At the present day, there is no mainstream antivirus that detects all variants of Cryptolocker.
‘Properly securing’ network against this particular virus includes (but not limited to):
-   Disallowing all *.exe and *.zip attachments
-   Disallowing execution from %AppData%, %LocalAppData% folders and subfolders
-   Disallowing execution from Zip, 7Zip, WinRar, WinZip, and other such utilities TEMP folders
As you can imagine this poses a few side effects, such as Adobe applications updates stopping working.
How can an IT administrator stop users from clicking on email attachments?