1.    23 Mar 2016 #1
    Join Date : Oct 2014
    In a house with a crazy cat trying to kill me
    Posts : 17,364
    Win 7 32, Win 7 64 Pro, Win 8.1 64 Pro, Win 10 64 Education Edition

    This bag of tricks may help stop a ransomware infection


    A malware researcher has found a few tricks to stop one of the latest types of ransomware, called Locky, from infecting a computer without using any security programs.
    This bag of tricks may help stop a ransomware infection | PCWorld
      My ComputerSystem Spec
  2.    23 Mar 2016 #2
    Join Date : Oct 2014
    Trnava
    Posts : 2,944
    10.4 Home 1709 x64

    This "trick" does not stop just Locky, but most of the malware and common users are not limited by it.

    reg add "HKLM\Software\Microsoft\Windows Script Host\Settings" /v "Enabled" /t REG_DWORD /d 0 /f
      My ComputerSystem Spec
  3.    23 Mar 2016 #3
    Join Date : Oct 2013
    Posts : 25,674
    64-bit Windows 10 Pro build 17046
      My ComputersSystem Spec
  4.    23 Mar 2016 #4
    Join Date : Jan 2015
    Posts : 693

    Quote Originally Posted by TairikuOkami View Post
    This "trick" does not stop just Locky, but most of the malware and common users are not limited by it.
    reg add "HKLM\Software\Microsoft\Windows Script Host\Settings" /v "Enabled" /t REG_DWORD /d 0 /f
    I like this! What do I write into either a REG or BAT file that does this? Thanks!
      My ComputerSystem Spec
  5.    23 Mar 2016 #5
    Join Date : Sep 2015
    Posts : 274
    Windows 10 Home

    Quote Originally Posted by TairikuOkami View Post
    This "trick" does not stop just Locky, but most of the malware and common users are not limited by it.

    reg add "HKLM\Software\Microsoft\Windows Script Host\Settings" /v "Enabled" /t REG_DWORD /d 0 /f
    Sorry I don't completely understand what you wrote. I opened the registry, went to

    HKEY_LOCAL_MACHINE\Software\Microsoft\Windows Script Host\Settings

    With Settings highlighted, on the right side, I created a new DWORD 32-bit and named it Enabled, then gave it a value of 0 (zero). Is that right?
      My ComputerSystem Spec
  6.    23 Mar 2016 #6
    Join Date : Feb 2014
    Posts : 9,470
    Windows 10 Professional

    I think I could re-install Windows faster than deploying this 'bag of tricks' properly.
      My ComputersSystem Spec
  7.    24 Mar 2016 #7
    Join Date : Oct 2014
    Trnava
    Posts : 2,944
    10.4 Home 1709 x64

    Quote Originally Posted by RolandJS View Post
    I like this! What do I write into either a REG or BAT file that does this? Thanks!
    Into the BAT exactly that line above, into the REG, see bellow.

    Quote Originally Posted by TrustMe View Post
    With Settings highlighted, on the right side, I created a new DWORD 32-bit and named it Enabled, then gave it a value of 0 (zero). Is that right?
    Yes, that is it.

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Script Host\Settings]
    "Enabled"=dword:00000000
      My ComputerSystem Spec
  8.    24 Mar 2016 #8

    The trick is to have all your personal files (the ones you care about) on a second drive so if you are hit, you can just format and clean install.
      My ComputersSystem Spec
  9.    24 Mar 2016 #9
    Join Date : Oct 2014
    In a house with a crazy cat trying to kill me
    Posts : 17,364
    Win 7 32, Win 7 64 Pro, Win 8.1 64 Pro, Win 10 64 Education Edition
    Thread Starter

    Quote Originally Posted by swarfega View Post
    The trick is to have all your personal files (the ones you care about) on a second drive so if you are hit, you can just format and clean install.
    Yepperz, that's the real trick, getting people to do that BEFORE they get hit
      My ComputerSystem Spec

 


Similar Threads
Thread Forum
Office New feature in Office 2016 can block macros and help prevent infection
New feature in Office 2016 can block macros and help prevent infection Source: https://blogs.technet.microsoft.com/mmpc/2016/03/22/new-feature-in-office-2016-can-block-macros-and-help-prevent-infection/?platform=hootsuite
Windows 10 News
Had malware virus infection, now I'm a Built-in Administrator(?)
Hi all, I suffered an infection yesterday from some soft of Malware/Virus, I believe that I managed to remove the offending program with a bunch of scans from Malwarebytes, SpyBot, AVG, Panda and BitDefender (I went overboard but wanted to make...
AntiVirus, Firewalls and System Security
infection? outbound localhost.world to ip 69.197.188.122
Got an email from someone that reported a antimalware program was reporting outbound localhost.world to ip 69.197.188.122. The warning came when using browsers or some other programs that connected to the net, any idea what this is?
AntiVirus, Firewalls and System Security
Solved Taobao infection
Color me embarrassed but I seem to have picked up ........... something. As you can see from my screenshot my Browser has gotten a .....visitor and I can't seem to make it leave. It seems to be a shortcut to Taobao. I've tried scans with...
AntiVirus, Firewalls and System Security
Microsoft updates Windows Defender to remove Superfish infection
Read more: Microsoft updates Windows Defender to remove Superfish infection | ZDNet
Windows 10 News
Our Sites
Site Links
About Us
Windows 10 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 10" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd
All times are GMT -5. The time now is 11:22.
Find Us
Twitter Facebook Google+ Ten Forums iOS App Ten Forums Android App



Windows 10 Forums