Read detail instructions for installing the KW Support’s CryptoLocker Prevention Utility for home computers and for non-domain joined business computers.
Screenshot #1
Screenshot #2
Screenshot #3
Screenshot #4
Screenshot #5
Screenshot #6
Screenshot #7
Screenshot #8
Screenshot #9
Screenshot #10
Screenshot #11
Screenshot #11
The SBS products (SBS 2003/2008/2011) all included a pre-installed set of Group Policy OU’s called MyBusiness. Organizational Units (OU’s) are used to organize users and computers (workstations and servers) in order to manage and apply specific rules and policies.
However, the Essentials products (SBS 2011 Essentials, Windows 2012 Essentials) do not include the MyBusiness OU. So, if you wish to keep consistency between the SBS and Essentials platforms, you will need to create this on your own. One reason for doing this would be to implement the Group Policies related to blocking the CryptoLocker ransomware.
Fortunately, Microsoft did identify the basic steps for creating the MyBusiness OU in KB 2578426 and scroll down to Issue 3 / Rule 3 in the KB article for the required steps.
To (re)create the MyBusiness OU manually. To do this, follow these steps:
After you have finished these steps, your Group policy structure should look like this:
In recent posts (here) I’ve addressed the process of creating Group Policy rules for securing your workstations from attacks like the CryptoLocker ransomware. These rules will prevent random executable files located in your local Application Data folder (AppData) from running.
The vast majority of programs that you may use should not put .exe files in the AppData folder, but every so often we come across an exception. In my case, I tried running Join.Me this morning and was greeted with this pop up window:
The process of adding an exception to the Software Restriction Rules we previously created is very straightfoward:
Modify the XP rule
Modify the Vista and higher rule
You may now wait the appropriate time (somewhere around 90 minutes, I believe) for Group Policy changes to be broadcast to all workstations, or, if you are in a hurry:
You may now test out your application
I posted previously on using Group Policy to establish rules to prevent executable files (.exe) stored in the Windows AppData directory from running, as a way to minimize or prevent the Cryptolocker-type ransomware from infecting your computers.
Someone asked me: “How do I know if the group policy rules are working?”
Good question … easy answer: drop in a small executable file into your local AppData directory and try to run it. I like to use notepad.exe for this test.
Here are the steps if doing this from a Vista / Win7 / Win8 workstation:
The SMB Kitchen team from Third Tier has made available (for free) a CryptoLocker Prevention Kit that includes a 20 page document that includes step by step instructions on how to lock down your servers and workstation using Group Policy settings to minimize future attacks.
The purpose of this post is to summarize those steps down to a single page. These steps are specific to SBS 2008/2011, but should be applicable to Windows 2008/2012 servers.
GOAL: create Software Restriction Policies within Group Policies to block executables (.exe) from running when they are located in the AppData folder or subfolders therein.
CREATE POLICIES FOR XP
CREATE POLICIES FOR VISTA / WIN7 / WIN8
My trusty (and crusty) Dell Optiplex 745 has been a great workstation for me over the past seven years.
Once again my experience was fantastic. Here is a summary of my process:
Pre-Cleanup
I knew I had collected a lot of older 3rd party utilities and apps on this workstation over the years. So, I first took time to review and uninstall those apps that I did not need or use. I recommend doing this before proceeding with the upgrade.
For Quicken, I did a final download of all my accounts and then did a backup of my Quicken database.
I also cleaned out temp files using CCleaner, and reviewed my various Download directories and removed anything I no longer needed.
Backup
Please be sure you have a full system image backup of your workstation before proceeding. That’s just being smart. In my case, I still run Windows Home Server in-house, and fired up a backup of my workstation.
Verify Hardware/Software Compatibility
My only complaint was that it appeared that Microsoft bundled the Upgrade Assistant with the actual setup of Windows 8 – which means that you had to obtain/purchase a copy of Windows 8 prior to determining if your workstation is compatible.
However, with kudos from GHacks.net, I found that Microsoft does indeed have a standalone Windows 8.1 Upgrade Assistant which you can download and run.
I was pleasantly surprised to find that I only had 13 items that I needed to review, and the majority of those were older 3rd party utilities that I really don’t care if they work or not. The only significant app that was flagged that I was concerned with was Quicken, as I was still running Quicken 2011.
Upgrade to Windows 8
I then used my Action Pack subscription to download the Windows 8 Professional iso file, and burned it to a DVD. Running the in-place upgrade took quite a while, but lo and behold, when it finished I was setting at a Windows 8 login.
Before proceeding with upgrading to Windows 8.1, I thought it would be advisable to check out the workstation – Internet, Office, Quicken, and printing, and everything looked good.
Upgrade to Windows 8.1
I went to the Windows Store app looking for the Upgrade to 8.1, but it wasn’t there. So, I decided to run Windows Update and install all Windows 8 related updates, and then rebooted. After that, the Windows store app showed the 8.1 Upgrade option.
Final Comments
Jump in and learn Windows 8. Buy yourself a book.
There’s even a free Windows 8.1 eBook from Microsoft Press!
Microsoft Press has made available a free eBook, written by Ed Bott, titled Introducing Windows 8.1 for IT Professionals Technical Overview.
That certainly is a mouthful – but this 130 page eBook is jammed pack with information.
Here is the Table of Contents:
IntroductionSeveral new Windows updates were recently released. The word from a trusted security MVP is to be careful, especially with KB2862330 which has caused some BSOD’s on some systems (Read more on this issue).
Once again, I always encourage people to make sure that they create a system restore point before installing updates, or better yet, do regular full backups of your computer.
If you do encounter a BSOD with any Microsoft update, call Microsoft:
“We can offer anyone who has this issue and is willing to go through troubleshooting a free-of-charge support incident and Support will work with you 1-1 to get your computer(s) back into a working state. The teams who released this update do know that there may be a problem and are doing additional testing to identify the root cause of the issue that folks are experiencing,” (Ben Herila, Microsoft product manager).
The much-anticipated upgrade to Windows 8 …
Windows 8.1
is now available today (October 17, 2013).
Upgrading to Windows 8.1 is free and easy. Just start up Windows 8, click on the Windows Store tile, and click to start updating!
After Windows 8.1 has been installed, and you restart your computer. you will be have a chance to set additional Express Settings. You can choose to take the default settings, or customize them on your own.
After logging in, you will have an option to generate a security code (6 digit pin code) for you to use in case of suspicious activity with your account.
Enjoy!
You installed a trial version of Microsoft Office 2010, and the trial version has now expired. Now, when you try to double click on a Word (.doc, .docx) or Excel (.xls, .xlsx) file, you get a big screen saying you don’t have Office 2010’s Word/Excel installed.
What happened is that when the trial version expired, it flipped you to running the Starter version of Microsoft Word and Excel. All that needs to be done is to update the file association for those specific file types.
Here’s what you need to do:
* If you see Microsoft Application Virtualization DDE Launcher listed instead, use that instead.
