Jump to content

does eset detect this malware Cryptolocker

mantra

By mantra
in Malware Finding and Cleaning

 Share

Recommended Posts

  • Administrators
Marcos

Marcos 5,070

Posted
  • Administrators
Posted

Most likely it's detected as Win32/Filecoder.XX. However, without an exact sample it's impossible to tell for sure and my assumption is based only on searching for the name provided.

Link to comment
Share on other sites
SweX

SweX 871

Posted
Posted

hi

i read about a really bad malware called Cryptolocker

 

does eset detect it and its variants?

 

 

To answer your question. :)

 

Yes ESET does detect this sample as: Win32/Filecoder.BQ

https://www.virustotal.com/en/file/d765e722e295969c0a5c2d90f549db8b89ab617900bf4698db41c7cdad993bb9/analysis/1378914319/

Link to comment
Share on other sites
mantra

mantra 1

Posted
  • Author
Posted
 
 

 

 

hi

i read about a really bad malware called Cryptolocker

 

does eset detect it and its variants?

 

 

To answer your question. :)

 

Yes ESET does detect this sample as: Win32/Filecoder.BQ

https://www.virustotal.com/en/file/d765e722e295969c0a5c2d90f549db8b89ab617900bf4698db41c7cdad993bb9/analysis/1378914319/

 

 

they are several variants hope eset will detect them

it's a bloody malware

Link to comment
Share on other sites
SweX

SweX 871

Posted
Posted

 

 
 

 

 

hi

i read about a really bad malware called Cryptolocker

 

does eset detect it and its variants?

 

 

To answer your question. :)

 

Yes ESET does detect this sample as: Win32/Filecoder.BQ

https://www.virustotal.com/en/file/d765e722e295969c0a5c2d90f549db8b89ab617900bf4698db41c7cdad993bb9/analysis/1378914319/

 

 

they are several variants hope eset will detect them

it's a bloody malware

 

Sure there is.

Link to comment
Share on other sites
  • 2 weeks later...
  • Former ESET Employees
dwomack

dwomack 160

Posted
  • Former ESET Employees
Posted

Here is an ESET KB Article answering this exact question: hxxp://kb.eset.com/esetkb/index?page=content&id=SOLN3433

 

Another giving you stand-alone removal tools for six variants: hxxp://kb.eset.com/esetkb/index?page=content&id=SOLN2372 For others, we'd recommend contacting ESET Customer Care for removal

 

And today's recent blog post about Filecoder from ESET Malware Researcher Robert Lipovsky: hxxp://www.welivesecurity.com/2013/09/23/filecoder-holding-your-data-to-ransom/

Link to comment
Share on other sites
  • 1 month later...
DGMurdockIII

DGMurdockIII 1

Posted
Posted

here more info on the virus for you guys

 

hxxp://www.bleepingcomputer.com/virus-removal/cryptolocker-ransomware-information

 

hxxp://www.reddit.com/r/sysadmin/comments/1mizfx/proper_care_feeding_of_your_cryptolocker/

 

hxxp://www.kernelmode.info/forum/viewtopic.php?f=16&t=2945

Link to comment
Share on other sites
  • 1 month later...
Pentode

Pentode 13

Posted
Posted

There is a bit that you can do to prevent this, this is by altering your computer security policy to 'help' prevent the infection from running, but first you need a little insight on how they actually carry out the 'dirty', rather than explain I'll post a link from Bleeping Computer... this explains how the virus works.... and how to set your security policy on your machine here is the link-:

 

hxxp://www.bleepingcomputer.com/virus-removal/cryptolocker-ransomware-information

 

There is a small  program that you can install from Major Geeks,  I can't say how good it is as I haven't installed it, here is the link for that-:

 

hxxp://www.majorgeeks.com/files/details/cryptoprevent.html

 

Apologies if these links have already been given.

 

Dave

 

 

 

Link to comment
Share on other sites
SweX

SweX 871

Posted
Posted (edited)

There is a bit that you can do to prevent this, this is by altering your computer security policy to 'help' prevent the infection from running, but first you need a little insight on how they actually carry out the 'dirty', rather than explain I'll post a link from Bleeping Computer... this explains how the virus works.... and how to set your security policy on your machine here is the link-:

 

hxxp://www.bleepingcomputer.com/virus-removal/cryptolocker-ransomware-information

 

There is a small  program that you can install from Major Geeks,  I can't say how good it is as I haven't installed it, here is the link for that-:

 

hxxp://www.majorgeeks.com/files/details/cryptoprevent.html

 

Apologies if these links have already been given.

 

Dave

If anyone would feel the need to add something to ESET, I would recommend HitmanPro.Alert from the makers of HitmanPro at SurfRight that has a feature called CryptoGuard wich is a more advanced piece of software than cryptoprevent.

 

Read more about it here: hxxp://www.surfright.nl/en/cryptoguard

 

Personally I haven't added anything specific against this type of threats yet, but if I would then this would be it.

Edited by SweX
Link to comment
Share on other sites
Guest
This topic is now closed to further replies.
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...