One of the most widespread pieces of malware making the rounds these days is an updated version of a payload that first appeared quite a few years ago. This malware, known as CryptoLocker, is a form of "ransomware," a program that holds the user's data files hostage until that user pays to have those files released. I wrote about this type of malware in my book, Bug-Free Computing: Stop Viruses, Squash Worms, and Smash Trojan Horses, original Copyright 2005. But CryptoLocker is a much more sophisticated variant of this attack.
All of the major anti-virus software vendors are aware of CryptoLocker, and many have written about it. There has also been a lot of misinformation and bad advice on the subject from various sources, even some that would normally be considered reputable. Rather than attempt to reinvent this wheel here, I will offer my general observations and recommendations, followed by a link to a blog post that I believe does an excellent job of presenting the facts about CryptoLocker.