arkmat
asked on
A workstation in my workgroup has been hit with Cryptowall.
A workstation in my workgroup has been hit with Cryptowall, Files are encrypted and demanding ransom. I know that it is a lost cause. Format and reinstall scheduled, but the workstation has several mapped drives as do all of the workstations. How can I tell if the Crypto has spread to any other workstations or server and might be encrypting in the background or does it work that way?
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Correction on my last comment. The link is actually to the download page for the utility. The artice about it that has the link is here: http://www.bleepingcomputer.com/virus-removal/cryptowall-ransomware-information
Ransomware: Prevention is the only solution
In your case, note especially section B. NETWORK SHARES. Good luck! Regards, Joe