BACK TO PCSTATS Follow PCSTATS on Facebook PCSTATS RSS Feed PCSTATS Twitter Feed + Motherboards
+ Videocards
+ Memory
+ Beginners Guides
News & Advanced Search  Feedback?
[X]   Directory of
Guides & Reviews
The PCstats Forums

Beginners Guides
Weekly Newsletter
Archived Newsletters


Beginners Guide: How To Install / Remove an Intel Socket LGA2011 CPU

Dealing with CryptoLocker ransom ware - PCSTATS.com Dealing with CryptoLocker ransom ware
Fri, Mar 28 2014 | 2:47AM | Filed under: Tips| PermaLink Posted by: STAFF

Anyone have a viable work-around for CryptoLocker?

If you're unlucky enough to ever see this message, your data is gone. If you've slayed this dragon, please share your tricks! There's good information on how you may be infected here.

Bleepingcomputer has a decent write up on a GroupPolicy hack that can help prevent systems from being infected before the damage is done.

Source: Computerworld. "Open up Local Security Policy or the Group Policy Object editor and create a new GPO. I'll show you how to create two here -- one for Windows XP machines (which use slightly different paths for the user space) and one for Windows Vista and later machines.

Name the new GPO "SRP for XP to prevent Cryptolocker" or something similar for you to remember easily.

Choose Computer Configuration and then navigate through Policies ? Windows Settings ? Security Settings ? Software Restriction Policies.

Right-click Software Restriction Policies and choose New Software Restriction Policy from the context menu.

Now, create the actual rules that will catch the software on which you want to enforce a restriction. Right-click Additional Rules in the left-hand pane. Choose New Path Rule.

Under Path, enter %AppData%\*.exe.

Under Security level, choose Disallowed.

Enter a friendly description, like "Prevent programs from running in AppData."

Choose New Path Rule again, and make a new rule like the one just completed. Use the following table to fill out the remainder of this GPO."

If you computer regularly makes System Restore points, there's a chance you can restore the encrypted files from the previous restore point using what are known as "Shadow Volume Copies". See Bleepingcomputer for that as well. You'll need a program called Shadow Explorer to restore entire folders.

www.pcstats.com

FULL STORY @ PCSTATS

Recent News in Tips
PCSTATS TechTip - Windows 7 and older Integrated Graphics Drivers Apr 18
Dealing with CryptoLocker ransom ware Mar 28
Office 2013 Crashes on Start Up - Solved - PCSTATS TechTip Mar 14
PCSTATS TechTip: Isolate a browser with Sandboxie to protect your PC Feb 11
PCSTATS TechTip: When FireFox Crashes Constantly Feb 11
PCSTATS TechTip - Finding Your Windows product Key Feb 6
PCSTATS TechTip - Testing the waters with new Windows Operating Systems Feb 6
PCSTATS TechTip- Disabling Shutdown Event Tracker in Windows Server 2003 Feb 6
PCSTATS TechTip - Windows Directory Statistics (WinDirStat) Feb 6
PCSTATS TechTi p - Tale of the Corrupted Outlook PST Backup Feb 6
more...

News Categories
Audio / Sound Beginners Guides Benchmarks
Biometrics BIOS Business / Industry
Cases Chipset Computer / SFF PCs
Cooling / Heatsinks CPU / Processors Digital Cameras
Drivers Editorial Games
Gossip Hard Drives Hardware
Home Theatre Imaging Memory
Mobile Devices Monitors Motherboards
Mouse Pads MP3 Players Networking
Notebooks Operating System Optical Drives
Overclocking Peripherals Power Supply
Press Release Printers Servers
Site News Software Tips
Tradeshows / Events Video Cards Web News
   Looking for something a little farther back? Try PCstats News Archives: 1999 - present
   10 / 01 / 2014 | 4:27PM
Hardware Sections 


google
 
PCSTATS Network Features Information About Us Contact
FrostyTech
TransmetaZone
BeginnersPC
PCSTATS Newsletter
PCSTATS Forums
ShoppingList Assistance
Tech Glossary
Technology WebSite Listings
PermaLink News
Archived News
Submit News (Review RSS Feed)
Site Map
PCstats Wallpaper
About Us
Employment
Privacy Policy
Advertise on PCSTATS

How's Our Driving?
© Copyright 1999-2014 www.pcstats.com All rights reserved. Privacy policy and Terms of Use.