Free Republic
Browse · Search
General/Chat
Topics · Post Article

Skip to comments.

Semi-VANITY : Prevention of New Virus sweeping the Interwebs: CryptoLocker
bleepingcomputer.com ^ | Oct 25, 2013 | Bleeping Computer

Posted on 10/26/2013 1:29:26 PM PDT by NoLibZone

Heads up and Prevention of New New Virus sweeping the Interwebs: CryptoLocker

http://www.bleepingcomputer.com/virus-removal/cryptolocker-ransomware-information

PROBLEM:

CryptoLocker is a ransomware program that was released around the beginning of September 2013. This ransomware will encrypt certain files using a mixture of RSA & AES encryption. When it has finished encrypting your files, it will display a CryptoLocker payment program that prompts you to send a ransom of either $100 or $300 in order to decrypt the files. This screen will also display a timer stating that you have 96 hours, or 4 days, to pay the ransom or it will delete your encryption key and you will not have any way to decrypt your files. This ransom must be paid using MoneyPak vouchers or Bitcoins. Once you send the payment and it is verified, the program will decrypt the files that it encrypted.

One Easy Solution:

The easy to use free tool to change group polices to block your Hard Drive from unauthorized encryption: http://www.foolishit.com/vb6-projects/cryptoprevent/

First I scanned the CryptoPrevent using VirusTotal.com to make certain it’s clean. It is.

Then I used MalwareBytes to make sure I an clean.
Then I ran a new restore point.
Then I ran the one click CryptoPrevent and tested. It worked.

Image of the little app dialogue:
http://imgur.com/5M9bDyU">

(Excerpt) Read more at bleepingcomputer.com ...


TOPICS:
KEYWORDS: cryptolocker; malware; ransomware; virus
Navigation: use the links below to view more comments.
first previous 1-2021-40 last
To: NoLibZone
Ok, this seems to be a legitimate threat. Have any of our resident techies checked out the CryptoPrevent tool to verify that it's clean and effective?

I'd really like to see some verification from trusted Freepers before I go and install this thing on all my family's computers.

Thanks.

21 posted on 10/26/2013 2:22:38 PM PDT by Windflier (To anger a conservative, tell him a lie. To anger a liberal, tell him the truth.)
[ Post Reply | Private Reply | To 1 | View Replies]

To: NoLibZone

http://www.microsoft.com/en-us/download/malicious-software-removal-tool-details.aspx


22 posted on 10/26/2013 2:23:38 PM PDT by UB355 (Slower traffic keep right)
[ Post Reply | Private Reply | To 1 | View Replies]

To: oh8eleven

Who ya gonna call? Obamabusters!


23 posted on 10/26/2013 2:28:08 PM PDT by ully2
[ Post Reply | Private Reply | To 2 | View Replies]

To: NoLibZone

BFL, gonna come back to this if anyone confirms the tool is clean.


24 posted on 10/26/2013 2:34:13 PM PDT by Fire_on_High (RIP City of Heroes and Paragon Studios, victim of the Obamaconomy.)
[ Post Reply | Private Reply | To 1 | View Replies]

To: NoLibZone

There was another ransomware “FBI virus” which held computers hostage claiming child porn, and unlocking it for money, too:

http://www.nbcchicago.com/investigations/Phony-FBI-Virus-Can-Hold-Your-Computer-Hostage-212056411.html


25 posted on 10/26/2013 2:36:27 PM PDT by Carriage Hill (Peace is that brief glorious moment in history, when everybody stands around reloading.)
[ Post Reply | Private Reply | To 1 | View Replies]

To: Windflier
You can do this manually if you don't want to trust the program.

Here (among many places) are instructions: http://www.trishtech.com/2011/05/disable-file-encryption-in-windows-7-using-group-policy/

It's straightforward, and if you don't use encryption it should be set this way, anyway.

26 posted on 10/26/2013 2:37:27 PM PDT by FredZarguna (The sequel, thoroughly pointless, derivative, and boring was like all James Cameron "films.")
[ Post Reply | Private Reply | To 21 | View Replies]

To: NoLibZone

This is a case where I would be perfectly fine with the government hunting the scum behind this scam down and exterminating them. Painfully. They are pure scum.


27 posted on 10/26/2013 2:43:08 PM PDT by piytar (The predator-class is furious that their prey are shooting back.)
[ Post Reply | Private Reply | To 1 | View Replies]

To: NoLibZone

http://www.computerworld.com/s/article/9243537/Cryptolocker_How_to_avoid_getting_infected_and_what_to_do_if_you_are_?taxonomyId=85&pageNumber=1


28 posted on 10/26/2013 2:44:14 PM PDT by mrsmith (Dumb sluts: Lifeblood of the Media, Backbone of the Democrat Party!)
[ Post Reply | Private Reply | To 1 | View Replies]

To: oh8eleven

McAfee Internet Security gives a warning about going to the website www.foolishit.com


29 posted on 10/26/2013 2:47:09 PM PDT by COBOL2Java (I'm a Christian, pro-life, pro-gun, Reaganite. The GOP hates me. Why should I vote for them?)
[ Post Reply | Private Reply | To 2 | View Replies]

To: oh8eleven

“www.foolishit.com
Surely you jest.”

Ding, Ding, Ding! We have a winner!


30 posted on 10/26/2013 2:52:34 PM PDT by Carriage Hill (Peace is that brief glorious moment in history, when everybody stands around reloading.)
[ Post Reply | Private Reply | To 2 | View Replies]

To: NoLibZone

http://www.snopes.com/computer/virus/cryptolocker.asp


31 posted on 10/26/2013 2:55:17 PM PDT by JoeProBono (SOME IMAGES MAY BE DISTURBING VIEWER DISCRETION IS ADVISED;-{)
[ Post Reply | Private Reply | To 1 | View Replies]

To: NoLibZone

https://www.NSAFileRecovery.com


32 posted on 10/26/2013 3:02:58 PM PDT by philetus (Keep doing what you always do and you'll eventually get what you deserve)
[ Post Reply | Private Reply | To 1 | View Replies]

To: FredZarguna
You can do this manually if you don't want to trust the program. Here (among many places) are instructions:

Thanks, Fred. Much appreciated. I'll check it out.

33 posted on 10/26/2013 3:13:49 PM PDT by Windflier (To anger a conservative, tell him a lie. To anger a liberal, tell him the truth.)
[ Post Reply | Private Reply | To 26 | View Replies]

To: NoLibZone

I just fixed my lady friend’s laptop from this crypto virus-malwarebytes-trojan (whatever). The virus doesn’t disable Windows restore to earlier date, so I simply shutdown the computer (Ctrl+Alt+Del), pressed power-button at least 10 seconds because it Windows hanged, then boot to Safe Mode, restored Windows to earlier date, and DONE! I had to download her Malwarebytes Pro and did full scan.


34 posted on 10/26/2013 3:21:14 PM PDT by hamboy
[ Post Reply | Private Reply | To 1 | View Replies]

To: FredZarguna

Done and done! Thanks, FS. The simplest solution is often the best solution.


35 posted on 10/26/2013 3:23:32 PM PDT by TigersEye (Stupid is a Progressive disease.)
[ Post Reply | Private Reply | To 26 | View Replies]

To: TigersEye

Bookmarking.

Does it only go after Windows 7?


36 posted on 10/26/2013 3:27:55 PM PDT by miserare (Fire Eric Holder!)
[ Post Reply | Private Reply | To 35 | View Replies]

To: miserare; All
I'm sorry but I had never heard of this until this thread.
Perhaps someone else will supply an answer to that.
37 posted on 10/26/2013 3:35:10 PM PDT by TigersEye (Stupid is a Progressive disease.)
[ Post Reply | Private Reply | To 36 | View Replies]

To: NoLibZone

Bfl


38 posted on 10/26/2013 5:21:12 PM PDT by Kush (Insert your own witty, patriotic, or sarcastic remark here.)
[ Post Reply | Private Reply | To 1 | View Replies]

To: NoLibZone

This person needs be caught and summarily executed. In a public and painful manner. Preferably burned alive at the stake on the Washington Mall, with major live network feeds to the whole world.


39 posted on 10/26/2013 7:34:58 PM PDT by catnipman (Cat Nipman: Vote Republican in 2012 and only be called racist one more time!)
[ Post Reply | Private Reply | To 1 | View Replies]

To: NoLibZone

Bump....


40 posted on 10/26/2013 9:36:06 PM PDT by Intolerant in NJ
[ Post Reply | Private Reply | To 1 | View Replies]


Navigation: use the links below to view more comments.
first previous 1-2021-40 last

Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.

Free Republic
Browse · Search
General/Chat
Topics · Post Article

FreeRepublic, LLC, PO BOX 9771, FRESNO, CA 93794
FreeRepublic.com is powered by software copyright 2000-2008 John Robinson