Does ESET protect me from Filecoder (CryptoLocker) malware?

KB Solution ID: SOLN3433|Last Revised: January 21, 2015


  • Your ESET product detects a variant of the threat  "Win32/Filecoder", for example,
  • Your ESET product detects the threat "Win32/Gpcode"
  • Your ESET product detects the threat "Win32/TrojanDownload.Elenoocka.A."
  • These threats are also known as "CryptoLocker", "Cryptowall", "Dirty decrypt", and "CTB locker"



ESET software can detect and block most variants of the Win32/Filecoder malware.

Keep ESET updated

How do I know ESET Smart Security/ESET NOD32 Antivirus is updating correctly?

New versions of this malware are released frequently, so it is important that you are receiving regular virus database updates (your ESET product will check for updates every hour provided that you have a valid license and a working internet connection) and take precautions to ensure that your computer is not vulnerable to this infection.

Keep Remote Desktop Protocol disabled

Filecoder malware often accesses target machines using Remote Desktop Protocol (RDP), a Windows utility that allows others to access your desktop remotely. If you do not require the use of RDP, you can disable RDP to protect your machine from Filecoder and other RDP exploits. For instructions to do so, visit the appropriate Microsoft Knowledge Base article below:

To learn more about how you can protect your system from this malware, we recommend that you read the following ESET blog posts:


Need Personalized Assistance in North America?

If you're not already an ESET customer, ESET Support Services are available to clean, optimize and secure your system. Call 866-944-3738 or click to schedule an appointment with ESET Support Services today!

Rate this article:
1 2 3 4 5
Please comment on your rating...
We cannot respond to feedback from this form. Requests for assistance should be submitted through your normal support channel.
5 - Definitely
4 - Mostly
3 - Somewhat
2 - Not Really
1 - Not At All