Remove CryptoDefense
Removal instructions

Severity scale:  
CryptoDefense is also known as CryptoDefense virus | Type: Ransomware | Tags: Ukash

CryptoDefense (also known as HOW_DECRYPT.txt) is a very dangerous cyber infection, which belongs to ransomware category. The most important thing about this virus is that it can encrypt all your text files, videos, office documents and similar data. According to experts, CryptoDefense is still incapable to affect Macs but it can easily attack all Windows versions, such as Windows XP, Windows Vista,Windows 8, etc. Similarly to previous ransomwares, this variant displays a huge alert after taking over its target PC system. This warning claims that all files were encrypted by CryptoDefense Software and says that the victim needs to obtain the private key in order decrypt them. Of course, this service is not for free – scammers ask paying $500 in bitcoins. If you fail to pay, they promise that after 4 days the ransom will be doubled.

How can CryptoDefense infect my computer?

Unfortunately, there is still no method to decrypt files that were encrypted by CryptoDefense virus. Even restoring files via backup fails. That's why it's very important you to understand how to avoid this ransomware. The most important thing in this situation is to ignore all unfamiliar emails that typically report about nonexisting purchases, payments and similar things could make people click on the malicious link. Similarly to CTB LockerCryptorBit and CryptoLocker viruses, it may also enter you PC in a bundle with fake Flash and Java updates, so ignore all unexpected alerts offering downloading them for free. As soon as CryptoDefense virus enters the system, it encrypts data files and starts showing this notification:

All files including videos, photos and documents on your computer are encrypted by CryptoDefense Software.

Encryption was produced using a unique public key RSA-2048 generated for this computer. To decrypt files you need to obtain the private key.

The single copy of the private key, which will allow you to decrypt the files, located on a secret server on the Internet;
the server will destroy the key after a month. After that, nobody and never will be able to restore files.


CryptoDefense instructs people how they can pay the ransom and purchase a tool for decryption. For that, they need to visit specific site, enter their unique key and then reveal how much bitcoins they need to pay. As we have said, delaying this may increase the amount of ransom and instead of 500 dollars you may have to pay a 1000 dollars in bitcoins. 

How to remove CryptoDefense virus?

As we have already mentioned, users can't restore the connection to their files by using System Restore when infected with CryptoDefense virus. They can only prevent their infiltration by installing reliable anti-malware tools that will help them block malicious sites and fraudulent downloads. Our recommended applications are SpyHunter, STOPzilla or Malwarebytes Anti Malware. For bypassing system's block, you can try following these steps:

  1. Reboot you infected PC to 'Safe mode with command prompt' to disable virus (this should be working with all versions of this threat)
  2. Run Regedit
  3. Search for WinLogon Entries and write down all the files that are not explorer.exe or blank. Replace them with explorer.exe.
  4. Search the registry for these files you have written down and delete the registry keys referencing the files.
  5. Reboot and run a full system scan with updated anti-spyware.

However, if this works for you, it works just for unblocking computer..

We highly recommend thinking about the prevention of such infections. For that you can use previously mentioned programs. Besides, don't forget to think about the immunity of your files and backup. For that you can use USB external hard drives, CDs, DVDs, or simply rely on online backups, such as Google Drive, Dropbox, Flickr and other solutions.

Finally, read this post and know more details how to avoid Cryptolocker and other ransomware viruses:

Trying to avoid ransomware or make it useless? Here are some tips.

Automatic CryptoDefense removal:

It might be that we are affiliated with any of our recommended products. Full disclosure can be found in our Agreement of Use.
By downloading any of provided Anti-spyware software to remove CryptoDefense you agree with our Privacy Policy and Agreement of Use.
remover for CryptoDefense
Compatible with OS X
Webroot SecureAnywhere AntiVirus is recommended remover to uninstall CryptoDefense. You should confirm using free trial that it detects current version of parasite.
Not using OS X? Download a remover for Windows.
Do it now!
remover for CryptoDefense Happiness
Compatible with Microsoft
SpyHunter is recommended remover to uninstall CryptoDefense. You should confirm using free trial that it detects current version of parasite.
more than 40.000.000 downloads!
What to do if you failed to remove the infection?
If you failed to remove CryptoDefense using Webroot SecureAnywhere AntiVirus SpyHunter, read here how to submit a support ticket or submit a question to our support team and provide as much details as possible.

Alternate Software

We are testing STOPzilla's efficiency at removing CryptoDefense (2014-03-20 04:17:13)
Malwarebytes Anti Malware
We are testing Malwarebytes Anti Malware's efficiency at removing CryptoDefense (2014-03-20 04:17:13)
XoftSpySE Anti Spyware
We are testing XoftSpySE Anti Spyware's efficiency at removing CryptoDefense (2014-03-20 04:17:13)
Defender Pro Ultimate
Virus Removal Phone Support
Help Line to remove CryptoDefense

CryptoDefense screenshot

CryptoDefense virus snapshot

CryptoDefense manual removal

Kill processes:
Delete files:

Removal guides in other languages

Information added: 05/25/15 04:05; information updated: 05/25/15 04:05

Additional resources

Attention: If you know know a reputable website reated to security threats, please add a link here: add url

Comments on CryptoDefense

When you put a insert thumbdrive into the Cryptodefense infected PC, a file "sex-video2" , which is supposed to contain a link to the video, is written onto the thumbdrive. If you delete it, the malware writes the file again later. This must be how it infects other computers if you insert into other computers and click on it

Post a comment

Attention: Use this form only if you have additional information about CryptoDefense parasite, its removal instructions, additional resources or behavior. By clicking "post comment" button you agree not to post any copyrighted, unlawful, harmful, threatening, abusive, harassing, defamatory, vulgar, obscene, profane, hateful, racially, ethnically or otherwise objectionable material of any kind.

Home page Name


(All fields are required)
Like us on Facebook
Recent Malware
Read on mobile
Press Mentions
I failed to remove CryptoDefense using SpyHunter.


add text box
rss feed
help other
Spreading the knowledge: It is very hard to fight against computer parasites on the Internet alone. If you have a website, we would be more than happy if you would like to cooperate and help us spread the information about latest threats. Remember, knowledge is the most powerful weapon. Help your visitors protect their computers!