system
16
I’m dealing with this ransomware for a client. I know that Avast already referenced this infection as Win32:Ransom-AQH [Trj], however, the infection on his PC is fresh and somehow managed to bypass Avast guard. I’ve restored some of the files using Shadow Explorer. For now, it seems the only possible solution, so it saved the day! For those who have the same issue I recommend reading these posts:
http://deletemalware.blogspot.com/2013/10/remove-cryptolocker-virus-and-restore.html
http://www.bleepingcomputer.com/forums/t/506924/cryptolocker-hijack-program/
And also a thread on reddit: http://www.reddit.com/r/sysadmin/comments/1mizfx/proper_care_feeding_of_your_cryptolocker/