How to Deal with the Ransomware Called CryptoLocker [1]

One of the worst threats from malware infections these days is “ransomware” (described in a previous tip [3] ) and something called CryptoLocker is one of the most prevalent examples of ransomware. Everyone should be on guard against this pernicious malware. A valuable resource for dealing with CryptoLocker is the extensive guide put together by BleepingComputer at this link [4].

Here is the Table of Contents:

The purpose of this guide
What is CryptoLocker
Known file paths and registry keys used by CryptoLocker
What should you do when you discover your computer is infected with CryptoLocker?
Is it possible to decrypt files encrypted by CryptoLocker?
Will paying the ransom actually decrypt your files?
How do you become infected with CryptoLocker
Known Bitcoin Payment addresses for CryptoLocker
CryptoLocker and Network Shares
What to do if your anti-virus software deleted the infection files and you want to pay the ransom!
How to increase the time you have to pay the ransom
Messages from the ransomware author and information about the CryptoLocker Decryption Service
How to restore files encrypted by CryptoLocker using Shadow Volume Copies
How to restore files that have been encrypted on DropBox folders
How to find files that have been encrypted by CryptoLocker
How to determine which computer is infected with CryptoLocker on a network
How to prevent your computer from becoming infected by CryptoLocker
How to allow specific applications to run when using Software Restriction Policies
How to be notified by email when a Software Restriction Policy is triggered
CryptoLocker 2.0: New version or Copycat?
CryptoLocker Timeline

Please note that BleepingComputer makes the following comment:

“There is a lot of incorrect and dangerous information floating around about CryptoLocker. As BleepingComputer.com was one of the first support sites to try helping users who are infected with this infection, I thought it would be better to post all the known information about this infection in one place. This guide, or Frequently Asked Questions, will unfortunately not help you decrypt your files as there is no way to do so. Instead, this FAQ will give you all the information you need to understand the infection and possibly restore your files via other methods.

In many ways this guide feels like a support topic on how to pay the ransom, which sickens me. Unfortunately, this infection is devious and many people have no choice but to pay the ransom in order to get their files back. I apologize in advance if this is seen as helping the developers, when in fact my goal is to help the infected users with whatever they decide to do.”

Get your own favorite tip published! Know a neat tech tip or trick? Then why not have it published here and receive full credit? Click here to tell us your tip. [5]

This tips section is maintained by Vic Laurie [6]. Vic runs several websites with Windows how-to's, guides, and tutorials, including a site for learning about Windows and the Internet [7] and another with Windows 7 tips [8].

Click here [9] for more items like this. Better still, get Tech Tips delivered via your RSS feeder [10] or alternatively, have the RSS feed sent as email [11] direct to your in-box.

Please rate this article: