mantra 1 Posted September 11, 2013 Share Posted September 11, 2013 hi i read about a really bad malware called Cryptolocker does eset detect it and its variants? i can't find in the database thanks Link to comment Share on other sites More sharing options...
Administrators Marcos 5,407 Posted September 11, 2013 Administrators Share Posted September 11, 2013 Most likely it's detected as Win32/Filecoder.XX. However, without an exact sample it's impossible to tell for sure and my assumption is based only on searching for the name provided. Link to comment Share on other sites More sharing options...
SweX 871 Posted September 11, 2013 Share Posted September 11, 2013 This is the malware he talks about: hxxp://www.youtube.com/watch?v=Uzl_h-Nc8Ps YouTube link found in this thread: https://www.wilderssecurity.com/showthread.php?t=353171 Link to comment Share on other sites More sharing options...
SweX 871 Posted September 11, 2013 Share Posted September 11, 2013 hi i read about a really bad malware called Cryptolocker does eset detect it and its variants? To answer your question. Yes ESET does detect this sample as: Win32/Filecoder.BQ https://www.virustotal.com/en/file/d765e722e295969c0a5c2d90f549db8b89ab617900bf4698db41c7cdad993bb9/analysis/1378914319/ Link to comment Share on other sites More sharing options...
mantra 1 Posted September 12, 2013 Author Share Posted September 12, 2013 hi i read about a really bad malware called Cryptolocker does eset detect it and its variants? To answer your question. Yes ESET does detect this sample as: Win32/Filecoder.BQ https://www.virustotal.com/en/file/d765e722e295969c0a5c2d90f549db8b89ab617900bf4698db41c7cdad993bb9/analysis/1378914319/ they are several variants hope eset will detect them it's a bloody malware Link to comment Share on other sites More sharing options...
Administrators Marcos 5,407 Posted September 12, 2013 Administrators Share Posted September 12, 2013 I've seen variants detected only by ESET so the likelihood that the samples you're referring to are detected is quite high. Link to comment Share on other sites More sharing options...
SweX 871 Posted September 12, 2013 Share Posted September 12, 2013 hi i read about a really bad malware called Cryptolocker does eset detect it and its variants? To answer your question. Yes ESET does detect this sample as: Win32/Filecoder.BQ https://www.virustotal.com/en/file/d765e722e295969c0a5c2d90f549db8b89ab617900bf4698db41c7cdad993bb9/analysis/1378914319/ they are several variants hope eset will detect them it's a bloody malware Sure there is. Link to comment Share on other sites More sharing options...
Former ESET Employees dwomack 160 Posted September 24, 2013 Former ESET Employees Share Posted September 24, 2013 Here is an ESET KB Article answering this exact question: hxxp://kb.eset.com/esetkb/index?page=content&id=SOLN3433 Another giving you stand-alone removal tools for six variants: hxxp://kb.eset.com/esetkb/index?page=content&id=SOLN2372 For others, we'd recommend contacting ESET Customer Care for removal And today's recent blog post about Filecoder from ESET Malware Researcher Robert Lipovsky: hxxp://www.welivesecurity.com/2013/09/23/filecoder-holding-your-data-to-ransom/ Link to comment Share on other sites More sharing options...
DGMurdockIII 1 Posted October 27, 2013 Share Posted October 27, 2013 here more info on the virus for you guys hxxp://www.bleepingcomputer.com/virus-removal/cryptolocker-ransomware-information hxxp://www.reddit.com/r/sysadmin/comments/1mizfx/proper_care_feeding_of_your_cryptolocker/ hxxp://www.kernelmode.info/forum/viewtopic.php?f=16&t=2945 Link to comment Share on other sites More sharing options...
Pentode 13 Posted November 30, 2013 Share Posted November 30, 2013 There is a bit that you can do to prevent this, this is by altering your computer security policy to 'help' prevent the infection from running, but first you need a little insight on how they actually carry out the 'dirty', rather than explain I'll post a link from Bleeping Computer... this explains how the virus works.... and how to set your security policy on your machine here is the link-: hxxp://www.bleepingcomputer.com/virus-removal/cryptolocker-ransomware-information There is a small program that you can install from Major Geeks, I can't say how good it is as I haven't installed it, here is the link for that-: hxxp://www.majorgeeks.com/files/details/cryptoprevent.html Apologies if these links have already been given. Dave Link to comment Share on other sites More sharing options...
SweX 871 Posted November 30, 2013 Share Posted November 30, 2013 (edited) There is a bit that you can do to prevent this, this is by altering your computer security policy to 'help' prevent the infection from running, but first you need a little insight on how they actually carry out the 'dirty', rather than explain I'll post a link from Bleeping Computer... this explains how the virus works.... and how to set your security policy on your machine here is the link-: hxxp://www.bleepingcomputer.com/virus-removal/cryptolocker-ransomware-information There is a small program that you can install from Major Geeks, I can't say how good it is as I haven't installed it, here is the link for that-: hxxp://www.majorgeeks.com/files/details/cryptoprevent.html Apologies if these links have already been given. Dave If anyone would feel the need to add something to ESET, I would recommend HitmanPro.Alert from the makers of HitmanPro at SurfRight that has a feature called CryptoGuard wich is a more advanced piece of software than cryptoprevent. Read more about it here: hxxp://www.surfright.nl/en/cryptoguard Personally I haven't added anything specific against this type of threats yet, but if I would then this would be it. Edited November 30, 2013 by SweX Link to comment Share on other sites More sharing options...
Arakasi 549 Posted December 1, 2013 Share Posted December 1, 2013 I would trust Surfright before the other. Link to comment Share on other sites More sharing options...
Evik1 0 Posted December 1, 2013 Share Posted December 1, 2013 hxxp://www.youtube.com/watch?v=4lTjIIjL2_g Link to comment Share on other sites More sharing options...
Arakasi 549 Posted December 1, 2013 Share Posted December 1, 2013 (edited) hxxp://www.youtube.com/watch?v=4lTjIIjL2_g Kaspersky is bloatware why does that video have eset with a kaspersky title lol Edited December 1, 2013 by Arakasi Link to comment Share on other sites More sharing options...
Recommended Posts