Author Topic: Crypt0L0cker  (Read 13478 times)

0 Members and 1 Guest are viewing this topic.

Offline Pondus

  • Probably Bot
  • ****
  • Posts: 36682
Re: Crypt0L0cker
« Reply #15 on: July 20, 2015, 01:50:47 PM »
Quote
This is Avast's job, to collect samples.
and this is what all AV labs do 24/7

try detecting all this  https://www.av-test.org/en/statistics/malware/    they try but it is not possible


Offline yigido

  • Jr. Member
  • **
  • Posts: 41
Re: Crypt0L0cker
« Reply #16 on: July 20, 2015, 01:52:12 PM »
My suggestion is "Enable Hardened Mode : Aggressive"

Quote
Hardened Mode: Aggressive
This mode behaves a bit differently. It actually relies on analysis on a very small scale and mostly relies on a huge whitelist database located in avast! Cloud. If file is located within the cloud and flagged as safe, it will allow to run it. If it's not found or marked as bad, it will block it. So, at least based on my experience, Aggressive Mode is actually much more secure and also a lot less intrusive. Only time that it will cause problems is with some very rare old software or very very new software that isn't used by thousands of users.

a cryptolocker cannot be in Avast whitelist so this feature will block the execution of sample and you will be protected.  ;)

Offline yigido

  • Jr. Member
  • **
  • Posts: 41
Re: Crypt0L0cker
« Reply #17 on: July 20, 2015, 01:53:02 PM »
Quote
This is Avast's job, to collect samples.
and this is what all AV labs do 24/7

try detecting all this  https://www.av-test.org/en/statistics/malware/    they try but it is not possible
This is why I say that "Detection always multiple steps behind the new malwares" so we need prevention here  :)

Offline andrea.tamponi

  • Jr. Member
  • **
  • Posts: 21
Re: Crypt0L0cker
« Reply #18 on: July 20, 2015, 03:36:11 PM »
"Every virus born as undetected, we need prevention not detection"

That's it.
Every Antivirus is not anymore a pure Antivirus it's much more and even if I understand that a AV can fail where another succeed I want some reliable solution not only in detection but even in prevention and even if that was the first time in years Avast failed for me that was shocking because it was something I cannot tolerate it fails on.

I'm a tech and the problem didn't happen directly to me. I'm enough aware to avoid myself this kind of threat - a pdf file does not have an exe extension - but for my mother what matter is the logo.

A cryptolocker start a massive cripting activity, I cannot understand an AV that does not suspect anything and prevents it. I need to stop Avast so many times because of my administrative scripts when I test them and I have to tolerate a cryptolocker activity not prevented: it's simple absurd!
« Last Edit: July 20, 2015, 03:39:39 PM by andrea.tamponi »

Offline bob3160

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 43693
  • 60 Years of Happiness
    • bob3160 Protecting Yourself, Your Computer and, Your Identity
Re: Crypt0L0cker
« Reply #19 on: July 20, 2015, 04:43:31 PM »
As a Tech, you should also be aware that there is no 100% in anything in life. Certainly not in protecting your system from attacks.
If such a product existed, we would all be using it and the bad guys would be out of business and so would you as a Tech. :)
Free avast! Security Seminar: http://bit.ly/2N1eaR2  -  Important: http://www.organdonor.gov/ -- My Web Site: http://bob3160.strikingly.com/ - Win 10 Pro v1909 64bit, 24 Gig Ram, 1TB SSD, AvastOmni 20.3.xxx, How to Successfully Install Avast http://goo.gl/VLXdeRepair & Clean Install https://goo.gl/t7aJGq

Offline schmidthouse

  • VIRUS FREE A Long Time
  • Avast Evangelist
  • Starting Graphoman
  • ***
  • Posts: 6412
  • When you think you know, Think Again
Re: Crypt0L0cker
« Reply #20 on: July 20, 2015, 05:49:59 PM »
Quote
You guys give him a "Virus submission form" to submit his undetected sample. Why?
i am an avast user just like you .... what else should i give him?


for protection there is a tool   CryptoPrevent  https://www.foolishit.com/cryptoprevent-malware-prevention/
it also needs updates, meaning it does not detect/protect 100%

Installing this security software (CryptoPrevent) is absolutely a proactive step to staying clean of Cryptolocker.
Yes, and while it does need 'Updates' this software specializes specifically and intensely (only) on the Cryptolocker variants while Anti Virus software does not!

edit: As has been mentioned, nothing is 100% effective, 100% of the time.
"Layered Security Profile" is the ticket. ;)
« Last Edit: July 20, 2015, 05:52:58 PM by schmidthouse »
***HP ENVY 15K LT W10 Pro 2004 64Bit/750GB HD/16GB Ram/Avast Premium 20.5.2415beta /Secureline v.5.6.4955/VS 5.77/ASB v.83b/SANDBOXIE/Prey Project
**HP Compaq 8510p LT W10 Pro 2004 64Bit/1TB HD/8GB Ram/Avast Premium 20.5.2415beta/ASB v.83b/SANDBOXIE/Prey Project/HotSpot Shield vpn 
     
*Dell Inspiron XPsp4 PRO 32Bit/Avast(since 2002)18.8.2356/WP/Comodo FW 3.14/Secureline/Comodo IceDragon v.40
<LAYERED SECURITY SOFTWARE PROTECTION all OS

Offline yigido

  • Jr. Member
  • **
  • Posts: 41
Re: Crypt0L0cker
« Reply #21 on: July 20, 2015, 07:59:51 PM »
"Every virus born as undetected, we need prevention not detection"

That's it.
Every Antivirus is not anymore a pure Antivirus it's much more and even if I understand that a AV can fail where another succeed I want some reliable solution not only in detection but even in prevention and even if that was the first time in years Avast failed for me that was shocking because it was something I cannot tolerate it fails on.

I'm a tech and the problem didn't happen directly to me. I'm enough aware to avoid myself this kind of threat - a pdf file does not have an exe extension - but for my mother what matter is the logo.

A cryptolocker start a massive cripting activity, I cannot understand an AV that does not suspect anything and prevents it. I need to stop Avast so many times because of my administrative scripts when I test them and I have to tolerate a cryptolocker activity not prevented: it's simple absurd!
If you want a strict solution against malicious I have 99,99% protection against all malwares.
Avast Free Antivirus + Comodo Firewall (Proactive Security Configuration) = 99,99% Protection. This is what I use.
You can ask me more about in PM. Comodo Firewall can automatically sandbox unknown threats.
Please read about containment (sandbox) : https://blog.comodo.com/containment/cryptolocker-meets-comodo-containment-technology/

Offline bob3160

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 43693
  • 60 Years of Happiness
    • bob3160 Protecting Yourself, Your Computer and, Your Identity
Re: Crypt0L0cker
« Reply #22 on: July 20, 2015, 09:25:51 PM »
I may not be using Comodo's firewall but still consider my systems as protected as possible.
I don't think that it's the comodo firewall that makes the difference. :)


Free avast! Security Seminar: http://bit.ly/2N1eaR2  -  Important: http://www.organdonor.gov/ -- My Web Site: http://bob3160.strikingly.com/ - Win 10 Pro v1909 64bit, 24 Gig Ram, 1TB SSD, AvastOmni 20.3.xxx, How to Successfully Install Avast http://goo.gl/VLXdeRepair & Clean Install https://goo.gl/t7aJGq

Offline yigido

  • Jr. Member
  • **
  • Posts: 41
Re: Crypt0L0cker
« Reply #23 on: July 20, 2015, 11:36:18 PM »
I may not be using Comodo's firewall but still consider my systems as protected as possible.
I don't think that it's the comodo firewall that makes the difference. :)
Comodo's default deny will sandbox what Avats missed, so it might be a usefull piece of software for novice users to protect themselves from Crypto like malwares.
For any users who know something about security and computers. Avast Free will provide enough protection :)
I agreed to you.

Offline bob3160

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 43693
  • 60 Years of Happiness
    • bob3160 Protecting Yourself, Your Computer and, Your Identity
Re: Crypt0L0cker
« Reply #24 on: July 21, 2015, 12:18:08 AM »
CryptoPrevent is what I suggest to all users to enhance their layered protection scheme and lessen
their chance of running into Crypto Locker. :) .
You also seem to forget that Avast also has a Sandboxing feature. :)
Free avast! Security Seminar: http://bit.ly/2N1eaR2  -  Important: http://www.organdonor.gov/ -- My Web Site: http://bob3160.strikingly.com/ - Win 10 Pro v1909 64bit, 24 Gig Ram, 1TB SSD, AvastOmni 20.3.xxx, How to Successfully Install Avast http://goo.gl/VLXdeRepair & Clean Install https://goo.gl/t7aJGq

Offline yigido

  • Jr. Member
  • **
  • Posts: 41
Re: Crypt0L0cker
« Reply #25 on: July 21, 2015, 08:39:26 AM »
CryptoPrevent is what I suggest to all users to enhance their layered protection scheme and lessen
their chance of running into Crypto Locker. :) .
You also seem to forget that Avast also has a Sandboxing feature. :)
Yes but it is a paid feature and it is not automatic sandbox (but deepscreen)

Offline andrea.tamponi

  • Jr. Member
  • **
  • Posts: 21
Re: Crypt0L0cker
« Reply #26 on: July 21, 2015, 11:30:33 AM »
Avast fixed it!
Now either the link it's blocked.

Offline andrea.tamponi

  • Jr. Member
  • **
  • Posts: 21
Re: Crypt0L0cker
« Reply #27 on: July 21, 2015, 11:31:08 AM »
My suggestion is "Enable Hardened Mode : Aggressive"

Works!

Offline andrea.tamponi

  • Jr. Member
  • **
  • Posts: 21
Re: Crypt0L0cker
« Reply #28 on: July 21, 2015, 11:33:03 AM »
If you want a strict solution against malicious I have 99,99% protection against all malwares.
Avast Free Antivirus + Comodo Firewall (Proactive Security Configuration) = 99,99% Protection. This is what I use.
You can ask me more about in PM. Comodo Firewall can automatically sandbox unknown threats.
Please read about containment (sandbox) : https://blog.comodo.com/containment/cryptolocker-meets-comodo-containment-technology/

Works!

Offline Pondus

  • Probably Bot
  • ****
  • Posts: 36682
Re: Crypt0L0cker
« Reply #29 on: July 21, 2015, 04:23:14 PM »