I am still seeing a lot of people fall for Cryptolocker through clicking emails that will cause it to run through their computer and infect any drives that are attached.
Do not fall for the:
- Australia Post email
- Banking Emails
- Telstra Emails saying you will get a refund
- AGL Invoices
- Fictitious invoices and statements
I am also seeing people who are saying that they have had their computer cleared of Cryptolocker ( they do not get their files back btw ) by running an antivirus solution through it.
Let me emphasize :
If you have been infected with Cryptolocker it is the ” scorched earth policy “, your computer has to be wiped back to factory settings and all drives on that machine have to be wiped , you then need to reinstall from a known good copy of Windows. You can then put your programs back.
An antivirus solution can leave remnants behind.
If you do not have a backup of your data ( you really should ) and decide to pay the ransom , there is no guarantee that you will get the decryption key back to get access to your files.
If you do get it back and get access to your files , your computer still has to be wiped after you have moved your files and are assured there are no remnants of encrypted files left in these files.
In some cases you maybe able to recover the files , more information can be found on this site.