CryptoLocker

Discussion in 'malware problems & news' started by DX2, Sep 10, 2013.

  1. Keatah

    Keatah Registered Member

    Joined:
    Jan 13, 2011
    Posts:
    1,029
    No defragging allowed. RBRX doesn't use the VSS.

    I don't see how RBRX is a sandbox program at all.
     
  2. Noob

    Noob Registered Member

    Joined:
    Nov 6, 2009
    Posts:
    6,491
    Well i hope my setip is doing its job since i have HMP scanning at every startup plus EAM real time protection.
     
  3. NormanF

    NormanF Registered Member

    Joined:
    Feb 20, 2009
    Posts:
    2,870
    RB has its own built-in defragger. It will defrag selected snapshot builds - including the current one - every few Windows reboots. :thumb:
     
  4. NormanF

    NormanF Registered Member

    Joined:
    Feb 20, 2009
    Posts:
    2,870
    It has a defragger. Its a sandbox program in the that sense everything including Windows - runs in the RB container. There is no way to really render the entire OS inoperable. That's what makes it far superior to Wimdows System Restore. :thumb:
     
  5. TomAZ

    TomAZ Registered Member

    Joined:
    Feb 27, 2010
    Posts:
    1,131
    Location:
    USA
    I know this thread is starting to drift off-topic, but with RBRX, how do you defrag the rest of your drive (the non-snapshot stuff)?
     
  6. NormanF

    NormanF Registered Member

    Joined:
    Feb 20, 2009
    Posts:
    2,870
    Its not necessary! You're only running whatever snapshot is loaded and only that gets defragged. If you don't revert back or forward, you could care less if other snapshots have undergone defragmentation.
     
  7. stapp

    stapp Global Moderator

    Joined:
    Jan 12, 2006
    Posts:
    23,870
    Location:
    UK
  8. TomAZ

    TomAZ Registered Member

    Joined:
    Feb 27, 2010
    Posts:
    1,131
    Location:
    USA
    CryptoPrevent 4.3-

    Any known issues or problems on Windows XP?

    How do you remove/uninstall it should that be desired or necessary?

    Any real advantage/disadvantage of the installed version over the portable version?
     
  9. kriteshHDS

    kriteshHDS Registered Member

    Joined:
    Jan 27, 2014
    Posts:
    17
    Location:
    Canada
    Thats right Rollback Rx has its own defrag utility that you want to run inside Rollback Rx for it to be effective.
     
  10. NormanF

    NormanF Registered Member

    Joined:
    Feb 20, 2009
    Posts:
    2,870
    Just remove it through Windows Programs Add/Remove.

    Neither - basically CP writes software restriction policies to the Data% folder in Windows preventing CryptoLocker from executing there - since that's where the malware is known to install. Prevention is worth the cure. :thumb:
     
  11. TomAZ

    TomAZ Registered Member

    Joined:
    Feb 27, 2010
    Posts:
    1,131
    Location:
    USA
    By chance, are you currently using CryptoPrevent? Once you install it, how do you access the settings again -- is there a desktop shortcut?
     
  12. digmor crusher

    digmor crusher Registered Member

    Joined:
    Jul 6, 2012
    Posts:
    1,152
    Location:
    Canada
    You can access it by looking in All Programs or in your C: Programs Files folder, it is under Foolish IT. You can make a desktop icon if you choose.

    Before you uninstall you must open the program and click the box that says UNDO, this undo's the protection, hooks etc. you may have to reboot. Then uninstall using control panel.
     
  13. topo

    topo Registered Member

    Joined:
    Nov 11, 2013
    Posts:
    159
    digmor, i have 3 xp machines with cryptoprevent installed on all. foolish it is not listed in program files or add/remove on all 3 machines. anyone else seeing this or do i need to do a reinstall? thanks
     
  14. siljaline

    siljaline Registered Member

    Joined:
    Jun 29, 2003
    Posts:
    6,618
  15. digmor crusher

    digmor crusher Registered Member

    Joined:
    Jul 6, 2012
    Posts:
    1,152
    Location:
    Canada
    Foolish IT is in my C:program Files (x86) folder. It may be found somewhere else in your computer but it should be there somewhere. I also have it in the Control Panel / Add or Remove Programs. I have included a screen shot of what comes up when I open Cryptoprevent. If you click on ok it will take you to the program gui.
     

    Attached Files:

  16. emmjay

    emmjay Registered Member

    Joined:
    Jan 26, 2010
    Posts:
    1,538
    Location:
    Triassic
    I have it installed on W7 and it does not show up in Program Files or Control Panel/Programs either. This is because I extracted it to a folder outside Program Files. This is not recommended but this is how I prefer to install some apps.

    You may have installed it in your documents folder in by mistake, check there. You really do not have to re-install it as long as you can open the GUI when you double click on the extracted application file.
     
  17. topo

    topo Registered Member

    Joined:
    Nov 11, 2013
    Posts:
    159
    emmjay, i installed cryptoprevent back in sept or oct 13. i have cryptoprevent folder on my desktop. i installed so long ago i don't remember seeing any reccommended installation guide and i don't remember how/why its on my desktop. you say its not reccommended. is there a correct way to install? thanks
     
  18. NormanF

    NormanF Registered Member

    Joined:
    Feb 20, 2009
    Posts:
    2,870
    Install to the default x86 folder. Be aware that once you write the SRP, you'll need to reboot to allow them to take efect. :thumb:
     
  19. emmjay

    emmjay Registered Member

    Joined:
    Jan 26, 2010
    Posts:
    1,538
    Location:
    Triassic
    Time to re-install. Delete the folder that you currently have on your desktop and erase it from the recycle bin.

    After you extract the files you will get a popup asking you where you want to install the application (yours must be defaulting to your desktop). Over type the folder names so it goes to Program Files/Cryptoprevent. Install, then reboot. It will then auto show up in the Control panel.
     
    Last edited: Feb 9, 2014
  20. siljaline

    siljaline Registered Member

    Joined:
    Jun 29, 2003
    Posts:
    6,618
    BitCrypt Ransomware Easily Broken
    http://www.infosecurity-magazine.com/view/37119/bitcrypt-ransomware-easily-broken/
     
  21. siljaline

    siljaline Registered Member

    Joined:
    Jun 29, 2003
    Posts:
    6,618
    Two in five Brits cough up for CryptoLocker ransomware's demands
    http://www.theregister.co.uk/2014/02/28/cryptolocker_victims_pay_up_survey/
     
  22. ghodgson

    ghodgson Registered Member

    Joined:
    Dec 20, 2003
    Posts:
    835
    Location:
    UK
    This Brit wouldn't !
    It would be far cheaper to reimage or reinstall the OS should anyone get infected with ransom ware, rather than cough up to these morons, plus having a back up of all your files makes their demands useless.
    It's also a matter of principle.
    Having said that according to the article above, there seems to be a lot of inept/naive people around who do not take their online security seriously enough.
     
  23. daman1

    daman1 Registered Member

    Joined:
    Mar 27, 2009
    Posts:
    1,292
    Location:
    USA, MICHIGAN
    For anyone running Bitdefender PRIOR to infection and are fully updated regularly rest assured your protected from this threat.
     
  24. siljaline

    siljaline Registered Member

    Joined:
    Jun 29, 2003
    Posts:
    6,618
    CyberLocker's success will fuel future copycats
    http://www.networkworld.com/news/2014/030514-cyberlocker39s-success-will-fuel-future-279437.html
     
  25. Dermot7

    Dermot7 Registered Member

    Joined:
    Dec 20, 2009
    Posts:
    3,430
    Location:
    Surrey, England.
    Just seen this. This seems like it could be just 'orthodox' CryptoLocker, as they seem to only cite one case of files not being unlocked after payment?
    http://i-hls.com/2014/03/virus-taking-israel/
     
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.