Another layer of protection: Cryptolocker and other malware

Preventative Workstation protection:

This virus launches from a specific location on the workstation, thus it’s recommended to add a group policy setting to block it from Windows Vista/7/8 and from XP.

Use software restriction policies as follows:

Windows 7:

You can use Software Restriction Policies to block executables from running when they are located in the %AppData% folder, or any other folder. File paths of the infection are: C:\Users\User\AppData\Roaming\{213D7F33-4942-1C20-3D56=8-1A0B31CDFFF3}.exe (Vista/7/8)

0 replies

Leave a Reply

Want to join the discussion?
Feel free to contribute!

Leave a Reply

Your email address will not be published. Required fields are marked *