After a brief hiatus malware developers release CryptoWall 3.0

Got caught several times lost over 40g of backup that was attached to computer usb.  So, backup when offline and then disconnect all usb backup devices except when using at the time.

Get CRYPTOPrevent for freeeee or pay $15 forever fee with advanced protection!  can find by search or on Foolibleep.com  Foolish IT   

 Have Not been Hit since 2013!!  Forget your windows word, pdf. files and all photo files- even if encrypted-- only thing safe was notepad.  txt files may not be so now.

Edited by untecked, 18 January 2015 - 12:31 PM.

Make that Foolish IT .com

for me all the rar files, document files, jpg files everything encrypted, using eset nod tool to remove the malware, any guesses when would be the decrypting tool would be in the market

You're welcome  .

man thx.... sadly it didnt work for me

D'oh!!  That's not good.   I was lucky.

would cryptowalls 2.0's decrytor work with 3.0 since this new one hasnt being changed a lot?

we are desparately waiting for the decryptor for cryptowall 3.0,

is it possible to decrypt the files encrypted by cryptowall 3.0?

CTB-Locker , if anyone got update about how to decrypt the files.   

Admin is right theres no decryptor and this ransomware is annoying and i got infected by it on my ipod so thats down

Hi Everyone,

I would like to share as what I have discovered and hopefully found a cure to decrypt all my encrypted files.

All my files was infected by this ransom or cryptowall virus. There's was a note and every folder infected. Please see below message of the noted in text file.

-----------------

All your important files were crypted with two strong algoritms - RSA and AES
All files that have been cryped have name, starting with error_
We can sell you the program that will restore all your files.
If you want buy this program, you need send us your Unique Identificator on ert888@ruggedinbox.com
After that we will send you instructions of payment
Also you can attach one small file (less than 300 Kilobytes) and we will restore it.

If we didnt answer you during 1-2 days, it means that we didnt get your letter. So,
make your own e-mail account on www.ruggedinbox.com and send your letter again.

 

I just wrote an email and attached the encypted files to ert888@ruggedinbox.com and received the response this morning together with the decrypted files which i sent. (.xls file)

---------------------

From: ert888@ruggedinbox.com [mailto:ert888@ruggedinbox.com]

Sent: Wednesday, 21 January 2015 9:07 AM

To: ejb

Subject: Re: 19683

Hello. Program costs 2 bitcoins (now 2 bitcoins = 400 usd)

You need send 2 bitcoins to address 1Jvv62ChWGj2DwLcGtCJtNtrfpCkfLrvEJ

You can use one of those sites to change your money to bitcoins:

www.btc-e.com

www.bitstamp.net

www.goldux.com

www.kraken.com

www.bitquick.co

You dont need install any bitcoin software. You need only use one one those bitcoin services or others (also you can look here other bitcoin services for your country - www.howtobuybitcoins.info) to send us bitcoins.

And we dont need your files. We only need some money.

I attached your decrypted file.

----------------

I manage to scan my computer and shadow copies is not present.

Please help if anybody out there have the solution to decrypt the files.

I have tried all the possible ways to decrypt but still no luck.

-pandaransomdecrypt

-anti cryptorbit

-https://www.decryptcryptolocker.com/

-http://support.kaspersky.com/viruses/disinfection

- kaspersky RannohDecryptor

-stinger32

Thank you.

would cryptowalls 2.0's decrytor work with 3.0 since this new one hasnt being changed a lot?

It would work however that isn't your problem. Your problem is that each infection has 2 encryption keys (public and private) one of the keys is stored on your computer, the other is on their server, when you pay them and the payment has been confirmed you will get a link on your payment screen called decrypt.zip in there are 3 files, the decrypt file and the public and private key. 

I am currently working on a way to decrypt the files without paying them. A good friend of mine programs in over 11 languages and we think we have figured out how they 'make' the keys, maybe by version 23.0 we will have a solution

All my files was infected by this ransom or cryptowall virus. There's was a note and every folder infected. Please see below message of the noted in text file.
 
-----------------
All your important files were crypted with two strong algoritms - RSA and AES
All files that have been cryped have name, starting with error_
We can sell you the program that will restore all your files.
If you want buy this program, you need send us your Unique Identificator on ert888@ruggedinbox.com
After that we will send you instructions of payment
Also you can attach one small file (less than 300 Kilobytes) and we will restore it.

If we didnt answer you during 1-2 days, it means that we didnt get your letter. So,
make your own e-mail account on www.ruggedinbox.com and send your letter again.