Inquiridor
Recriando Sysvol apos Ransonware

Pergunta
-
Boa tarde Senhores.
Estou com seguinte Problema.
Tive um problema com Ransonware em minha rede,
que afetou todo sysvol
Qual a melhor maneira de reparar isso ?
Obrigado.
- Editado Guilhermejf quarta-feira, 3 de julho de 2019 16:45
Todas as Respostas
-
-
Todos os arquivos desta pasta foi criptografado.
fui obrigado a deletar.quando executo um gpupdate /Force
me retorn.
C:\Users\administrator>gpupdate /Force Updating policy... Computer policy could not be updated successfully. The following errors were enc ountered: The processing of Group Policy failed. Windows attempted to read the file \\DOMINIO.com.br\sysvol\DOMINIO.com.br\Policies\{6AC1786C-016F-11D2-945F-00C04FB98 4F9}\gpt.ini from a domain controller and was not successful. Group Policy setti ngs may not be applied until this event is resolved. This issue may be transient and could be caused by one or more of the following: a) Name Resolution/Network Connectivity to the current domain controller. b) File Replication Service Latency (a file created on another domain controller has not replicated to the current domain controller). c) The Distributed File System (DFS) client has been disabled. User Policy could not be updated successfully. The following errors were encount ered: The processing of Group Policy failed. Windows attempted to read the file \\DOMINIO.com.br\SysVol\DOMINIO.com.br\Policies\{19BBE131-7710-4804-8135-F5077FD74 4D6}\gpt.ini from a domain controller and was not successful. Group Policy setti ngs may not be applied until this event is resolved. This issue may be transient and could be caused by one or more of the following: a) Name Resolution/Network Connectivity to the current domain controller. b) File Replication Service Latency (a file created on another domain controller has not replicated to the current domain controller). c) The Distributed File System (DFS) client has been disabled. To diagnose the failure, review the event log or run GPRESULT /H GPReport.html f rom the command line to access information about Group Policy results.
- Editado Guilhermejf quarta-feira, 3 de julho de 2019 17:13
-
Acredito que uma opção para esta situação seria você reconstruir a arvore sysvol do zero. De uma olhada neste artigo e vê se te ajuda neste processo:
Att,
-
Recomendo voltar um backup do dia anterior. Recomendo também atualizar o Windows Server 2008 para 2019 que é mais seguro contra esses tipos de vírus.
Fim do suporte de Windows Server 2008 e 2008 R2 termina em Janeiro de 2020.
Att. Gabriel Luiz
-
Qual as consequências disso ?
Perda de GPO ?
Att:
- Editado Guilhermejf segunda-feira, 15 de julho de 2019 13:23