Vista - General Suggestion...

Hey guys. I just thought i would post a tip here...

I recently seen a virus which encrypted itself for protection. It took forever to get rid of and i thought it was very smart.

So the following commands will prevent a virus from encrypting itself (hopefully).

1) takeown /f "c:\windows\system32\cipher.exe" (/a)
Putting the /a at the end will give ownership to the Administrator group. Without the /a it will be given to the user who executed the command.

icacls "c:\windows\system32\cipher.exe" /deny everyone:f

As far as i know this should work. It will also prevent a user from encrypting files via a command line and possibly via a GUI too. Im not sure. However if you do not use the EFS i suggest you do this. If you do use it, i suggest renaming the command to something less obvious.

Good tip Fmjc001. Not sure, but I believe disabling EFS encryption may prevent this as well.

Yeah probably would have been easier just to explain how to disable it .

Although coping and pasting 2 command lines is quite fast too .

Thanks for the reply Brink

Your method is fine. It's good to have a few alternatives.