Support NeoGAF

[Baby Milo]

Windows, all the way through 8.

.

i would have stayed off the internet if this shit was on osx lol

 

[gogogow]

Oh, it's a lifetime licence? Good to know.

Yep. "Get your lifetime license".

That or Sandboxie, which is also a lifetime license for the Pro version. Malwarebytes is probably enough for most people though.

I have the Sandboxie website bookmarked and will read through it, but Malwarebytes is pretty much "plug and play", install it and you're done. But from what i've read in this thread, they both do their job.

 

[SPDIF]

Will detect it but [stop? That's the question.

Well in theory any half-decent AV will detect it as soon as the file is saved to the HDD, i.e. before the file is actually executed. So yes, it will stop it. As you can see from one of my previous posts, MSE/Windows Defender does exactly that:

That's what happens as soon as I execute the file.

If I used the default settings then it wouldn't even let me execute it, since it detects it as soon as I extract the EXE from the ZIP file.

If you're asking if the AVs will stop the malware from doing anything once it's already been executed, then no, the damage will already be done. That's why you shouldn't be relying on only anti-virus software.

 

[Dai101]

... but Malwarebytes is pretty much "plug and play", install it and you're done. But from what i've read in this thread, they both do their job.

Also, MB has a Website Blocker, it's pretty good.

 

[diamount]

Man, I do love getting Kaspersky free from my bank.

 

[gogogow]

If you're asking if the AVs will stop the malware from doing anything once it's already been executed, then no, the damage will already be done. That's why you shouldn't be relaying on only anti-virus software.

Shouldn't a decent AV or Internet Security program put the virus/malware in quarantine once it's dectected, so that it can't do what it's supposed to do?

 

[JordanN]

I only worry about dropbox. Apart from that, I virus proofed my computer.

 

[SPDIF]

Shouldn't a decent AV or Internet Security program put the virus/malware in quarantine once it's dectected, so that it can't do what it's supposed to do?

Yeah, and if it's just a typical worm/adware they'll normally be able to do that. But with malware as severe as this, 9/10 times they'll either be able to protect their own process to such a degree that AVs can't touch them, or they'll contain code that'll actually kill the AVs own process and/or Windows service, therefore rendering the AV useless.

So, you either use Host Intrusion Prevention System (HIPS) software along with an AV (most AVs come with a basic level of HIPS nowadays), or you use some Sandboxing/Virtualisation software so that even if the AV fails, the malware can't do any real harm to the PC/network.

 

[Coreda]

I hope GAF's servers aren't running/connected to anything that is vulnerable... but of course they aren't

Spoiler

right?

BTW I can recommend Sandboxie for general app containment, have used it for years (I think they still do the lifetime free upgrade deal).

 

[Keyouta]

I think my dad's laptop may have gotten infected with the malware, he just called me saying he can't get into his laptop and its asking him for $300..

Sounds like the Police Virus. Its pretty easy to remove through command prompt. They ask for money and say they're the police and set a screen to run when Windows boots. Its ransomware, not actually the police.

 

[GaimeGuy]

Shouldn't a decent AV or Internet Security program put the virus/malware in quarantine once it's dectected, so that it can't do what it's supposed to do?

Yes, but the problem is when it's detected.

Most anti virus programs out right now do detect the malware, but some (most?) of them don't catch it in real time, but when running a scan of files.

So Cryptolocker gets into your system, phones home with the key server, and encrypts your files.... at that point, it doesn't rally matter if you clear it out with an anti-virus scan, your files are still encrypted, and the private key is still stored on a remote server designed to interface with cryptolocker.

 

[Coreda]

^ Yea, basically there are two things that can happen to a user faced with this:

1. AV catches it before it does anything. That or a sandboxing app presumably contains any damage. You're safe and your files are all okay.

2. It runs prior to an AV stopping it, encrypts your drive, and you're screwed. Only possible way out: pay up, restore a good backup, or reformat the drive.

 

[RedSwirl]

So what happens if the cloud you use is Dropbox? Since Dropbox creates a folder on your HDD (it does right?) wouldn't this theoretically hit your Dropbox too? Same for Google Drive as well I think.

 

[Zapages]

So what happens if the cloud you use is Dropbox? Since Dropbox creates a folder on your HDD (it does right?) wouldn't this theoretically hit your Dropbox too? Same for Google Drive as well I think.

It happened to a folder that I shared with a friend on dropbox. It locked everything in that folder. Now he is manually reverting the files back to a previous version. It sucks for all of us who have that folder.

 

[neoism]

•We have confirmation that both Malwarebytes Antimalware Pro and Avast Free and Pro will stop CryptoLocker from running. My personal choice of the two is MBAM Pro but research on your own, AV Comparatives is a wonderful resource.

awesome have both running plus the useless MSE

 

[SPDIF]

awesome have both running plus the useless MSE

It's a pretty bad idea to have more than one AV running at once. Remove either Avast or MSE.

 

[Broder Salsa]

awesome have both running plus the useless MSE

You should install some more just to be on the safe side, I got a Norton trial if you want it.

 

[Dai101]

You should install some more just to be on the safe side, I got a Norton trial if you want it.

Also install McAfee just to be sure.

 

[Rebel Leader]

Yep. "Get your lifetime license".

Will it conflict with kaspersky or trend micro if it's real time?

It's a pretty bad idea to have more than one AV running at once. Remove either Avast or MSE.

only if they are both on real-time protection IIRC

 

[MikeDown]

screw it i'm unplugging my network cable, not worth the risk. also is malwarebytes compatable with norton?

 

[Broder Salsa]

screw it i'm unplugging my network cable, not worth the risk

This means the terrorists won.

 

[SPDIF]

Will it conflict with kaspersky or trend micro if it's real time?

Nope. MBAM is designed specifically to work well running alongside an AV.

 

[Dai101]

screw it i'm unplugging my network cable, not worth the risk. also is malwarebytes compatable with norton?

Will work with almost any AV solution. I've never heard of it screwing with another security program.

 

[Tomat]

screw it i'm unplugging my network cable, not worth the risk. also is malwarebytes compatable with norton?

Just reformat every day. It's that easy.

 

[MikeDown]

Will work with almost any AV solution. I've never heard of it screwing with another security program.

Okay, thanks.

This means the terrorists won.

Nah, I'll just do my browsing on my kindle, and wait till things settle down.

 

[The Bookerman]

The company I work for got hit with this bullshit. Fuck whoever thought of this ransomware

 

[Husker86]

This made me look into File History that Livedrive cloud backup provides. They give you a history of 30 versions for each file...looks like I'm good!

I have however also decided to backup my Users folder to large external drive that I don't need anymore (have a bigger, USB 3.0 one now). I'll do that weekly/monthly and then unplug after every backup.

I can't remember the last time I got a virus/malicious software but at least now I feel more protected.

 

[gogogow]

Will it conflict with kaspersky or trend micro if it's real time?

While some people here says it won't, i've read on other forums that it does for some people, not the combination you have, but with NIS and MB. But you can always start the MB Pro trial to see for yourself.

 

[Next]

Okay, thanks.

Nah, I'll just do my browsing on my kindle, and wait till things settle down.

nothing will settle down, no one can protect people from themselves, which is the problem here.

 

[Rebel Leader]

While some people here says it won't, i've read on other forums that it does for some people, not the combination you have, but with NIS and MB. But you can always start the MB Pro trial to see for yourself.

I already tried pro when I had MSE, they conflicted with each other

 

[Keyouta]

awesome have both running plus the useless MSE

That article is out of date. MSE will detect it. Only use one AV, not two. Remove one.

 

[grandjedi6]

damn, that is pretty nasty. But it works in such a heavy handed way that any virus/malware protection should stop it. This is basically a warning for everyone who doesn't have proper protection (aka, not GAF). Still gonna suck when someone comes to me with it asking for help.

I guess this can mess up group files through a network? That'll probably screw over some people too.

 

[Dai101]

I already tried pro when I had MSE, they conflicted with each other

Really? Because that's what i use everyday and since the first beta of MSE and never had an issue.

 

[Rebel Leader]

Really? Because that's what i use everyday and since the first beta of MSE and never had an issue.

MSE couldn't update correctly, always had a problem.

 

[Daniel Jackson]

whats amazing is that someone never thought to make a virus like this before. carefully what you download gaf. you dont want this shit.

I've seen this before, in a somewhat different form. Here in the Netherlands we've had something which came to be known as "Politievirus" (police virus)

It made it look like the computer was remotely locked by the police, because illegal content (it mentions child pornography and bestiality) was detected on the hard drive. It asks the user to pay a 100 euro fine to make a deal, otherwise the case would be taken to court.

 

[News Bot]

Hah, had a really ominous looking e-mail in my inbox this morning. Knew it was this pretty much immediately. Spam reported that crap.

My computer repair business gets ransomware like the "police virus" or the FBI one pretty regularly. Wonder how long it'll be before this one becomes the norm.

 

[RedSwirl]

It happened to a folder that I shared with a friend on dropbox. It locked everything in that folder. Now he is manually reverting the files back to a previous version. It sucks for all of us who have that folder.

So Dropbox isn't an effective backup. Shit.

 

[Dai101]

MSE couldn't update correctly, always had a problem.

That's seems to me other issue that MB and MSE interfering with each other. As i said,never had this or any other issue, nor in the PC's i take care of.

 

[MikeDown]

I've seen this before, in a somewhat different form. Here in the Netherlands we've had something which came to be known as "Politievirus" (police virus)

It made it look like the computer was remotely locked by the police, because illegal content (it mentions child pornography and bestiality) was detected on the hard drive. It asks the user to pay a 100 euro fine to make a deal, otherwise the case would be taken to court.

didn't even know texeco was still around

 

[Jintor]

So Dropbox isn't an effective backup. Shit.

No, it sounds like you have to revert it through the web interface is all. (Well, not 'is all', but it's manageable). Still, better back up to an offline site just in case.

 

[sangreal]

I've seen this before, in a somewhat different form. Here in the Netherlands we've had something which came to be known as "Politievirus" (police virus)

It made it look like the computer was remotely locked by the police, because illegal content (it mentions child pornography and bestiality) was detected on the hard drive. It asks the user to pay a 100 euro fine to make a deal, otherwise the case would be taken to court.

ransomware is pretty common, the unique thing about cryptolocker is you can't just ignore it and clean it out because they really do encrypt all your files and the private key is stored remotely

 

[Bucket Mouse]

Guys, what if Malwarebytes created this virus to boost sales of their software?

 

[Despera]

I backup all my important files to the cloud.

Still, this is the first I hear of "ransomware".

 

[leatherhat]

Well congratz virus you successfully scared me. Just installed avast after years of only having malwarebytes free version.

 

[diehard]

I always wonder why kind of programs/files or websites people visit in order for stuff like this to scare them.

 

[Jintor]

I always wonder why kind of programs/files or websites people visit in order for stuff like this to scare them.

If even GAF can't control its banner ads effectively 100% of the time, may as well armour up for everywhere else on the web.

 

[Retroid]

That or Sandboxie, which is also a lifetime license for the Pro version. Malwarebytes is probably enough for most people though.

BTW I can recommend Sandboxie for general app containment, have used it for years (I think they still do the lifetime free upgrade deal).

It looks like they just recently (this month) dropped the lifetime license.

 

[Averon]

I am real-time protected by MSE and scan regularly with MAMB and Spybot. Is that enough? Or should I switch out MSE with Avast free edition? MSE will catch this BEFORE it executes, right?

 

[Daniel Jackson]

I am real-time protected by MSE and scan regularly with MAMB and Spybot. Is that enough? Or should I switch out MSE with Avast free edition? MSE will catch this BEFORE it executes, right?

Hope so, it's the only protection I'm running now. I like it because it's so light and nonintrusive

 

[MikeDown]

nothing will settle down, no one can protect people from themselves, which is the problem here.

which scares the crape out of me