

If you have IT support contact them and ask them to carry out the scan to check your PC is clean.

If any warnings pop up in your anti-virus program complete a full scan immediately and remove any infections. Any data you have is vulnerable unless it is backed up.ģ. Although System Protection allows you to revert to previous versions of your data files nothing can substitute an offline backup so ensure you have adequate backup procedures in place, whether on your server or your local PC. Ensure Windows System Protection is configured and running to allow your system to be restored to a previous state before the problems occurred and allow you to restore previous versions of your data.Ģ. There are various things you can do to aid recovery from not only the CrytpoLocker infection but other infections, operating system problems and general data loss:ġ. If you have been infected or just want someone to check please contact TLP Technology and we will be happy to help. There are various methods posted on the internet for removing and recovering from the CryptoLocker virus which include using anti-virus and anti-malware programs, system restore and backups. This will pick up possible malware infections that your anti-virus software may miss. Perform periodic scans with anti-malware programs such as Malware Bytes Anti-Malware. Weekly scans are the best balance between security and functionality.Ĥ.

Ensure your anti-virus program is up to date and performing regular scans. Do not click links to websites in emails or other programs if you are unsure the link so from a trusted person or are not sure where the link will go.ģ. Do not open attachments in emails if you do not know the sender or are not sure the attachment is from a trusted source.Ģ. There are measures you can take to minimise the risk of infection which include:ġ. These can be in the form of emails containing infected attachments, websites that have been compromised, files downloaded from the internet from untrusted sources or through existing malware infections on your PC using botnets. The CryptoLocker virus, like any other Malware, uses vulnerabilities and security weaknesses to infect PCs.

A demand is then made for payment from the user for the private key so they can decrypt the data.Ī screenshot of PC infected with CryptoLocker The private key, that decrypts the data, is stored on a remote server accessed by the CryptoLocker virus from the infected PC. It is using public/private key encryption where it encrypts the users data using RSA-2048 encryption with a public key. CryptoLocker is a new Ransomware virus going around that is encrypting user documents and then demanding payment to decrypt these.
