system
5
Appreciate everyone’s responses.
It turns out that on a network environment the Crpytolocker was only able to attack what was locally on the desktop.
I believe with the roaming profiles on the network, that everything else was untouched.
After checking the registry, I only saw about 8 files on the desktop (nothing important)
My users are instructed to keep all important work in their “My Documents” work directory.
My question now is how did it get passed Avast?
Thanks again everyone for your responses.
Cheers !