cryptolocker

This virus has spread through my clients network and all workstations and servers are infected. It has encrypted all pdf, mdb, word, and other documents on all systems. Will these removal tools you suggest restore their files?

Thanks!

My client has evidently been able to remove the virus but files on their shared network drives are still encrypted.  They have run malwarebytes and combofix, but not superantispyware. They are going to try it now. They are going to copy one of the infected files from a network drive to a disconnected workstation, run the scans and hope it works.

Thanks again!

They are working with their IT firm to do a restore. Evidently, though, their IT firm is having difficulties and not returning calls. They received a message on their workstation telling them to pay a certain fee by the end of this week. If they pay the fee, a key to fix their files will be sent to them, otherwise the encryption is permanent. This is unbelievable!

Try this
http://malwarefixes.com/remove-cryptolocker-virus/

I will call this morning to find out the randsom amount and more details on how was received.

I called my client and they informed me that they did not actually receive a ransom amount. They also mentioned that they had two active viruses. The first virus made it appear that all files were undetectable on the hard drives. They fixed that virus and then the cryptolocker established itself. They don't know if the two viruses are connected.

Excellent responses, thank you so much!

A real preventative solution is posted here:

http://www.experts-exchange.com/Security/Vulnerabilities/Q_28233648.html#a39474622