following sites have useful information and removal tools for ransomware infection
few tips to prevent ransomware:
– Disable Windows Script Host
Numerous spam campaigns are pushing various crypto-ransomware families (and backdoors) via .zip file attachments. And such .zip files typically contain a JScript (.js/.jse) file that, if clicked, will be run via Windows Script Host.
Do yourself a favor and edit your Windows Registry to disable WSH.
Here’s the key (folder).
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Script Host\Settings
Create a new DWORD value named “Enabled” and set the value data to “0”.
And then, if you click on a .js file, you’ll see this.
Which is way better than seeing an extortion note.
PREVENT EXECUTION IN FOLLOWING FOLDERS:
%appdata% and %Localappdata%
ENFORCE UAC to prevent Malware execution
use APPBLOCKER to allow only predefined program execution.
Enable “Display File Extension” in windows file browser so that malwares which will have .exe extensions hidden in the disguise of malware.pdf will be displayed as “malware.pdf.exe”
How to Protect both “Client system folders” and “server shared folders” using Kaspersky Endpoint Protection. ( Excellent and useful video – 7 minutes)
How to configure Kaspersky to prevent Ransomware infection in managed computers