Does ESET protect me from Filecoder (CryptoLocker) malware?KB Solution ID: SOLN3433|Last Revised: January 21, 2015
- Your ESET product detects a variant of the threat "Win32/Filecoder", for example, filecoder.cr
- Your ESET product detects the threat "Win32/Gpcode"
- Your ESET product detects the threat "Win32/TrojanDownload.Elenoocka.A."
- These threats are also known as "CryptoLocker", "Cryptowall", "Dirty decrypt", and "CTB locker"
ESET software can detect and block most variants of the Win32/Filecoder malware.
Keep ESET updated
New versions of this malware are released frequently, so it is important that you are receiving regular virus database updates (your ESET product will check for updates every hour provided that you have a valid license and a working internet connection) and take precautions to ensure that your computer is not vulnerable to this infection.
Keep Remote Desktop Protocol disabled
Filecoder malware often accesses target machines using Remote Desktop Protocol (RDP), a Windows utility that allows others to access your desktop remotely. If you do not require the use of RDP, you can disable RDP to protect your machine from Filecoder and other RDP exploits. For instructions to do so, visit the appropriate Microsoft Knowledge Base article below:
To learn more about how you can protect your system from this malware, we recommend that you read the following ESET blog posts:
- CTB-Locker: Multilingual Malware Demands Ransom
- Cryptolocker 2.0 – new version, or copycat?
- 11 things you can do to protect against ransomware, including Cryptolocker
- Filecoder: Holding your data to ransom
- Don’t pay up! How to avoid ransomware threats – and how to fight back
- Remote Desktop (RDP) Hacking 101: I can see your desktop from here!