CryptoLocker Tripwire

Discussion in 'other anti-malware software' started by itman, May 31, 2015.

  1. itman

    itman Registered Member

    Joined:
    Jun 22, 2010
    Posts:
    2,969
    Location:
    U.S.A.
    Anyone on Wilders using this?

    http://alexappleton.net/post/83785313416/download-cryptolocker-tripwire-1-0

    Discussion of it here at Spiceworks: http://community.spiceworks.com/top...ker-tripwire-to-help-detect-cryptocrap?page=1

    Also this works on stand alone PCs. Obviously, the file server shutdown command is ignored.

    As someone pointed out on the Spiceworks thread, you can do the equivalent of this using PowerShell but this would save a bit of work. Also you could create a low valued file name in each directory you want to protect and set up a HIPS rule to monitor each one of those files.

    At least this technique would prevent all but a few files at most in from being encrypted.
     
  2. Peter2150

    Peter2150 Global Moderator

    Joined:
    Sep 20, 2003
    Posts:
    17,043
    With my setup, I don't feel the need for any cyrptolocker specific stuff. I've tested it against some crypto stuff.
     
  3. Moose World

    Moose World Registered Member

    Joined:
    Dec 19, 2013
    Posts:
    446
    Location:
    U.S. Citizen
  4. itman

    itman Registered Member

    Joined:
    Jun 22, 2010
    Posts:
    2,969
    Location:
    U.S.A.
  5. EASTER

    EASTER Registered Member

    Joined:
    Jul 28, 2007
    Posts:
    5,633
    Location:
    U.S.A. (South)
  6. Moose World

    Moose World Registered Member

    Joined:
    Dec 19, 2013
    Posts:
    446
    Location:
    U.S. Citizen
    Scott said that all the issues have fix after the above video was made!