There are programs that detect an attempt of the Trojan to install. There are also programs that remove the exploit code.
There are no programs to over-ride the encryption of the files. For those, an external backup of some sort is required for use in recovery, after the exploit has been removed. This particular attack is specific to computers running Windows. (If you are running Windows in a VM that could be vulnerable, and files on the host that are accessible from the VM could also be compromised.) One important mitigation is to correct an "Insecure by Design" setting in Windows. 1. Find the place on a given version of Windows where Folder Options are specified. Under the View tab (if separate). 2. *REMOVE* any check on an advanced setting named "Hide extensions for known file types." Then apply that to all folders. This will make it harder for email attachments and others to be executables disguised as PDFs or ZIPs, for example. -----Original Message----- From: Doug [mailto:[email protected]] Sent: Wednesday, June 3, 2015 20:52 To: [email protected]; [email protected] Subject: Re: Users of OpenOffice in the Miami, Ft. Lauderdale area? [ ... ] Is it known whether any of the usual anti-malware programs is effective against this, and if so, which ones? I would assume when you mention backup, you mean _removable_ backup, like a USB dongle or a USB plug-in hard drive. Wouldn't any text file on the internal hd be infected? I might suggest that users of Linux don't seem to have those problems; I only use Windows about 3% of the time, and I have a couple of anti-malware programs on the Windows partition. So far, so good (knock wood!) [ ... ] --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
