Computer Services

Making I.T Work
Call Us: 0207 537 7080

How to Protect Yourself Against The Cryptolocker Virus

By Pratik Mevada

Before deciding how to stay safe from the threat, it is necessary to know about how the threat works.

CryptoLocker is a Trojan that runs on Microsoft Windows platform, which was first detected in 2013. It is a ransom Trojan, which enters the system through various sources. One of them is thorough an email ZIP attachment. The ZIP file has an EXE file with icon of a PDF file. Now, as we all know, Windows does not show the file extension. People who are professionals will definitely check the file's extension, but a person who is not so familiar with the computers will become an easy target.

Once the target double clicks on the file, the program installs itself in Documents and Settings folder of victim's windows machine. It changes its name to a random one, which makes it hard to find. It then contacts designated servers throughout the network and once connected it creates a secure encrypted data transfer pipeline. It then starts encrypting personal documents of the user. The file it attacks is: .DXF (AutoCAD), Microsoft office files, Open Document files, and pictures. Once the encryption is complete, it sends back the files to the server. Now, if the victim tries to open the file, it says "The file is encrypted" and asks for ransom (which is random, in US Dollars or EUROs), and threatens the victim to delete the file if he/she does not pay the ransom in 72 or 100 hours.

Now you know how the threat works and how it can enter your Microsoft Windows system.

The best way to stay safe from the CryptoLocker Trojan is to keep your computer protected by the Antivirus software and keeping that software up-to-date with the help of update patches. Do not open a suspicious random name file or an email. Scan all the USB data storages and data DVDs before using it. Configure Software Restriction Policy in your Microsoft Windows Machine, as when an executable file runs by itself, Windows can alert you, by the help of this alert you can prevent the infected file from running.

At last, keep a backup of your personal data and keep it separate from your computer, because, CryptoLocker can encrypt your backup as well. If you will keep your backup away from the network or computer, there will be less chances of your backup getting infected by CryptoLocker, and if your backup is safe, you can recover any lost file.

Article Source:



>> Find out how Ambient Computers can support your I.T systems; remotely, onsite or on an ad-hoc basis, including one-off repairs.


Our hosting solutions are geared towards making your website and email constantly available.


Ambient Computers are a partner of Sophos. Our technicians are trained in their range of products.