restricting randsomeware

Hello. A while ago that I noticed. the \Device\KsecDD trick that is used to keep some ransomware, at least from what I’ve experience, keeps CCE from being able to open and run. Is this normal for everyone or was I just unlucky?

I haven’t noticed that personally.

Are you sure there’s nothing else about your computer which could be preventing CCE from loading? My thought would be that it’s something else independent of that one change in setting.

no, I don’t think so. when I added that to the D plus, CCE didn’t run, but as soon as I removed it from the D plus policy, it opened normal.

CCE should be a trusted file in CIS. Can you check and see if it is in the trusted files list.

If not then adding it to the list should solve your problem.

I’m not able to confirm this as I have unistalled CCE

If you ever do decide to reinstall it please let us know if the problem persists.