CryptoPrevent - tool to prevent new CryptoLocker ransomware virus
87°Expired

CryptoPrevent - tool to prevent new CryptoLocker ransomware virus

12
Found 3rd Nov 2013
Antivirus programs seem to have a hard time stopping this, so this program sets group policies to make it much harder for the ransomware in its current form to install itself.

I do believe Malwarebytes AntiMalware Pro can stop it though, but only if its installed before everything is encrypted of course.

CryptoPrevent is a tiny utility to lock down any Windows OS (XP, Vista, 7, 8, and 8.1) to prevent infection by the Cryptolocker malware or ‘ransomware’, which encrypts personal files and then offers decryption for a paid ransom.

There is a premium version which allows automatic updates but the free one is perfectly fine.

12 Comments

Original Poster

CryptoLocker, which first surfaced early last month, leaves users in … CryptoLocker, which first surfaced early last month, leaves users in danger of losing important files forever unless they pay up. Typically the crooks relieve them of around $300 (£185).



Info on CryptoLocker here: theregister.co.uk/201…are
Edited by: "russ" 3rd Nov 2013

probably preventing the cryptolocker from gaining access to the domains is a step in the right direction

"CryptoLocker phones home to a command-and-control server to obtain a public RSA key before it begins the task of silently encrypting files on compromised machines. The same command server also hosts the private key."

That is the key to stopping it

sadly cryptolocker is creating 1000 domains a day .

Original Poster

Yeah, the ransomware operators must be making a fortune with this.

very easy to remove ur self... >stat ur comp in safe mode and run restore oh i almost forgot GET A PROGRAM THAT CONTROLS SCRIPTS . like noscript for firefox
Edited by: "binzee" 4th Nov 2013

Was wondering, will Cryptolocker still be able to install itself if you're not running as an Administrator?

If not, then people should very strongly consider having their Administrator account used only for administrator-ing. Create a standard account with no admin rights and use that for your every day computer use.

Obviously not bullet proof, but better than nothing, if it works.

Original Poster

moneyballs2

Was wondering, will Cryptolocker still be able to install itself if … Was wondering, will Cryptolocker still be able to install itself if you're not running as an Administrator?



That's a very good question, Id be interested to know about this too.

For the half baked computer users amongst us... (Not me obviously... I'm talking about a mate of mine), is it worth putting this in alongside Malwarebytes, or are there likely to be conflicts between the two?

I'll set up another non admin account in the meantime as suggested. Thanks all round!

Original Poster

Hi ThunderBolt, you can tell your mate that this isn't a program like Malwarebytes or an AntiVirus program so its fine to use as well as those. This just sets some "group permissions" to Windows to make CryptoLocker in its current form unable to install itself, even if you opened an infected file.

I say "in its current form" because they may change where it installs itself in time, so you may have to update it from time to time.

Thanks Russ... I'll be sure to pass the message on and my mate will probably say ta so I'll say it for him... Ta!

Cheers OP.
Post a comment
Avatar
@
    Text