Remove CryptoLocker

Updated March 2024

Manually Remove CryptoLocker Notes

Reboot into safe mode

Run regedit

Go to HKCU ⁄ Software ⁄

You’ll notice it doesn’t hide here:

You can delete this two crypto entries

Once those are deleted scroll down to Microsoft

Continue to scroll down to Windows ⁄ Current Version

Scroll down to where it says run – you can see the virus listed here. You can delete it.

It will also be listed under run once – delete that as well

Close regedit – now we want to go to show hidden folders and drives

Check Show Hidden files. folders and drives

Uncheck Hide extensions for know files types

Uncheck protected operating system files

In the directory shown below delete these two files

You can also delete this file in the directory listed below. There might be an issue with the virus letting you delete it.

So we will delete it later.

Also check your temp directory as shown below for any other suspicious files

Reboot back to your desktop

You can now go back and delete that file we couldn’t delete before

You can no go back and protect our system files