Author Topic: Crypt0L0cker  (Read 17268 times)

0 Members and 1 Guest are viewing this topic.

Offline Pondus

  • Probably Bot
  • ****
  • Posts: 37506
  • Not a avast user
Re: Crypt0L0cker
« Reply #15 on: July 20, 2015, 01:50:47 PM »
Quote
This is Avast's job, to collect samples.
and this is what all AV labs do 24/7

try detecting all this  https://www.av-test.org/en/statistics/malware/    they try but it is not possible


REDACTED

  • Guest
Re: Crypt0L0cker
« Reply #16 on: July 20, 2015, 01:52:12 PM »
My suggestion is "Enable Hardened Mode : Aggressive"

Quote
Hardened Mode: Aggressive
This mode behaves a bit differently. It actually relies on analysis on a very small scale and mostly relies on a huge whitelist database located in avast! Cloud. If file is located within the cloud and flagged as safe, it will allow to run it. If it's not found or marked as bad, it will block it. So, at least based on my experience, Aggressive Mode is actually much more secure and also a lot less intrusive. Only time that it will cause problems is with some very rare old software or very very new software that isn't used by thousands of users.

a cryptolocker cannot be in Avast whitelist so this feature will block the execution of sample and you will be protected.  ;)

REDACTED

  • Guest
Re: Crypt0L0cker
« Reply #17 on: July 20, 2015, 01:53:02 PM »
Quote
This is Avast's job, to collect samples.
and this is what all AV labs do 24/7

try detecting all this  https://www.av-test.org/en/statistics/malware/    they try but it is not possible
This is why I say that "Detection always multiple steps behind the new malwares" so we need prevention here  :)

REDACTED

  • Guest
Re: Crypt0L0cker
« Reply #18 on: July 20, 2015, 03:36:11 PM »
"Every virus born as undetected, we need prevention not detection"

That's it.
Every Antivirus is not anymore a pure Antivirus it's much more and even if I understand that a AV can fail where another succeed I want some reliable solution not only in detection but even in prevention and even if that was the first time in years Avast failed for me that was shocking because it was something I cannot tolerate it fails on.

I'm a tech and the problem didn't happen directly to me. I'm enough aware to avoid myself this kind of threat - a pdf file does not have an exe extension - but for my mother what matter is the logo.

A cryptolocker start a massive cripting activity, I cannot understand an AV that does not suspect anything and prevents it. I need to stop Avast so many times because of my administrative scripts when I test them and I have to tolerate a cryptolocker activity not prevented: it's simple absurd!
« Last Edit: July 20, 2015, 03:39:39 PM by andrea.tamponi »

Offline bob3160

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 48523
  • 64 Years of Happiness
    • bob3160 Protecting Yourself, Your Computer and, Your Identity
Re: Crypt0L0cker
« Reply #19 on: July 20, 2015, 04:43:31 PM »
As a Tech, you should also be aware that there is no 100% in anything in life. Certainly not in protecting your system from attacks.
If such a product existed, we would all be using it and the bad guys would be out of business and so would you as a Tech. :)
Free Security Seminar: https://bit.ly/bobg2023  -  Important: http://www.organdonor.gov/ -- My Web Site: http://bob3160.strikingly.com/ - Win 11 Pro v22H2 64bit, 16 Gig Ram, 1TB SSD, Avast Free 23.5.6066, How to Successfully Install Avast http://goo.gl/VLXdeRepair & Clean Install https://goo.gl/t7aJGq -- My Online Activity https://bit.ly/BobGInternet

Offline schmidthouse

  • VIRUS FREE A Long Time
  • Avast Evangelist
  • Starting Graphoman
  • ***
  • Posts: 7170
  • When you think you know, Think Again
Re: Crypt0L0cker
« Reply #20 on: July 20, 2015, 05:49:59 PM »
Quote
You guys give him a "Virus submission form" to submit his undetected sample. Why?
i am an avast user just like you .... what else should i give him?


for protection there is a tool   CryptoPrevent  https://www.foolishit.com/cryptoprevent-malware-prevention/
it also needs updates, meaning it does not detect/protect 100%

Installing this security software (CryptoPrevent) is absolutely a proactive step to staying clean of Cryptolocker.
Yes, and while it does need 'Updates' this software specializes specifically and intensely (only) on the Cryptolocker variants while Anti Virus software does not!

edit: As has been mentioned, nothing is 100% effective, 100% of the time.
"Layered Security Profile" is the ticket. ;)
« Last Edit: July 20, 2015, 05:52:58 PM by schmidthouse »

REDACTED

  • Guest
Re: Crypt0L0cker
« Reply #21 on: July 20, 2015, 07:59:51 PM »
"Every virus born as undetected, we need prevention not detection"

That's it.
Every Antivirus is not anymore a pure Antivirus it's much more and even if I understand that a AV can fail where another succeed I want some reliable solution not only in detection but even in prevention and even if that was the first time in years Avast failed for me that was shocking because it was something I cannot tolerate it fails on.

I'm a tech and the problem didn't happen directly to me. I'm enough aware to avoid myself this kind of threat - a pdf file does not have an exe extension - but for my mother what matter is the logo.

A cryptolocker start a massive cripting activity, I cannot understand an AV that does not suspect anything and prevents it. I need to stop Avast so many times because of my administrative scripts when I test them and I have to tolerate a cryptolocker activity not prevented: it's simple absurd!
If you want a strict solution against malicious I have 99,99% protection against all malwares.
Avast Free Antivirus + Comodo Firewall (Proactive Security Configuration) = 99,99% Protection. This is what I use.
You can ask me more about in PM. Comodo Firewall can automatically sandbox unknown threats.
Please read about containment (sandbox) : https://blog.comodo.com/containment/cryptolocker-meets-comodo-containment-technology/

Offline bob3160

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 48523
  • 64 Years of Happiness
    • bob3160 Protecting Yourself, Your Computer and, Your Identity
Re: Crypt0L0cker
« Reply #22 on: July 20, 2015, 09:25:51 PM »
I may not be using Comodo's firewall but still consider my systems as protected as possible.
I don't think that it's the comodo firewall that makes the difference. :)


Free Security Seminar: https://bit.ly/bobg2023  -  Important: http://www.organdonor.gov/ -- My Web Site: http://bob3160.strikingly.com/ - Win 11 Pro v22H2 64bit, 16 Gig Ram, 1TB SSD, Avast Free 23.5.6066, How to Successfully Install Avast http://goo.gl/VLXdeRepair & Clean Install https://goo.gl/t7aJGq -- My Online Activity https://bit.ly/BobGInternet

REDACTED

  • Guest
Re: Crypt0L0cker
« Reply #23 on: July 20, 2015, 11:36:18 PM »
I may not be using Comodo's firewall but still consider my systems as protected as possible.
I don't think that it's the comodo firewall that makes the difference. :)
Comodo's default deny will sandbox what Avats missed, so it might be a usefull piece of software for novice users to protect themselves from Crypto like malwares.
For any users who know something about security and computers. Avast Free will provide enough protection :)
I agreed to you.

Offline bob3160

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 48523
  • 64 Years of Happiness
    • bob3160 Protecting Yourself, Your Computer and, Your Identity
Re: Crypt0L0cker
« Reply #24 on: July 21, 2015, 12:18:08 AM »
CryptoPrevent is what I suggest to all users to enhance their layered protection scheme and lessen
their chance of running into Crypto Locker. :) .
You also seem to forget that Avast also has a Sandboxing feature. :)
Free Security Seminar: https://bit.ly/bobg2023  -  Important: http://www.organdonor.gov/ -- My Web Site: http://bob3160.strikingly.com/ - Win 11 Pro v22H2 64bit, 16 Gig Ram, 1TB SSD, Avast Free 23.5.6066, How to Successfully Install Avast http://goo.gl/VLXdeRepair & Clean Install https://goo.gl/t7aJGq -- My Online Activity https://bit.ly/BobGInternet

REDACTED

  • Guest
Re: Crypt0L0cker
« Reply #25 on: July 21, 2015, 08:39:26 AM »
CryptoPrevent is what I suggest to all users to enhance their layered protection scheme and lessen
their chance of running into Crypto Locker. :) .
You also seem to forget that Avast also has a Sandboxing feature. :)
Yes but it is a paid feature and it is not automatic sandbox (but deepscreen)

REDACTED

  • Guest
Re: Crypt0L0cker
« Reply #26 on: July 21, 2015, 11:30:33 AM »
Avast fixed it!
Now either the link it's blocked.

REDACTED

  • Guest
Re: Crypt0L0cker
« Reply #27 on: July 21, 2015, 11:31:08 AM »
My suggestion is "Enable Hardened Mode : Aggressive"

Works!

REDACTED

  • Guest
Re: Crypt0L0cker
« Reply #28 on: July 21, 2015, 11:33:03 AM »
If you want a strict solution against malicious I have 99,99% protection against all malwares.
Avast Free Antivirus + Comodo Firewall (Proactive Security Configuration) = 99,99% Protection. This is what I use.
You can ask me more about in PM. Comodo Firewall can automatically sandbox unknown threats.
Please read about containment (sandbox) : https://blog.comodo.com/containment/cryptolocker-meets-comodo-containment-technology/

Works!

Offline Pondus

  • Probably Bot
  • ****
  • Posts: 37506
  • Not a avast user
Re: Crypt0L0cker
« Reply #29 on: July 21, 2015, 04:23:14 PM »