CryptoDefense. How to remove? (Uninstall guide)

CryptoDefense is also known as CryptoDefense virus | Type: Ransomware | Tags: Ukash
Severity scale:  
  (100/100)

CryptoDefense (also known as HOW_DECRYPT.txt) is a very dangerous cyber infection, which belongs to ransomware category. The most important thing about this virus is that it can encrypt all your text files, videos, office documents and similar data. According to experts, CryptoDefense is still incapable to affect Macs but it can easily attack all Windows versions, such as Windows XP, Windows Vista,Windows 8, etc. Similarly to previous ransomwares, this variant displays a huge alert after taking over its target PC system. This warning claims that all files were encrypted by CryptoDefense Software and says that the victim needs to obtain the private key in order decrypt them. Of course, this service is not for free – scammers ask paying $500 in bitcoins. If you fail to pay, they promise that after 4 days the ransom will be doubled.

How can CryptoDefense infect my computer?

Unfortunately, there is still no method to decrypt files that were encrypted by CryptoDefense virus. Even restoring files via backup fails. That's why it's very important you to understand how to avoid this ransomware. The most important thing in this situation is to ignore all unfamiliar emails that typically report about nonexisting purchases, payments and similar things could make people click on the malicious link. Similarly to CTB LockerCryptorBit and CryptoLocker viruses, it may also enter you PC in a bundle with fake Flash and Java updates, so ignore all unexpected alerts offering downloading them for free. As soon as CryptoDefense virus enters the system, it encrypts data files and starts showing this notification:

All files including videos, photos and documents on your computer are encrypted by CryptoDefense Software.

Encryption was produced using a unique public key RSA-2048 generated for this computer. To decrypt files you need to obtain the private key.

The single copy of the private key, which will allow you to decrypt the files, located on a secret server on the Internet;
the server will destroy the key after a month. After that, nobody and never will be able to restore files.

(...)

CryptoDefense instructs people how they can pay the ransom and purchase a tool for decryption. For that, they need to visit specific site, enter their unique key and then reveal how much bitcoins they need to pay. As we have said, delaying this may increase the amount of ransom and instead of 500 dollars you may have to pay a 1000 dollars in bitcoins. 

CryptoDefense

How to remove CryptoDefense virus?

 

If you need to remove CryptoDefense from your computer, we highly recommend using a guide below. Also, you should start thinking about the prevention of such infections. For that you can use previously mentioned programs. Besides, don't forget to think about the immunity of your files and backup. For that you can use USB external hard drives, CDs, DVDs, or simply rely on online backups, such as Google Drive, Dropbox, Flickr and other solutions.

Finally, read this post and know more details how to avoid Cryptolocker and other ransomware viruses:

Trying to avoid ransomware or make it useless? Here are some tips.

Automatic CryptoDefense removal:

It might be that we are affiliated with any of our recommended products. Full disclosure can be found in our Agreement of Use.
By downloading any of provided Anti-spyware software to remove CryptoDefense you agree with our Privacy Policy and Agreement of Use.
Download
remover for CryptoDefense
Compatible with OS X
Webroot SecureAnywhere AntiVirus is recommended remover to uninstall CryptoDefense. You should confirm using free trial that it detects current version of parasite.
Not using OS X? Download a remover for Windows.
Do it now!
Download
remover for CryptoDefense Happiness
Guarantee
Compatible with Microsoft
SpyHunter is recommended remover to uninstall CryptoDefense. You should confirm using free trial that it detects current version of parasite.
more than 40.000.000 downloads!
What to do if you failed to remove the infection?
If you failed to remove CryptoDefense using Webroot SecureAnywhere AntiVirus SpyHunter, read here how to submit a support ticket or submit a question to our support team and provide as much details as possible.
Alternate Software
STOPzilla
We are testing STOPzilla's efficiency at removing CryptoDefense (2014-03-20 04:17:13)
Malwarebytes Anti Malware
We are testing Malwarebytes Anti Malware's efficiency at removing CryptoDefense (2014-03-20 04:17:13)
XoftSpySE Anti Spyware
We are testing XoftSpySE Anti Spyware's efficiency at removing CryptoDefense (2014-03-20 04:17:13)
Zemana Antimalware
Virus Removal Phone Support
1-877-657-9614
Help Line to remove CryptoDefense
CryptoDefense screenshot
CryptoDefense virus snapshot

CryptoDefense manual removal

Kill processes:
[random].exe
Delete files:
[random].exe

Manual CryptoDefense Removal Guide

Quick menu:

Method 1. Remove CryptoDefense using Safe Mode with Networking

Step 1: Reboot your computer to Safe Mode with Networking

Step 2
Windows 7 / Vista / XP
  • Click Start Shutdown Restart OK.
  • When your computer becomes active, start pressing F8 multiple times until you see the Advanced Boot Options window.
  • Select Safe Mode with Networking from the list
Select 'Safe Mode with Networking'
Windows 10 / Windows 8
  • Press the Power button at the Windows login screen. Now press and hold Shift, which is on your keyboard, and click Restart..
  • Now select Troubleshoot Advanced options Startup Settings and finally press Restart.
  • Once your computer becomes active, select Enable Safe Mode with Networking in Startup Settings window.
Select 'Enable Safe Mode with Networking'

Step 2: Remove CryptoDefense

Step 3

Log in to your infected account and start the browser. Download SpyHunter or other legitimate anti-spyware program. Update it before a full system scan and remove malicious files that belong to your ransomware and complete CryptoDefense removal.

If your ransomware is blocking Safe Mode with Networking, try further method.

Method 2. Remove CryptoDefense using System Restore

Step 1: Reboot your computer to Safe Mode with Command Prompt

Step 2
Windows 7 / Vista / XP
  • Click Start Shutdown Restart OK.
  • When your computer becomes active, start pressing F8 multiple times until you see the Advanced Boot Options window.
  • Select Command Prompt from the list
Select 'Safe Mode with Command Prompt'
Windows 10 / Windows 8
  • Press the Power button at the Windows login screen. Now press and hold Shift, which is on your keyboard, and click Restart..
  • Now select Troubleshoot Advanced options Startup Settings and finally press Restart.
  • Once your computer becomes active, select Enable Safe Mode with Command Prompt in Startup Settings window.
Select 'Enable Safe Mode with Command Prompt'

Step 2: Restore your system files and settings

Step 3
  • Once the Command Prompt window shows up, enter cd restore and click Enter. Enter 'cd restore' without quotes and press 'Enter'
  • Now type rstrui.exe and press Enter again.. Enter 'rstrui.exe' without quotes and press 'Enter'
  • When a new window shows up, click Next and select your restore point that is prior the infiltration of CryptoDefense. After doing that, click Next. When 'System Restore' window shows up, select 'Next' Select your restore point and click 'Next'
  • Now click Yes to start system restore. Click 'Yes' and start system restore

Step 3: Complete CryptoDefense removal

After restoring your system, you should remove all malicious files that belong to CryptoDefense because they are still on your computer. For that, download SpyHunter and scan your PC.

If you have individual files to decrypt, now it’s time to use Windows Previous Versions feature. For that, select a file, right click on it and select Properties. Now go to Previous Versions tab and look for a restore point of your file. Select it if it’s there and click Restore. Beware! This method is effective only after enabling the System Restore function. Besides, if your ransomware is designed to remove Shadow Volume Copies of the files, it may fail to work for you. In this case, try Photorec or R-studio..

Finally, you should always think about the protection of crypto-ransomwares. In order to protect your computer from CryptoDefense and other ransomwares, use a reputable anti-spyware, such as SpyHunter, STOPzilla or Malwarebytes Anti Malware

If this free removal guide helped you and you are satisfied with our service, please consider making a donation to keep this service alive. Even a smallest amount will be appreciated.

Removal guides in other languages


Information added: 08/07/15 03:45; information updated: 08/07/15 03:45

Additional resources

Attention: If you know know a reputable website reated to security threats, please add a link here: add url

Comments on CryptoDefense

0
0
YTK
When you put a insert thumbdrive into the Cryptodefense infected PC, a file "sex-video2" , which is supposed to contain a link to the video, is written onto the thumbdrive. If you delete it, the malware writes the file again later. This must be how it infects other computers if you insert into other computers and click on it

Post a comment

Attention: Use this form only if you have additional information about CryptoDefense parasite, its removal instructions, additional resources or behavior. By clicking "post comment" button you agree not to post any copyrighted, unlawful, harmful, threatening, abusive, harassing, defamatory, vulgar, obscene, profane, hateful, racially, ethnically or otherwise objectionable material of any kind.

Home page Name



«

(All fields are required)
Like us on Facebook
News
Recent Malware
Read on mobile
Press Mentions
I failed to remove CryptoDefense using SpyHunter.

Email


Close
add text box
rss feed
help other
Spreading the knowledge: It is very hard to fight against computer parasites on the Internet alone. If you have a website, we would be more than happy if you would like to cooperate and help us spread the information about latest threats. Remember, knowledge is the most powerful weapon. Help your visitors protect their computers!