Bad Rabbit Ransomware: What It Is, What to Do

Status
Not open for further replies.

darrenskirvin

Prominent
Oct 25, 2017
3
0
510
@Echo off
Echo **************************************
Echo * Create files and revoke permissions*
Echo **************************************
@echo "created-this-to-stop-bad-rabit" >c:\windows\infpub.dat
@echo "created-this-to-stop-bad-rabit" >c:\windows\cscc.dat
icacls c:\windows\infpub.dat /inheritance:r
icacls C:\windows\cscc.dat /inheritance:r

Create this in a .bat or .cmd
 

Paul Wagenseil

Senior Editor
Apr 11, 2014
692
1
4,940


Thanks! For our non-technical readers, you would take the above steps in a command-line window, which you can get by typing "cmd" into the search field you get when clicking on the Windows logo in the bottom left of your screen. Make sure your account has administrator privileges.
 

eli.lingard

Prominent
Oct 25, 2017
5
0
510
MERGED QUESTION
Question from eli.lingard : "What to do about Bad Rabbit?"

I'm sorry if I've already posted this before - I wasn't sure if it had been sent through or not!! I have AVG free installed on my Windows 8 PC, but I'm worried that it won't be enough to stop Bad Rabbit if it ever infects my PC. I can't seem to run windows defender and I'm confused as to why it might be better than AVG if it doesn't have the best ratings.

I can't really afford anything too heavy, but I really don't want to be under attack!

What would you recommend?
 

eli.lingard

Prominent
Oct 25, 2017
5
0
510


I'm afraid I'm really not technically minded; what will this command do, and how exactly do I type it in cmd? Do I need to type all of the commands listed above after the first line of text that comes up in my cmd box?
 

Paul Wagenseil

Senior Editor
Apr 11, 2014
692
1
4,940


AVG Free should be enough to stop Bad Rabbit. Make sure the AVG software automatically updates every day, however. You're not able to run Windows Defender because you have AVG installed, and that's fine: AVG is better than Windows Defender anyway.
 

Paul Wagenseil

Senior Editor
Apr 11, 2014
692
1
4,940


These steps apparently will prevent the Bad Rabbit malware from running on your machine in case of infection. We've linked to this in our article, but Cybereason has a fairly plain-English explanation here: https://www.cybereason.com/blog/cybereason-researcher-discovers-vaccine-for-badrabbit-ransomware
 

darrenskirvin

Prominent
Oct 25, 2017
3
0
510


 

eli.lingard

Prominent
Oct 25, 2017
5
0
510


Brilliant, thank you!
 
Status
Not open for further replies.