To my knowledge, there arent any working decryptors.
There have been a few private keys leaked - but I have never heard any of these to be working. If they were, it wouldn't take long for the developers to change the keys, recompile and send the software out again.
You may get lucky with some of the leaked keys IF they are genuine and IF your friends computer is infected with an older version of the virus that uses those keys. The likelyhood is very slim though I'm afraid.
Sorry to be the bearer of bad news.
Your best bet is to rescue what you can (safe mode, boot pen etc to copy whatever is uninfected off the machine) and then do a complete wipe of the machine.
I know some people say there are articles which help you free the machine of the virus (ditching all infected data in the process) - but once a machine is infected - you can never be 100% certain that you've removed all trace of the infection without a full wipe.
I would try to get the point across not to pay them. There is always a chance you can't get the files decrypted, and if he pays, it's more incentive for them to continue doing it. People need these hard truths to see they need to backup their files, and stop paying the bad guys to make more encryption viruses. Just explain good backup methods to your customer. – dakre18 – 2015-12-21T14:17:31.950
1You do understand there are multiple variations of CryptoWall itself right? Some have decryptor tools, most do not, there is not a single variation of Cryptowall. – Ramhound – 2015-12-21T17:25:01.333