrong when computer was slow, saw in task manager two programs running hogging cpu, eg. 2I.tmp and 3o.tmp and later 6o.tmp, which I cancelled from the task manager.
found the following entries in the windows startup, which I removed
Then disconnected computer from home network and internet, and restarted in safe mode.
have the following entries now in windows startup
- HELP_DECRYPT.HTML, etc
Did start to delete the HELP_DECRYPT files, before discovering what I had.
Also deleted the f2fd65c7.exe file and other foreign random name folders and *.exe in the same folder, before discovering what I had.
Here are my questions :
Should I reinstate what I have deleted ?
Any backups I had were on the external hard drive which also seems to be encrypted.
I understand from research that the only solution is to pay the ransom, but is this solution 100 % reliable ?
Should this malware be removed before or after paying the ransom ?
Is there software than can list all my infected files ? ie. am I 100 % infected since I deleted the above programs ?
Now that I am in Safe Mode has the malware stopped running.
Can an Apple laptop be infected if connected to the network ?
Can Android phones using the home wife be infected ?
Apart from backups, what future steps can be taken to avoid this ransomware installing itself again ?
Appreciate your advice