Jump to content

does eset detect this malware Cryptolocker


Recommended Posts

  • Administrators

Most likely it's detected as Win32/Filecoder.XX. However, without an exact sample it's impossible to tell for sure and my assumption is based only on searching for the name provided.

Link to post
Share on other sites

hi

i read about a really bad malware called Cryptolocker

 

does eset detect it and its variants?

 

 

To answer your question. :)

 

Yes ESET does detect this sample as: Win32/Filecoder.BQ

https://www.virustotal.com/en/file/d765e722e295969c0a5c2d90f549db8b89ab617900bf4698db41c7cdad993bb9/analysis/1378914319/

Link to post
Share on other sites
 
 

 

 

hi

i read about a really bad malware called Cryptolocker

 

does eset detect it and its variants?

 

 

To answer your question. :)

 

Yes ESET does detect this sample as: Win32/Filecoder.BQ

https://www.virustotal.com/en/file/d765e722e295969c0a5c2d90f549db8b89ab617900bf4698db41c7cdad993bb9/analysis/1378914319/

 

 

they are several variants hope eset will detect them

it's a bloody malware

Link to post
Share on other sites

 

 
 

 

 

hi

i read about a really bad malware called Cryptolocker

 

does eset detect it and its variants?

 

 

To answer your question. :)

 

Yes ESET does detect this sample as: Win32/Filecoder.BQ

https://www.virustotal.com/en/file/d765e722e295969c0a5c2d90f549db8b89ab617900bf4698db41c7cdad993bb9/analysis/1378914319/

 

 

they are several variants hope eset will detect them

it's a bloody malware

 

Sure there is.

Link to post
Share on other sites
  • 2 weeks later...
  • Former ESET Employees

Here is an ESET KB Article answering this exact question: hxxp://kb.eset.com/esetkb/index?page=content&id=SOLN3433

 

Another giving you stand-alone removal tools for six variants: hxxp://kb.eset.com/esetkb/index?page=content&id=SOLN2372 For others, we'd recommend contacting ESET Customer Care for removal

 

And today's recent blog post about Filecoder from ESET Malware Researcher Robert Lipovsky: hxxp://www.welivesecurity.com/2013/09/23/filecoder-holding-your-data-to-ransom/

Link to post
Share on other sites
  • 1 month later...
  • 1 month later...

There is a bit that you can do to prevent this, this is by altering your computer security policy to 'help' prevent the infection from running, but first you need a little insight on how they actually carry out the 'dirty', rather than explain I'll post a link from Bleeping Computer... this explains how the virus works.... and how to set your security policy on your machine here is the link-:

 

hxxp://www.bleepingcomputer.com/virus-removal/cryptolocker-ransomware-information

 

There is a small  program that you can install from Major Geeks,  I can't say how good it is as I haven't installed it, here is the link for that-:

 

hxxp://www.majorgeeks.com/files/details/cryptoprevent.html

 

Apologies if these links have already been given.

 

Dave

 

 

 

Link to post
Share on other sites

There is a bit that you can do to prevent this, this is by altering your computer security policy to 'help' prevent the infection from running, but first you need a little insight on how they actually carry out the 'dirty', rather than explain I'll post a link from Bleeping Computer... this explains how the virus works.... and how to set your security policy on your machine here is the link-:

 

hxxp://www.bleepingcomputer.com/virus-removal/cryptolocker-ransomware-information

 

There is a small  program that you can install from Major Geeks,  I can't say how good it is as I haven't installed it, here is the link for that-:

 

hxxp://www.majorgeeks.com/files/details/cryptoprevent.html

 

Apologies if these links have already been given.

 

Dave

If anyone would feel the need to add something to ESET, I would recommend HitmanPro.Alert from the makers of HitmanPro at SurfRight that has a feature called CryptoGuard wich is a more advanced piece of software than cryptoprevent.

 

Read more about it here: hxxp://www.surfright.nl/en/cryptoguard

 

Personally I haven't added anything specific against this type of threats yet, but if I would then this would be it.

Edited by SweX
Link to post
Share on other sites
Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...