How to recover from the CryptoLocker virus

scrambledThe CryptoLocker virus encrypts all your personal files and throws away the key.  Unless you pay a hefty ransom, your files will be lost forever.

This type of virus is known as “ransom-ware” and it spreads via email attachments.

The most unusual thing about this virus is that if you pay the ransom, the creeps will actually return the key. All your files will return to normal.

This tactic is beneficial to them because they can condition people to pay the ransom. Paying the ransom is a bad idea of course. Who knows when they’ll strike again asking for more money?

The best thing to do is to prevent an infection.

It goes without saying but you should have adequate protection. Free virus protection rarely prevents these type of infections. (I will discuss an Internet Protection Plan in a different article.)

Do not open any attachments from anyone you do not trust. Especially if you were not expecting it. When in doubt, check with your friend or relative who sent you the attachment before you open it.

If you do become infected, removing the infection is somewhat easy. However your files will be scrambled beyond recognition and without recourse.

Recovering from CryptoLocker is as simple as having a good backup plan.

Here’s the recovery plan in a nut-shell

1) Create a backup of all your personal files to an external drive.
2) Remove your external drive from your computer and put it somewhere safe.
3) If you become a victim of CryptoLocker, remove the infection.
4) Reconnect your drive and copy all your good and unencrypted files to your computer.

That’s it.  No sweat!

The Backup Plan:

There are many backup systems out there. This tutorial is not intended to educate you on how to use a specific software package to safeguard your files. Instead, I will give you general wisdom you can use with any backup system.

1) Make redundant backups

Save your files in multiple locations such as in an external hard drive or flash drive.Put them in a CD or DVD or optional online backup service.

2) Make your backups often

Schedule your backup system to save your  documents (pictures, Word, Excel, etc.) regularly. I recommend three different times: daily, weekly, and monthly.

3) Save your backups OFF-line.

Have a system to rotate your backup media so that a copy of your digital life is NOT connected in any way to your computer.

How does this work?

I believe in having multiple iterations of my files in case I need to go back to an earlier version. That is why you should have multiple copies.  Putting them in separate devices minimizes the risk of loss.  If one drive fails, you have the other.

Scheduling the backup works to your advantage.  You don’t have to remember to make the copies.  The system will do it for you.  If you have the three schedules (daily, weekly, and monthly) you will ensure you have at least three copies of your files at all times.

One thing you do have to remember is to exchange your drives periodically.  I say once a week is fine. Leave an external drive connected to your computer for a week at a time. Remove it and replace it with another each Monday, or Friday, or whenever is convenient. Just do it regularly.

What happens is this.  The schedule saves your files and updates them each day.  Your weekly and monthly backups keep them unchanged in case you need to recover any of your files.  Removing them from your computer takes them OFF-line. This helps keep your files intact when a virus attacks.

Parting words

Having a redundant backup plan will save you time and money.  A backup can save your hard work and precious memories. It can also save you headaches, heartache, and grief. In short, it can save your life.

Now, I want to ask you for a favor.  Do you know someone who might benefit from this information? Please send them a link to this article and encourage them to read it.

Also, leave me a comment below and let me know how you backup your computer. If you don’t, why not?

8 Replies to “How to recover from the CryptoLocker virus”

  1. Hi Juan, great article. The Toshiba external drive you set up for me backs up daily. Do you think I should unplug it and only have it plugged in about once a week at the back up time for an update?
    That way my exposure would only be for the few minutes it takes to update the Toshiba.

    thanks, Beverly

  2. Yes you may send me your newsletter. As for back-up, my daily work is done on my iPad. V2. It is my understanding that there as of yet no virus type code been written to attack an “Apple” product.

    My “IBM” system is still on my lap top but it is rarely used. My “gal-friend”s son will use it on occasion when he comes over with her but to only chat with his girl-friend and nothing else. So i have just only been backing up with my “thumb-nails”, it seem the best for my situation. I also use four “thumb-nails” in rotation.
    Does this answer your question? If not let me know.
    I also want to thank you for your prompt service and caring attitude.

    Larry

    1. Yea, Larry. I would count your thumb-drives as backup devices.

      You can use those for small backups where all your personal files fit in one of those. They make very large thumb-drives nowadays.

      Apple products are somewhat safer in that regard. We can discuss that in a different article.

      The main idea here is to “have” good backups. In case of a disaster (specifically “that” virus)

    1. Kathy, any backups are great. This is a new virus that attacks ANY personal files that are accessible to the computer at the time it attacks.

      Having an external backup, will help by severing the connection from the computer. If the computer is compromised by this virus, it will not have access to the files that are “not” in the computer.

      That’s why it makes sense to remove the hard drive or redundant device from the computer once you make the backup.

      I know I am being “redundant” here.

Leave a comment or question