A customer handed me a computer that was infected with Cryptowall 2.0
With this message:
I cleaned the computer of the virus portion of the problem, but unfortunately as on many sites explaining this issue:
In the several guides on the Net, the best one in my opinion is this one: http://www.bleepingcomputer.com/virus-removal/cryptowall-ransomware-information
I was hoping it would be Cryptolocker, as it can be recovered Brian Krebs has the link https://decryptcryptolocker.com/ It is a site by FireEye and Fox-IT which recovers the encrypted files by Cryptolocker.
Both of these Malware/viruses are of a variant called “Ransomware” as they encrypt your files and then expect you to pay a sum of money (like $500) to get to recover your files.
Unfortunately for the person who handed me a computer his anti-malware software was AVG 2011. It did register the offending software but did not stop it.
Please do the due diligence and update your anti-malware software:
even though Symantec says over 50% of all viruses will not be caught by your AV software, it is still important to get the full percentage point coverage with the latest software.
Do not just update definition files, make sure the whole software is updated.
As mentioned in a previous post I use Malware Bytes(10/14 post).
so as in headline your choice is simple, either you update antivirus(AV) and antimalware software or eventually you get infected. (you may get infected even with AV tools)
On the off-chance that this disastrous event actually happened to you – I am always trying to find ways to help people, so a File recovery potential solution may be Kroll Ontrack data recovery services. I have not actually contacted them, but they profess to having recovered files from viruses. Contact me to let me know your experiences.