Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
CryptoLocker: Your Files Held For Ransom
10-30-2013, 07:40 PM,
#16
RE: CryptoLocker: Your Files Held For Ransom
I downloaded and installed the 1.4MB executable, and for some reason it appears to require an ActiveX control and Internet access to run. Generally a red flag for me. I'll keep up with my backups in the meantime.
Truth appears in many forms. Find those that resonate with you.

- "If we do not believe in freedom of speech for those we despise, we do not believe in it at all." - Noam Chomsky
- "Humans are not a rational animal, but a rationalizing one." - Leon Festinger

http://avaaz.org - The World In Action
Reply
10-31-2013, 02:44 AM,
#17
RE: CryptoLocker: Your Files Held For Ransom
(10-30-2013, 05:16 PM)datars Wrote:
(10-29-2013, 08:54 PM)JFK Wrote:
(10-29-2013, 07:42 PM)datars Wrote: JFK your just like me. Loaded with HDs.

You don't know the half of it... I also have a rig which does 3 1/2, 2 1/2 IDE as well as SATA which plugs into a USB 3.0 port for all my "offline drives"...
I ran out of fingers and toes to count how many of those I have. LOL

Oh yeah, I also have 3 - 1.8" drives which plug into a compactflash port on my HTPC.


- Too much crap. Blush

The latest acquisition was a 512GB Plextor SSD C: drive. 20 second cold boot time with Win 7 Enterprise which is heavily loaded with apps...
That includes the BIOS timeout asking where I want to boot from. Smile

Now I can screw things up REALLY fast. LOL
I have so many HDs that I have been taking the data off of them, and putting it on larger HDs. Then I take the old drives and put them on older PCs needing to be fix. I still have lots of IDEs left.

PC Matic - Super Shield makes clams that it will stop the new Ransom ware Polymorphic virus and you can use it for free.

Here’s there video on Super Shield
http://www.youtube.com/watch?v=IoKX7WLTAh4#t=454
http://www.wilderssecurity.com/showthread.php?t=299814
[Image: siolflag.gif]
Reply
11-02-2013, 09:21 PM, (This post was last modified: 11-02-2013, 09:29 PM by temp9.)
#18
RE: CryptoLocker: Your Files Held For Ransom
(10-30-2013, 05:16 PM)datars Wrote: PC Matic - Super Shield makes clams that it will stop the new Ransom ware Polymorphic virus and you can use it for free.

Here’s there video on Super Shield
http://www.youtube.com/watch?v=IoKX7WLTAh4#t=454


https://krebsonsecurity.com/2013/11/how-to-avoid-cryptolocker-ransomware/

Caveat: I have CryptoPrevent (mentioned & linked in the Krebs article) on my computer. It can cause an issue with installing some programs - like Firefox - which extract the .exe to a temp file before installing. I guess that at least shows that it does something, I'm not going to try to get CryptoLocker in my system to find out how well it works.

If you try it and run into problems like I mentioned, you can "Unblock" the protection and re-block after you install any software that you have issues with. I also recommend that you whitelist your current programs from within CryptoPrevent.

ETA: I just now noticed that CryptoPrevent has been updated from the 2.2 version that I have. The UI looks different, so the problems I mentioned may not affect this version. Read all instructions!!!
Reply
11-03-2013, 04:03 AM,
#19
RE: CryptoLocker: Your Files Held For Ransom
best test for anything like that.. set up a VM and test it in there where it can do no real harm....
then and only then deploy to any real machine
[Image: siolflag.gif]
Reply
11-03-2013, 07:42 AM,
#20
RE: CryptoLocker: Your Files Held For Ransom
VMs, whether VMware or VirtualBox, can be configured for network access. So you can download to your heart's content with the VM, test programs, scan them, and if nothing seems untoward copy it to a folder shared between the VM and your computer and install it.

However, those serious about testing will want to:

1) Keep images of the VM drive and your system drive backed up to an external drive;
2) Install a program that lets you monitor the system calls of anything you're testing (Win32API calls and what-not); obviously, knowledge of the Win32 API is useful.
Truth appears in many forms. Find those that resonate with you.

- "If we do not believe in freedom of speech for those we despise, we do not believe in it at all." - Noam Chomsky
- "Humans are not a rational animal, but a rationalizing one." - Leon Festinger

http://avaaz.org - The World In Action
Reply
11-03-2013, 01:47 PM,
#21
RE: CryptoLocker: Your Files Held For Ransom
IMHO VM's are overkill for that.

Sandboxie is a much better platform which has a whole lot less overhead for preliminary testing/checking.

- just my opinion.
[Image: Signature2.gif]
Reply
11-04-2013, 09:24 AM,
#22
RE: CryptoLocker: Your Files Held For Ransom
(10-30-2013, 07:40 PM)thokling Wrote: I downloaded and installed the 1.4MB executable, and for some reason it appears to require an ActiveX control and Internet access to run. Generally a red flag for me. I'll keep up with my backups in the meantime.
For me it works. It stop a threat, and I did get a green shield after I rebooted.

This Black November deals, you should be seeing some 3T Drives for $100 to $110 so watch for them
Data R S
Data Recovery Service
[Image: datarecoveryservices.jpg]
ConCen Clothing Company, Chat, Tracker and Forum
http://concen.org
Reply
11-04-2013, 04:33 PM,
#23
RE: CryptoLocker: Your Files Held For Ransom
(11-03-2013, 01:47 PM)JFK Wrote: IMHO VM's are overkill for that.

Sandboxie is a much better platform which has a whole lot less overhead for preliminary testing/checking.

Nice one. I'll want to check it out when I get a chance. I have 4GB of RAM in this beast to throw at anything I want, and have never used more than 2GB at any one time. I'm just waiting for something to come along and tax my 'puter...

(11-04-2013, 09:24 AM)datars Wrote: This Black November deals, you should be seeing some 3T Drives for $100 to $110 so watch for them

Good point there, so long as it's decent enough quality to last a couple years at least.
Truth appears in many forms. Find those that resonate with you.

- "If we do not believe in freedom of speech for those we despise, we do not believe in it at all." - Noam Chomsky
- "Humans are not a rational animal, but a rationalizing one." - Leon Festinger

http://avaaz.org - The World In Action
Reply
11-04-2013, 09:59 PM,
#24
RE: CryptoLocker: Your Files Held For Ransom
(11-04-2013, 04:33 PM)thokling Wrote:
(11-03-2013, 01:47 PM)JFK Wrote: IMHO VM's are overkill for that.

Sandboxie is a much better platform which has a whole lot less overhead for preliminary testing/checking.

Nice one. I'll want to check it out when I get a chance. I have 4GB of RAM in this beast to throw at anything I want, and have never used more than 2GB at any one time. I'm just waiting for something to come along and tax my 'puter...

Basically sandboxie sets aside hard drive space in the form of a directory structure and anything which is changed goes into that structure and is run from there within sandboxie, anything which is unchanged does not.
Anything running in the "sandbox" can not directly access ( as in change ) your normal system files.

It is interesting watching that directory structure swell in size when you do get a virus ( in the sandbox ), yet your normal system files stay the same.

The only extra RAM used is for the sandboxie program itself, and whatever you are testing/checking.
I have an old bootleg Elvis CD-ROM which kills itself ( the index to all his works - filenames on the CD-ROM are cryptic - mp3's and mpg's ) after a few days when unregistered which I run in a sandbox, when it dies I just delete the old sandbox, create a new sandbox and load it there.
I have not figured out how it keeps track yet...
But then again I am not an Elvis fanatic so it isn't all that important to me. Dunno
[Image: Signature2.gif]
Reply
11-06-2013, 01:57 AM, (This post was last modified: 11-08-2013, 06:21 PM by datars.)
#25
RE: CryptoLocker: Your Files Held For Ransom
(11-04-2013, 04:33 PM)thokling Wrote:
(11-03-2013, 01:47 PM)JFK Wrote: IMHO VM's are overkill for that.

Sandboxie is a much better platform which has a whole lot less overhead for preliminary testing/checking.

Nice one. I'll want to check it out when I get a chance. I have 4GB of RAM in this beast to throw at anything I want, and have never used more than 2GB at any one time. I'm just waiting for something to come along and tax my 'puter...

(11-04-2013, 09:24 AM)datars Wrote: This Black November deals, you should be seeing some 3T Drives for $100 to $110 so watch for them

Good point there, so long as it's decent enough quality to last a couple years at least.
Western Digital WD Green 3TB IntelliPower 64MB Cache SATA 6.0Gb/s 3.5" Hard Drive Bare Drive - OEM

$109.99 With Promo Code EMCWWXR28

http://www.newegg.com/Product/Product.aspx?Item=N82E16822136874

This one will end at 10am today $109.99
http://www.newegg.com/Special/ShellShocker.aspx
-----------------------------------------------------
WD 3TB External USB-3 Hard Drive ($99.99)

Use promo code: EMCWWXM37 to get the drive for $99.99

http://www.newegg.com/Product/Product.aspx?Item=N82E16822136749
Data R S
Data Recovery Service
[Image: datarecoveryservices.jpg]
ConCen Clothing Company, Chat, Tracker and Forum
http://concen.org
Reply
11-09-2013, 05:03 PM,
#26
RE: CryptoLocker: Your Files Held For Ransom
CryptoLocker Virus Removal – Easy Step-by-Step instructions

http://pctuneup.org/cryptolocker-virus-removal
Data R S
Data Recovery Service
[Image: datarecoveryservices.jpg]
ConCen Clothing Company, Chat, Tracker and Forum
http://concen.org
Reply
11-10-2013, 04:18 AM,
#27
RE: CryptoLocker: Your Files Held For Ransom
Thanks, datars. If anyone on ConCen has a computer afflicted with CryptoLocker and applies the CryptoLocker Virus Removal tool, please post your results here for the benefit of the community.
Truth appears in many forms. Find those that resonate with you.

- "If we do not believe in freedom of speech for those we despise, we do not believe in it at all." - Noam Chomsky
- "Humans are not a rational animal, but a rationalizing one." - Leon Festinger

http://avaaz.org - The World In Action
Reply
11-10-2013, 11:27 PM,
#28
RE: CryptoLocker: Your Files Held For Ransom
If your files have been encrypted by CryptoLocker removing the "virus" will not decrypt your files. The only way to decrypt them is to pay the ransom and get the private key. (And, since you're dealing with criminals, there's no guarantee that they'll follow through, but I've read no reports of this happening.) If you remove the "virus" you can't even pay the ransom if you should decide to give in, since you can't connect to their servers.

Just sayin'.
Reply
11-12-2013, 12:25 AM, (This post was last modified: 11-12-2013, 12:27 AM by datars.)
#29
RE: CryptoLocker: Your Files Held For Ransom
I do recommend these two software’s to help reduce that chance of getting this virus.

Privacy Eraser Pro and Revo Uninstaller Pro

Revo Uninstaller Pro will let you see software that has hi-jack your PC. Most hi-jack software’s don't have uninstallers, Revo Uninstaller will find all there registry inputs and lets you delete them, then it scan for all the folders an files and lets you delete them.

Other hi-jack software’s hide deep in the Temp folders, so uninstaller programs can't see these, so what I use is Privacy Eraser Pro. Now after using Eraser Pro. Its best to go into your browser setting to re-set your homepage, plus take out the BS plug-ins.

Also never do updates from web pop-up like flash or Java. Only let these updates come from your task bare at the bottom right. Also keep windows updated at all times. Do keep in mind if you’re running XP, Microsoft will not be supporting XP after April 2014, so do all your update beforehand, then use a backup software to back-up windows. After April 2014 you should be able to find Windows XP with all the XP updates CD or DVD installation Disk on The Pirate Bay
Data R S
Data Recovery Service
[Image: datarecoveryservices.jpg]
ConCen Clothing Company, Chat, Tracker and Forum
http://concen.org
Reply
11-12-2013, 01:46 AM,
#30
RE: CryptoLocker: Your Files Held For Ransom
i've been using revo for at least a couple of years. first time i hit that delete button - idk what would happen, but now do it all the time... never had a problem and good riddance :-D
[Image: ommanipadmehum.gif]
my uploads on h33t
Reply


Possibly Related Threads...
Thread Author Replies Views Last Post
  For the release of our compatriots and colleagues held captive in Baba Amr, Syria Solve et Coagula 0 390 02-27-2012, 12:31 AM
Last Post: Solve et Coagula
  American church group held after trying to take children out of Haiti TriWooOx 0 376 01-31-2010, 05:26 PM
Last Post: TriWooOx
  Judge Calls For Bush And Allies To Be Held Criminally Accountable For Iraq waxzy 0 387 03-23-2007, 12:53 PM
Last Post: waxzy
  Man Arrested For Telling Cheney “your Policies In Iraq Are Reprehensible” Files Lawsuit... Solve et Coagula 1 463 10-04-2006, 12:29 AM
Last Post: waxzy
  Four Terrorism Suspects Held In 'inhuman' Isolation Despite Lack Of Court Order 0 382 Less than 1 minute ago
Last Post:

Forum Jump:


Users browsing this thread: 1 Guest(s)