Ransomware: normally I try not to post this kind of superduper ultra-geeky thing in GD but....
ransomware is a huge threat.
XPost from CHaS:
http://www.democraticunderground.com/109517121
CryptoWall ransomware removal instruction and ways to restore the encrypted files
http://pcfixhelp.net/viruses/2878-how-to-remove-cryptowall-virus-and-restore-encrypted-files
CryptoWall is the malicious software that was developed by hackers to earn money in illegal way. Actually, this software penetrates user’s PC and encrypts all text and image files on it. After that, user receives a message with ransom. In general, the message says: “Give your money, or we will destroy the encrypted files.” This scheme isn’t 100% efficient, because some users just don’t store the important files on unprotected computers. This business is really profitable for hackers, and they develop the new versions of such programs every month. All ransomware with “crypto-“ prefix in its name is just another version of CryptoWall. If your PC was infected by one of these programs – we have good news for you. It’s curable, and you have good chances to restore your data without paying a ransom.
How CryptoWall Virus works
CryptoWall, as any other ransomware, is very dangerous. But when it isn’t installed on your PC it’s not more than usual virus, which can be stopped in usual ways. It gets into your computer with emails, from free file-sharing services and other suspicious websites. The knowledge of basic principles of internet-security will help you to avoid all websites, from which CryptoWall can get into your system. Any kind of anti-viral programs also will be helpful to prevent the infection.
But is the virus already is in your system, and you received a message – then the work is done. All files are encrypted and you have to deal with it in some way. The message says that files couldn’t be decrypted, and you have only one option: to pay a ransom (between 500 and 1000 dollars). These scammers lie, and you have not one, but three techniques that will help you to regain your data. But these techniques are not related to decryption. It’s actually impossible to decrypt such cipher without a key, because the algorithms of encryption, used by CryptoWall (RSA-2048, RSA-4096 and AES-128) are perfect. You can possibly bruteforce it, but it will take thousands of years for each file. But, the techniques, which we talked about, are related to the hidden functions of your own PC. All these methods are described in the chapter “How to decrypt your files”.
How to remove CryptoWall Virus from the computer
The removal of this virus is very important, but it’s a simple part. And remember: when the virus will be removed, you will lose a chance to restore the files through paying a ransom. So, remove it only if you have another chance to restore data, or you are ready to lose the files completely. Some users think that the removal is equal to decryption. It’s not true. The files will remain encrypted, but the new files will be safe. The removal can be performed manually, or with help of anti-viral software. The manual removal technique is described below this paragraph. If you prefer an automatic removal – we advise you to use SpyHunter. This tool has more than 100K of users around the world, and their PCs are reliably protected from CryptoWall and other similar threats. You will need to purchase this tool, download it and launch a full scan. Click here to download Spyhunter and remove virus automatically.
much more at link
= new reply since forum marked as read
