CryptoLocker

Robert-Prodigy
Robert-Prodigy used Ask the Experts™
on
is anyone know some working solution that can prevent CryptoLocker to infect my network computer?
Comment
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®
What we are doing to prevent it is to create a new local security policy or a GPO for an AD network domain that prevents any EXE's running from within %AppData%

This works because this is where Cryptolocker runs.

You might find you have to create whitelist entries to allow required programs to run, i.e. some installers/updaters etc but this does work well.  We've had no infections once doing this for customers.

Wayne

Author

Commented:
thx any chance to decode  infected machine? we have one machine that encrypt all the files - no shadow copy or backup for this machine - we excite some operation mention in article over the net currently with no luck - nothing work :( files still encrypt

also anyone ever pay for this guys?
No sorry, I think its basically impossible without the key!

Author

Commented:
is any one ever tried to decrypt with Kaspersky decrypt utility? is there any other tools that try to decrypt crypt locker encryption?
btanExec Consultant
Distinguished Expert 2018

Commented:
For info on - FireEye and Fox-IT have partnered to provide free keys designed to unlock systems infected by CryptoLocker.

https://www.decryptcryptolocker.com/

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial