Forums
New posts
Search forums
News
Security News
Technology News
Giveaways
Giveaways, Promotions and Contests
Discounts & Deals
Reviews
Users Reviews
Video Reviews
Support
Windows Malware Removal Help & Support
Inactive Support Threads
Mac Malware Removal Help & Support
Mobile Malware Removal Help & Support
Blog
Log in
Register
What's new
Search
Search titles only
By:
Search titles only
By:
Reply to thread
Menu
Install the app
Install
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Forums
Software
Security Apps
Hard_Configurator Tools
Hard_Configurator - Windows Hardening Configurator
Message
<blockquote data-quote="Andy Ful" data-source="post: 630522" data-attributes="member: 32260"><p>Hard_Configurator can also mitigates Wannacry with the option <Disable Command Prompt> = ON , because the malware uses cmd.exe to get persistence and delete the volume shadow copies.</p><p><a href="https://www.endgame.com/blog/wcrywanacry-ransomware-technical-analysis" target="_blank">WCry/WanaCry Ransomware Technical Analysis | Endgame</a></p><p></p><p>The attack can be stopped by <Block Remote Access> = ON, if the attacker tries to use Remote Shell or Remote Desktop.</p><p></p><p>Edit1</p><p>I corrected my post by removing the info about @WanaDecryptor@.exe - I am not convinced, if it is the encrypting executable.</p><p></p><p>Edit2</p><p>Home users can be infected by Wannacry by running the malware executable.</p><p><strong>Hard_Configurator with recommended settings (SRP + <Run As SmartScreen> = Administrator) will stop Wannacry execution by the user, due to forced SmartScreen.</strong></p></blockquote><p></p>
[QUOTE="Andy Ful, post: 630522, member: 32260"] Hard_Configurator can also mitigates Wannacry with the option <Disable Command Prompt> = ON , because the malware uses cmd.exe to get persistence and delete the volume shadow copies. [URL='https://www.endgame.com/blog/wcrywanacry-ransomware-technical-analysis']WCry/WanaCry Ransomware Technical Analysis | Endgame[/URL] The attack can be stopped by <Block Remote Access> = ON, if the attacker tries to use Remote Shell or Remote Desktop. Edit1 I corrected my post by removing the info about @WanaDecryptor@.exe - I am not convinced, if it is the encrypting executable. Edit2 Home users can be infected by Wannacry by running the malware executable. [B]Hard_Configurator with recommended settings (SRP + <Run As SmartScreen> = Administrator) will stop Wannacry execution by the user, due to forced SmartScreen.[/B] [/QUOTE]
Insert quotes…
Verification
Post reply
Top
