You are welcome to discuss various security topics with our professional team and other users like you!
Read our Registration Agreement and create your FREE account here!

*

rikstaparr

  • *
  • 1
  • +0/-0
      • View Profile
New Cryptowall 2016 - RSA-0496 - How to remove please?
« on: March 04, 2016, 07:48:57 pm »
Hi

First post here, hoping someone can help. I have a Win 7 laptop infected with a form of Cryptowall Ransomware. I have tried a few removal programs such as SpyHunter but none detect it. All .JPG files encrypted. I know there are loads of stuff out there about this, but this version seems to differ. Attached is a shot of the files located in the root of all the users folders. If anyone can recommend some software to remove this it would be appreciated. Thanks in advance.

Rik
« Last Edit: May 25, 2018, 04:14:04 pm by sensadmin »

*

Execute

  • *****
  • 388
  • +55/-0
  • Your friendly neighbourhood IT guy
      • View Profile
Re: New Cryptowall 2016 - RSA-0496 - How to remove please?
« Reply #1 on: March 07, 2016, 10:48:07 am »
@rikstaparr,
unfortunately this fairly new variant of CryptoWall uses a lot of different Trojan horse viruses to spread its payload.
So removal programs have to detect each newly generated Trojan horse to put it in their database.

Keep on scanning with the removal tools you have and update them frequently.
They should have the Trojan horse in their definitions already.
Or if not - try sending them a sample if they have such an option in the settings menu.

For now there is no known decryption.

But you can read more about it in this article and check it for updates:
http://sensorstechforum.com/remove-cryptowall-variant-rsa-4096-and-restore-jpg-encrypted-files/

Best Regards,
Execute