I have a network that has just been hit with Crypto locker or a variant of Crypto. It seens to have infected a single workstation but there are encrypted files on some of the Server shares as well. As a precaution we have shut down the server and the infected work station and most of the rest of the network as well.
1 - What is the best software that can remove the CryptoLocker software please?
2 - Do the encrypted files pose any threat to the system - can the infection spread from encrypted files on other machines that host shares that appear on the infected machine?
3 - Can the removal software be run on the infected machine or is it best to put the disc in a good machine and run the removal from there?
4 - Is there really any way to restore encrypted files? I fear I know the answer to this one already...