Windows 10: This bag of tricks may help stop a ransomware infection Solved

  1. Borg 386's Avatar
    Posts : 21,546
    Win 7 32, Win 7 64 Pro, Win 8.1 64 Pro, Win 10 64 Education Edition
       23 Mar 2016 #1

    This bag of tricks may help stop a ransomware infection


    A malware researcher has found a few tricks to stop one of the latest types of ransomware, called Locky, from infecting a computer without using any security programs.
    This bag of tricks may help stop a ransomware infection | PCWorld
      My ComputerSystem Spec

  2. TairikuOkami's Avatar
    Posts : 3,413
    10.6 Home 1809 x64
       23 Mar 2016 #2

    This "trick" does not stop just Locky, but most of the malware and common users are not limited by it.

    reg add "HKLM\Software\Microsoft\Windows Script Host\Settings" /v "Enabled" /t REG_DWORD /d 0 /f
      My ComputerSystem Spec

  3. Brink's Avatar
    Posts : 33,021
    64-bit Windows 10 Pro build 18252
       23 Mar 2016 #3
      My ComputersSystem Spec

  4.    23 Mar 2016 #4

    TairikuOkami said: View Post
    This "trick" does not stop just Locky, but most of the malware and common users are not limited by it.
    reg add "HKLM\Software\Microsoft\Windows Script Host\Settings" /v "Enabled" /t REG_DWORD /d 0 /f
    I like this! What do I write into either a REG or BAT file that does this? Thanks!
      My ComputerSystem Spec

  5.    23 Mar 2016 #5

    TairikuOkami said: View Post
    This "trick" does not stop just Locky, but most of the malware and common users are not limited by it.

    reg add "HKLM\Software\Microsoft\Windows Script Host\Settings" /v "Enabled" /t REG_DWORD /d 0 /f
    Sorry I don't completely understand what you wrote. I opened the registry, went to

    HKEY_LOCAL_MACHINE\Software\Microsoft\Windows Script Host\Settings

    With Settings highlighted, on the right side, I created a new DWORD 32-bit and named it Enabled, then gave it a value of 0 (zero). Is that right?
      My ComputerSystem Spec

  6.    23 Mar 2016 #6

    I think I could re-install Windows faster than deploying this 'bag of tricks' properly.
      My ComputerSystem Spec

  7. TairikuOkami's Avatar
    Posts : 3,413
    10.6 Home 1809 x64
       24 Mar 2016 #7

    RolandJS said: View Post
    I like this! What do I write into either a REG or BAT file that does this? Thanks!
    Into the BAT exactly that line above, into the REG, see bellow.

    TrustMe said: View Post
    With Settings highlighted, on the right side, I created a new DWORD 32-bit and named it Enabled, then gave it a value of 0 (zero). Is that right?
    Yes, that is it.

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Script Host\Settings]
    "Enabled"=dword:00000000
      My ComputerSystem Spec

  8.    24 Mar 2016 #8

    The trick is to have all your personal files (the ones you care about) on a second drive so if you are hit, you can just format and clean install.
      My ComputersSystem Spec

  9. Borg 386's Avatar
    Posts : 21,546
    Win 7 32, Win 7 64 Pro, Win 8.1 64 Pro, Win 10 64 Education Edition
    Thread Starter
       24 Mar 2016 #9

    swarfega said: View Post
    The trick is to have all your personal files (the ones you care about) on a second drive so if you are hit, you can just format and clean install.
    Yepperz, that's the real trick, getting people to do that BEFORE they get hit
      My ComputerSystem Spec


 

Related Threads
New feature in Office 2016 can block macros and help prevent infection Source: https://blogs.technet.microsoft.com/mmpc/2016/03/22/new-feature-in-office-2016-can-block-macros-and-help-prevent-infection/?platform=hootsuite
Had malware virus infection, now I'm a Built-in Administrator(?) in AntiVirus, Firewalls and System Security
Hi all, I suffered an infection yesterday from some soft of Malware/Virus, I believe that I managed to remove the offending program with a bunch of scans from Malwarebytes, SpyBot, AVG, Panda and BitDefender (I went overboard but wanted to make...
infection? outbound localhost.world to ip 69.197.188.122 in AntiVirus, Firewalls and System Security
Got an email from someone that reported a antimalware program was reporting outbound localhost.world to ip 69.197.188.122. The warning came when using browsers or some other programs that connected to the net, any idea what this is?
Solved Taobao infection in AntiVirus, Firewalls and System Security
Color me embarrassed but I seem to have picked up ........... something. As you can see from my screenshot my Browser has gotten a .....visitor and I can't seem to make it leave. It seems to be a shortcut to Taobao. I've tried scans with...
Read more: Microsoft updates Windows Defender to remove Superfish infection | ZDNet
Our Sites
Site Links
About Us
Windows 10 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 10" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd
All times are GMT -5. The time now is 05:26.
Find Us