Jump to content

Recommended Posts

Posted

Hi!

 

There's a new ransomware with .wsf extension, i have ERA 6 and ESET Bussiness deployed in 150 workstations, i need to block that file extension.

 

How can i achieve that?

 

Thanks in advance!

  • ESET Staff
Posted

HIPS rule that will block execution of C:\Windows\System32\wscript.exe.

 

I would add also cscript.exe mostly located side-by-side with wscript.exe in multiple system locations (i.e. also in c:\Windows\SysWOW64\).

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...