http://www.computerworld.com/s/article/ ... f_you_are_
When it finds a file matching that extension, it encrypts the file using a public key and then makes a record of the file in the Windows registry under HKEY_CURRENT_USER\Software\CryptoLocker\Files. It then prompts the user that his or her files have been encrypted and that he or she must use prepaid cards or Bitcoin to send hundreds of dollars to the author of the malware.
Once the payment has been made, the decryption usually begins. There is typically a four-day time limit on the payment option; the malware's author claims the private key required to decrypt files will be deleted if the ransom is not received in time. If the private key is deleted, your files will essentially never be able to be decrypted -- you could attempt to brute force the key, but as a practical matter, that would take on the order or thousands of years. Effectively, your files are gone.
I've been meaning to put backups on BR just as extra backup and after considering this it's now a necessity. If you get this and don't have isolated backup files it's either pay or lose your data. I've seen some pretty nasty stuff before but this is nasty as it gets because there is no fix other than paying and if something happens like the guy gets arrested or decides to shut it down with a whole bunch of people waiting for keys....