Results 1 to 2 of 2
  1. #1
    New Lounger
    Join Date
    Oct 2013
    Thanked 0 Times in 0 Posts

    Cryptolocker registry export to others

    The article about Cryptolocker and using Software Restriction Policies was very good. Now that I've added those rules, I searched the registry and found their location under HKEY_CURRENT_USER\Software\Microsoft\Windows\Curre ntVersion\Group Policy Objects\{15B0F9E2-A9A1-417B-94EE-8C46DDD8317C}Machine\Software\Policies\Microsoft\W indows\Safer\CodeIdentifiers\0\Paths.

    If I right click on Paths, click Export, and create CRYPTO_FIX.REG, can I now email CRYPTO_FIX.REG to someone else, they double click on it, and it installs these paths on their computer? This assumes that both computers are identical in hardware and software. I have about 40 non-networked computers that I need to fix, and this seems like the way to do it. Am I wrong? Thanks!

  2. #2
    Lounge VIP
    Join Date
    Apr 2011
    Thanked 134 Times in 115 Posts
    Yes it should work, but if these machines are not networked, how will they receive the email and how can you be certain the patch has been deployed?

    Remember that these software restriction policies are only a temporary block and the threat will likely morph to execute from other locations. In addition to the restriction policies, educate users not to click on things they shouldn't, deploy proxies and web filtering to prevent access to unnecessary resources and ensure robust and non-local backups are kept and tested.
    In God we trust; all others must bring data.

    - William Edwards Deming. 1900 - 1993

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts