CryptoPrevent is a tiny utility to lock down any Windows OS (XP, Vista, 7, 8, 8.1, and 10) to prevent infection by the Cryptolocker malware or ‘ransomware’, which encrypts personal files and then offers decryption for a paid ransom.

Incidentally, due to the way that CryptoPrevent works, it actually protects against a wide variety of malware, not just Cryptolocker!

For home users you can download the latest version of Crypto protect from the link below:

Click HERE to download the Current Version:  7.3.x  released Oct 12th 2014

NOTE:  The free edition does NOT automatically download definition updates. 

You can purchase the Premium version which will update these definitions daily if you like from https://www.foolishit.com/vb6-projects/cryptoprevent/ 

More information on how to install and protect yourself for home users can be found at this link https://www.foolishit.com/vb6-projects/cryptoprevent/ 

For larger business and corporate clients with Windows based servers and network shares, I would encourage you to contact ITS4BIZ immediately and we can assist you in upgrading your Domain Software Security Group Policies that can block this virus at a corporate level.

Be warned people, this virus is a real threat

Please alert your staff about the Cryptolocker Virus.

It has come to our attention that a particular style of virus infection known as Cryptolocker is raising in profile across the internet and throughout Australia, and we suggest that as a matter of urgency your staff are made aware of this threat. We have recently had several users infect their networks/servers with this virus, which has caused significant disruption to operations and/or loss of data.

We suggest advising your staff members who use email within your organization of this issue immediately.

How do you become infected with CryptoLocker?

The infection is typically spread through emails sent to company email addresses that pretend to be customer support related issues from Energy Australia, Australia Post, NAB, DHL, etc. These emails would contain a link to an invoice website or an attachment that when opened would infect the computer.

The email may also contain ZIP files and these zip files contain executables that are disguised as PDF files as they have a PDF icon and are typically named something like FORM_101513.exe or FORM_101513.pdf.exe. Since Microsoft does not show extensions by default, they look like normal PDF files and people unknowingly open them.

Do not open any emails that look suspicious, and especially do not open any attachments or click on any links to websites on emails you are unsure about.

If you are suspicious then do an online search for the subject line or some of the text in the email. If the email is a hoax or virus your search results will soon return websites confirming it.

If you are still unsure please send a request email to This email address is being protected from spambots. You need JavaScript enabled to view it. or call us on 1300 368 889.

(Never forward suspicious emails to anyone including Support as you may not only infect others but the email may never arrive if various email systems quarantine the forward).

Once activated, within minutes this virus will attack your documents and network shares and render all sorts of files unusable (Word, Excel, PDF, PowerPoint, Image Files …and more). If you don’t have a recent valid backup or Shadow Copy your data you say data good bye to your data unless you want to potentially pay the ransom to try and recover your data, which is flaunted with risk as well. 

ATTENTION! The current list of known CryptoLocker email subjects include: