I have been struck by the WRUI Ransomware Virus. Most of my documents and photos are backed up, but my videos and extensive music collection is encrypted. Apparently here is no solution yet to decrypt these files without the (online) key.
In the meanwhile my PC is running OK now after an offline cleanup with a Comodo boot disc and several on-line scans. BUT, after merging them with the registry, the following registry keys (see https://www.tenforums.com/tutorials/57567-restore-default-services-windows-10-a.html) get removed after reboot:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SecurityHealthService
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wscsvc
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sense
What is causing this?
Thanks
PS (Comodo and MalwareBytes and Windows Defender are running on my PC)
In the meanwhile my PC is running OK now after an offline cleanup with a Comodo boot disc and several on-line scans. BUT, after merging them with the registry, the following registry keys (see https://www.tenforums.com/tutorials/57567-restore-default-services-windows-10-a.html) get removed after reboot:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SecurityHealthService
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wscsvc
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sense
What is causing this?
Thanks
PS (Comodo and MalwareBytes and Windows Defender are running on my PC)