I got hit by a cryptowall.
The computer hit by the cryptowall was my gaming PC so there was no data files to lose. What I want to know is the next thing: can the cryptowall virus move from the PC to external drives which had been connected to the infected PC? Or it merely encrypts all data files on any drive connected to the infected PC and that's it?
Basically, I want to know whether (and how) it can spread. Once I noticed I was hit by a cryptowall, I removed immediately any external device from the infected PC and installed a clean Windows + I have formatted all the other non-system drives (the PC had three internal drives)? Is that enough? I had an external HDD connected to it when the infection occurred; if any files on it got encrypted is irrelevant, but could the virus have moved on it as well or does it stay on the operating system it infected at the onset? The external HDDs had rar, iso and png files on it.
I couldn't care less about their ransom. What I want is to avoid spreading it to other systems and external device by ignorance, as I am not very familiar with how Cryptowall works.
Edited: After some reading through the forums, it seems the virus was Teslacrypt version 8, as the encrypted files had the .vvv extension. That should make the answers to my questions easier.
Feel free to move this post to the appropriate thread (I started a new thread because I did not know exactly what kind of ransomware it was).
Edited by DukeBob, 23 December 2015 - 07:51 PM.