Title: CryptoDefense
Type: Ransomware
Also known as: CryptoDefense virus

Remove CryptoDefense
Removal instructions

 
Severity scale:CryptoDefense severity is 100  (100 / 100)
 

CryptoDefense (also known as HOW_DECRYPT.txt) is a very dangerous cyber infection, which belongs to ransomware category. The most important thing about this virus is that it can encrypt all your text files, videos, office documents and similar data. According to experts, CryptoDefense is still incapable to affect Macs but it can easily attack all Windows versions, such as Windows XP, Windows Vista,Windows 8, etc. Similarly to previous ransomwares, this variant displays a huge alert after taking over its target PC system. This warning claims that all files were encrypted by CryptoDefense Software and says that the victim needs to obtain the private key in order decrypt them. Of course, this service is not for free – scammers ask paying $500 in bitcoins. If you fail to pay, they promise that after 4 days the ransom will be doubled.

How can CryptoDefense infect my computer?

Unfortunately, there is still no method to decrypt files that were encrypted by CryptoDefense virus. Even restoring files via backup fails. That's why it's very important you to understand how to avoid this ransomware. The most important thing in this situation is to ignore all unfamiliar emails that typically report about nonexisting purchases, payments and similar things could make people click on the malicious link. Similarly to CryptorBit and CryptoLicker viruses, it may also enter you PC in a bundle with fake Flash and Java updates, so ignore all unexpected alerts offering downloading them for free. As soon as CryptoDefense virus enters the system, it encrypts data files and starts showing this notification:

All files including videos, photos and documents on your computer are encrypted by CryptoDefense Software.

Encryption was produced using a unique public key RSA-2048 generated for this computer. To decrypt files you need to obtain the private key.

The single copy of the private key, which will allow you to decrypt the files, located on a secret server on the Internet;
the server will destroy the key after a month. After that, nobody and never will be able to restore files.

(...)

CryptoDefense instructs people how they can pay the ransom and purchase a tool for decryption. For that, they need to visit specific site, enter their unique key and then reveal how much bitcoins they need to pay. As we have said, delaying this may increase the amount of ransom and instead of 500 dollars you may have to pay a 1000 dollars in bitcoins. 

How to remove CryptoDefense virus?

As we have already mentioned, users can't restore the connection to their files by using System Restore when infected with CryptoDefense virus. They can only prevent their infiltration by installing reliable anti-malware tools that will help them block malicious sites and fraudulent downloads. Our recommended applications are SpyHunter, STOPzilla or Malwarebytes Anti Malware. For bypassing system's block, you can try following these steps:

  1. Reboot you infected PC to 'Safe mode with command prompt' to disable virus (this should be working with all versions of this threat)
  2. Run Regedit
  3. Search for WinLogon Entries and write down all the files that are not explorer.exe or blank. Replace them with explorer.exe.
  4. Search the registry for these files you have written down and delete the registry keys referencing the files.
  5. Reboot and run a full system scan with updated anti-spyware.

However, if this works for you, it works just for unblocking computer..

We highly recommend thinking about the prevention of such infections. For that you can use previously mentioned programs. Besides, don't forget to think about the immunity of your files and backup. For that you can use USB external hard drives, CDs, DVDs, or simply rely on online backups, such as Google Drive, Dropbox, Flickr and other solutions.

Finally, read this post and know more details how to avoid Cryptolocker and other ransomware viruses:

Trying to avoid ransomware or make it useless? Here are some tips.



Automatic CryptoDefense removal:

It might be that we are affiliated with any of our recommended products. Full disclosure can be found in our Agreement of Use.
By downloading any of provided Anti-spyware software to remove CryptoDefense you agree with our Privacy Policy and Agreement of Use.
SpyHunter is recommended remover to uninstall CryptoDefense. You should confirm using free trial that it detects current version of parasite.

Note: Manual assistance required means that one or all of removers were unable to remove parasite without some manual intervention, please read manual removal instructions below.

If you failed to remove CryptoDefense using SpyHunter, submit question to our support team and provide as much details as possible.
dot
STOPzilla
download
manual required
We are testing STOPzilla's efficiency at removing CryptoDefense (2014-03-20 04:17:13)
dot
Malwarebytes Anti Malware
download
manual required
We are testing Malwarebytes Anti Malware's efficiency at removing CryptoDefense (2014-03-20 04:17:13)
dot
XoftSpySE Anti Spyware
download
manual required
We are testing XoftSpySE Anti Spyware's efficiency at removing CryptoDefense (2014-03-20 04:17:13)
dot
Defender Pro Ultimate
download
manual required
We are testing Defender Pro Ultimate's efficiency at removing CryptoDefense (2014-03-20 04:17:13)

what to do if you failed to remove the infection?
Virus Removal
Phone Support
Help Line to remove CryptoDefense
CryptoDefense snapshot:

CryptoDefense manual removal:

Kill processes:
[random].exe
Delete files:
[random].exe

QR code for CryptoDefense removal instructions:

CryptoDefense qrcode
QR is short for Quick Response. They can be read quickly by the mobile phones. QR codes can store more data than standard barcodes, including url links, geo coordinates, and text.

The reason we add QR code to the website is that parasites like CryptoDefense are really hard to remove on infected computer. you can quicly scan the QR code with your mobile device and have manual removal instructions to uninstall CryptoDefense right in your pocket.

Simply use the QR scanner and read removal instructions from mobile device.

Removal guides in other languages

Information added: 2014-03-20 04:18:59
Information updated: 2014-03-20 04:18:59

Additional resources:

Attention: If you know know a reputable website reated to security threats, please add a link here: add url

0
0
YTK
When you put a insert thumbdrive into the Cryptodefense infected PC, a file "sex-video2" , which is supposed to contain a link to the video, is written onto the thumbdrive. If you delete it, the malware writes the file again later. This must be how it infects other computers if you insert into other computers and click on it

Post Comment:

Attention: Use this form only if you have additional information about CryptoDefense parasite, its removal instructions, additional resources or behavior. By clicking "post comment" button you agree not to post any copyrighted, unlawful, harmful, threatening, abusive, harassing, defamatory, vulgar, obscene, profane, hateful, racially, ethnically or otherwise objectionable material of any kind.
Home page Name



«


* All field required
Like us on Facebook
Latest spyware news:
Subscribe to spyware news
Please enter your e-mail address:
If you do not want to receive our spyware
newsletter please unsubscribe here
48602 Subscribers
Ask us
I failed to remove CryptoDefense using SpyHunter.

Email


Close

Spreading the knowledge:

It is very hard to fight against computer parasites on the Internet alone. If you have a website, we would be more than happy if you would like to cooperate and help us spread the information about latest threats. Remember, knowledge is the most powerful weapon. Help your visitors protect their computers!
add text box
rss feed
help other