@ alan1998 Ouch! Your typing doesn't seem to suffer so much.
Um, Wireshark.. I don't know what that is but, I saw it mentioned on a very long Bleeping Computer thread about Cryptolocker. Someone suggested that approach, but I didn't see any definitive answer that it worked at all.
Anyway, the key, as always, is try to avoid being infected in the first place. I don't remember all the avenues, but PDF downloads aren't always what they purport to be (Save as dialogue should warn you, I would've thought) and the latest thing is via infected USB drives.
Sites that require you to install software to view video content, for example, is another, and fake alert sites.. - as well as the old email attachment trick.
A Limited (not Admistrator) User Account, apparently, offers some protection - because, Cryptolocker can only run "as Administrator".
Unhide known extensions so you can see if a 'doc' or 'pdf' is actually an .exe before you open it, is another suggestion. Nothing is 100% tho, so always keep a recent "cold storage" clean backup for insurance.
Yes, as you say, it is a discussion only. Any chance the Mods can move the thread?
@ essexboy
As I understand it, Cryptolocker is only as good as the latest update too.
Something called
HitmanPro.Alert with CryptoGuard [beta] looks promising - provided it kicks in before any encryption (which I'm not absolutely sure about).
Found it mentioned on
http://www.bleepingcomputer.com/virus-removal/cryptolocker-ransomware-information