As someone else pointed out, most of these suggestions for removing a virus/malware do not apply to something like Cryptlocker. With that one, you have only three choices.
- Restore from your backup
- Pay the ransom.
- Live without your data
Again, as someone pointed out, if you back up to a NAS or another computer on the network, then your backups will be encrypted, too<mytubeelement data="{"bundle":{"label_delimitor":":","percentage":"%","smart_buffer":"Smart buffer","start_playing_when_buffered":"start playing when buffered","sound":"sound","desktop_notification":"desktop notification","continuation_on_next_line":"-","loop":"loop","only_notify":"only notify","estimated_time":"estimated time","global_preferences":"global preferences","no_notification_supported_on_your_browser":"no notification style supported on your browser version","video_buffered":"video buffered","buffered":"buffered","hyphen":"-","buffered_message":"the video has been buffered as requested and is ready to play.","not_supported":"not supported","on":"on","off":"off","click_to_enable_for_this_site":"click to enable for this site","desktop_notification_denied":"you have denied permission for desktop notification for this site","notification_status_delimitor":";","error":"error","adblock_interferance_message":"adblock (or similar extension) is known to interfere with smartvideo. please add this url to adblock whitelist.","calculating":"calculating","waiting":"waiting","will_start_buffering_when_initialized":"will start buffering when initialized","will_start_playing_when_initialized":"will start playing when initialized","completed":"completed","buffering_stalled":"buffering is stalled. will stop.","stopped":"stopped","hr":"hr","min":"min","sec":"sec","any_moment":"any moment","popup_donate_to":"donate to","extension_id":null},"prefs":{"desktopnotification":true,"soundnotification":true,"loglevel":0,"enable":true,"loop":false,"hidepopup":false,"autoplay":false,"autobuffer":true,"autoplayonbuffer":false,"autoplayonbufferpercentage":42,"autoplayonsmartbuffer":true,"quality":"default","fshd":true,"onlynotification":false,"enablefullscreen":true,"savebandwidth":false,"hideannotations":false,"turnoffpagedbuffering":true}}" event="preferencesUpdated" id="myTubeRelayElementToPage"></mytubeelement><mytubeelement data="{"loadBundle":true}" event="relayPrefs" id="myTubeRelayElementToTab"></mytubeelement>. Same with Dropbox, and I assume Google's and Microsoft's cloud drives. Those are visible to Explorer, so the ransomware will scramble those, too.
For my backups, in addition to a Time Machine-like program writing to a local NAS, (for convenience) I have a subscription with CrashPlan. They have competitors that work similarly. That gets my data off-site, and not connected in a way that the encrypter can get at it. And, CrashPlan saves multiple versions of every file, so I can always go back to a version prior to the encryption.
So, to answer your question, I would not pay. I would wipe the machine and restore from backup. In fact, I treat every virus infection that way. (Only ever happened to my personal machines twice. But, I fix friends' computers a few times a year.) I just can't bring myself to trust a machine that has been infected. They're just too tenacious at fighting against cleanup efforts. So, I treat a virus infection the same as I would a disk crash.
Drake Christensen