Video Screencast Help
Symantec to Separate Into Two Focused, Industry-Leading Technology Companies. Learn more.
Security Community Blog


Created: 07 Nov 2013 • Updated: 08 Nov 2013 • 3 comments
megamanVI's picture
+2 2 Votes
Login to vote

Cryptolocker ( is a new malware that surfaced recently. It is wreaking havoc on Windows file shares and locking people out of their files. The malware encrypts commonly used documents and prevents the user from accessing them. The malware will then attempt to extract payment from you to unlock your files. Arstechnica has a great writeup on this (

Some tips on dealing with this malware:

  1. Ensure your virus protection is up to date
  2. Restrict workstation permissions so that the general users have limited access rights
  3. Ensure your backup policies are good
  4. Make sure all your fileshares are backed up often
  5. You can find the source of the infection by viewing which user has ownership permissions on the infected file(s). That way you can isolate their workstation.

Thankfully, Symantec Endpoint Protection protects from this virus:

Comments 3 CommentsJump to latest comment

megamanVI's picture

I want to add that Spiceworks has some group policy templates that you can import and apply in your environment.

Login to vote
Mick2009's picture

Thanks for raising awareness, megamanVI!

The article Recovering Ransomlocked Files Using Built-In Windows Tools, deals with a few possible ways how to prevent and recover from Trojan.Cryptolocker- one of today's most-destructive threats- should it infect your network and hold your data hostage.

With thanks and best regards,


Login to vote
cbenazzi3's picture

Backup, backup, backup and don't open unkonwn emails..

thank you for article!

Login to vote