Unfortunately, pay the ransom, as much as it hurts, the $500.00 plus that they ask for is minimalistic to the hours you will put in to fixing the problem. And most likely wont be able to fully recover. If your client is worried about a credit card getting hacked, go to the grocery store and buy one or those onetime cards for the amount of what that the cryptowall ransom is saying will make thing right. I speak from experience hear, I have flipped both ways, and biting the bullet and educating the crew that introduced the virus to start is the better of two paths. I wish I could provide a better solution, but have seen this hit way to many unsuspecting companies.