BACK TO PCSTATS Follow PCSTATS on Facebook PCSTATS RSS Feed PCSTATS Twitter Feed + Motherboards
+ Videocards
+ Memory
+ Beginners Guides
News & Advanced Search  Feedback?
[X]   Directory of
Guides & Reviews

Beginners Guides
Weekly Newsletter
Archived Newsletters

Seagate Backup Plus Slim External USB 3.0 2TB Hard Drive Review
Dealing with CryptoLocker ransom ware - Dealing with CryptoLocker ransom ware
Fri, March 28 2014 | 2:47AM | PermaLink Feedback?
Anyone have a viable work-around for CryptoLocker?

If you're unlucky enough to ever see this message, your data is gone. If you've slayed this dragon, please share your tricks! There's good information on how you may be infected here.

Bleepingcomputer has a decent write up on a GroupPolicy hack that can help prevent systems from being infected before the damage is done.

Source: Computerworld. "Open up Local Security Policy or the Group Policy Object editor and create a new GPO. I'll show you how to create two here -- one for Windows XP machines (which use slightly different paths for the user space) and one for Windows Vista and later machines.

Name the new GPO "SRP for XP to prevent Cryptolocker" or something similar for you to remember easily.

Choose Computer Configuration and then navigate through Policies ? Windows Settings ? Security Settings ? Software Restriction Policies.

Right-click Software Restriction Policies and choose New Software Restriction Policy from the context menu.

Now, create the actual rules that will catch the software on which you want to enforce a restriction. Right-click Additional Rules in the left-hand pane. Choose New Path Rule.

Under Path, enter %AppData%\*.exe.

Under Security level, choose Disallowed.

Enter a friendly description, like "Prevent programs from running in AppData."

Choose New Path Rule again, and make a new rule like the one just completed. Use the following table to fill out the remainder of this GPO."

If you computer regularly makes System Restore points, there's a chance you can restore the encrypted files from the previous restore point using what are known as "Shadow Volume Copies". See Bleepingcomputer for that as well. You'll need a program called Shadow Explorer to restore entire folders.
Read More at PCSTATS

News Categories
Audio / Sound Beginners Guides Benchmarks
Biometrics BIOS Business / Industry
Cases Chipset Computer / SFF PCs
Cooling / Heatsinks CPU / Processors Digital Cameras
Drivers Editorial Games
Gossip Hard Drives/SSD Hardware
Home Theatre Imaging Memory
Mobile Devices Monitors Motherboards
Mouse Pads MP3 Players Networking
Notebooks Operating System Optical Drives
Overclocking Peripherals Power Supply
Press Release Printers Servers
Site News Software Tips
Tradeshows / Events Video Cards Web News
   Looking for something a little farther back? Try PCstats News Archives: 1999 - present
   04 / 21 / 2018 | 11:11AM
Hardware Sections 

PCSTATS Network Features Information About Us Contact
PCSTATS Newsletter
ShoppingList Assistance
Tech Glossary
Technology WebSite Listings
PermaLink News
Archived News
Submit News (Review RSS Feed)
Site Map
PCstats Wallpaper
About Us
Privacy Policy
Advertise on PCSTATS

How's Our Driving?
© Copyright 1999-2018 All rights reserved. Privacy policy and Terms of Use.