Windows 7 Forums
Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.


Windows 7: What's Microsoft doing about Cryptolocker?


13 Jan 2014   #1

Windows 7 Home Premium x64
 
 
What's Microsoft doing about Cryptolocker?

Why doesn't MS issue a patch or update to prevent Cryptolocker?
Couldn't they provide a permanent solution along the lines of CryptoPrevent?
Is the latter utility safe? - and any good?

Apologies if this is old hat, couldn't find thsi specific query anywhere.

My System SpecsSystem Spec
.

13 Jan 2014   #2

Microsoft Community Contributor Award Recipient

Win 7 Pro 64-bit
 
 

According to Microsoft, their security software detects and removes this threat.

Trojan:Win32/Crilock.A

Virus:Win32/Crypto.C.dr

Presumably it's easier to update the signatures and heuristics for anti-malware software than to keep issuing patches or updates to an operating system.
My System SpecsSystem Spec
13 Jan 2014   #3

Win 7 Ultimate (64-bit), Win 8.1.1 (64-bit)
 
 

Detecting and removing the Crypto software after your computer is infected is too little, too late as your files will already have been encrypted. Cryptorevent is an attempt to prevent the infection in the first place which is what rufford18 is asking about.

As far as I know, CryptoPrevent is safe and recommended. I have it installed but can't say how effective it is. The best defense seems to be to have backups on drives that are not kept attached to your network.
My System SpecsSystem Spec
.


13 Jan 2014   #4

Windows 7 Professional 32-bit/64-bit
 
 

Once it infects your pc though, no software could decrypt your files.
My System SpecsSystem Spec
13 Jan 2014   #5

Windows 8.1.1 64bit
 
 

Quote   Quote: Originally Posted by strollin View Post
Detecting and removing the Crypto software after your computer is infected is too little, too late as your files will already have been encrypted. Cryptorevent is an attempt to prevent the infection in the first place which is what rufford18 is asking about.

As far as I know, CryptoPrevent is safe and recommended. I have it installed but can't say how effective it is. The best defense seems to be to have backups on drives that are not kept attached to your network.
Is this the one you are referring to : Download CryptoPrevent - MajorGeeks
My System SpecsSystem Spec
13 Jan 2014   #6

Windows 7 Home Premium
 
 
Microsoft? Don't know.

I don't know what Microsoft is doing about Cryptolocker but whatever they do the guys that created it will probably try to find a way around any solution that's put in place.

As far as I can work out you can create your own Group Policy rules to prevent executable files from running in the locations that Cryptolocker uses as shown in the link below.


Cryptolocker: How to avoid getting infected and what to do if you are.


The problem with that approach and the "Cryptoprevent" approach is that it can also prevent some legitimate apps from running. I suppose that for most users it's better to have protection in place although they'd need to understand how to whitelist apps that get blocked.

I've tried two approaches:

1). Used Bitdefender Anti-Crypto.

2). Used application whitelisting software that detects when an unsigned file attempts to run and can be set to prompt the user for action. Additionally if a signed file's signature is not in the list of trusted certificates a user can be asked to either block or allow execution.

So far method 2). has been the best solution for me.




Attached Images
 
My System SpecsSystem Spec
13 Jan 2014   #7

Win 7 Ultimate (64-bit), Win 8.1.1 (64-bit)
 
 

Quote   Quote: Originally Posted by COMPUTIAC View Post
Quote   Quote: Originally Posted by strollin View Post
Detecting and removing the Crypto software after your computer is infected is too little, too late as your files will already have been encrypted. Cryptorevent is an attempt to prevent the infection in the first place which is what rufford18 is asking about.

As far as I know, CryptoPrevent is safe and recommended. I have it installed but can't say how effective it is. The best defense seems to be to have backups on drives that are not kept attached to your network.
Is this the one you are referring to : Download CryptoPrevent - MajorGeeks
Yes, that's CryptoPrevent
My System SpecsSystem Spec
14 Jan 2014   #8

Windows 8.1 Pro (x64)
 
 

Im not sure what you are asking Microsoft to do. There is no security vulnerability in Windows that is being exploited, no holes to patch. Cryptolocker is merely an application that does something awful. But nothing a patch or update is going to solve. Unless you disable applications running all togeather.
My System SpecsSystem Spec
21 Feb 2014   #9

Windows 7 Home Premium x64
 
 
Thanks

Thanks for all replies.
Sorry I've been away awhile.
Found some other useful thread on here too.
My System SpecsSystem Spec
21 Feb 2014   #10

Windows 7 Professional 32-bit/64-bit
 
 

Microsoft could just block cryptolocker-like files from running.
My System SpecsSystem Spec
Reply

 What's Microsoft doing about Cryptolocker?




Thread Tools



Similar help and support threads for2: What's Microsoft doing about Cryptolocker?
Thread Forum
$100 malware kit lets anyone build their own CryptoLocker Security News
CryptoLocker creeps lure victims with fake Adobe, Microsoft activation Security News
Cryptolocker: Menace of 2013 Security News
will EMET block Cryptolocker? System Security
Cryptolocker protection System Security

Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd

All times are GMT -5. The time now is 09:55 AM.
Twitter Facebook Google+



Windows 7 Forums

Seven Forums Android App Seven Forums IOS App
  

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33