NOTE TO ALL WINDOWS USERS:
If you’re e-mailing, be very careful what files you open. Cryptowalls are Super-Viruses, and they can ruin all the data on your computer.
Cryptowalls generally come in e-mails as .PDF/.EXE file attachments, asking you to open them for more information about a question posed in an e-mail.
Once you open these files, the malicious code sweeps your computer, encrypting all your files. The infected computer receives a notepad file warning of a $500 USD ransom that goes up to $1000 in seven days. The money must be sent in bitcoins and sent to the e-mail directed.
Once this happen you can’t properly access your files. Photos and Videos won’t open. Text documents are scrambled gibberish. The worst Cryptovirus takes hold of your entire computer.
At the moment, there’s little means of defeating these dangerous viruses besides using extreme caution while navigating the net:
- Only visit protected sites.
- Download programs from third party sites.
- Check the URL of sites. For instance, when banking make sure it’s Chase.com instead of Chase.co.
If you are infected with a Cryptowall, immediately run antivirus/malware programs and delete its notepad files that show up on your computer. The faster you nip the virus in the bud, the less chance it has to encrypt your files.
Unfortunately, even if you get rid of it without payment you can’t decrypt these scrambled files. Your only hope is to have a prior mirror image of your hard drive that you can restore your files with.
Applications such as Shadow Explorer help the process, allowing you to navigate specific folders and manually replace the encrypted files with the previous, accessible shadow files. Additionally, CryptoPrevent adds the software restriction policies to your computer that prevent the Cryptoviruses from showing up in the first place.