Main Area and Open Discussion > General Software Discussion

CryptoLocker and CryptoPrevent

<< < (4/6) > >>

tomos:
Do I have to get the paid version of HitmanPro?
-bit (November 21, 2013, 11:41 PM)
--- End quote ---
-
according to the post above yours: no

Hitman Pro is anti-malware - costs $
The naming is confusing - they have HitmanPro.Alert and Cryptoguard which I think are the same thing (free).

from paulobrabo's link above:
When the above alert is displayed, the malicious process is neutralized. It can no longer harm your files.

To remove the malicious code from your computer you click on the Scan with HitmanPro button which will automatically download the HitmanPro anti-malware application (if not already installed on your computer).

HitmanPro will scan your computer for malicious programs and allows you to remove them.
--- End quote ---
-
the CryptoGuard thingy from Hitman is free - as a free app, I'd imagine it does not auto-update, but I dont know.

paulobrabo:
Indeed, the naming is confusing, but no – you don't have to have HitmanPro (which costs money) to have your files protected by HitmanPro.Alert (free). Alert will not clean your computer from infection (you may have to use another program for that, say Malwarebytes Free/Pro), but it won't let your files be encrypted, actually stopping the infection before it can do any harm.

As for updates, as Alert is behavior based and not signature based, that shouldn't be a big problem. From the website, about HitmanPro.Alert:


* Future proof technology does not rely on malware signatures.
* Compatible with all antivirus programs and runs alongside any other security software.

mwb1100:
I think it may be helpful to see what has or has not detected at least one variant of Cryptolocker:

  - https://www.virustotal.com/en/file/d765e722e295969c0a5c2d90f549db8b89ab617900bf4698db41c7cdad993bb9/analysis/

It looks like most of the well known anti-malware detect it.  However, I'm sure the slime creating this work constantly to have variants that slip past detection.

bit:
I just got the paid version of CryptoPrevent.

By the way, here's a head's-up on an attempted phishing attack.
I recently received an expertly-presented email spoofing Paypal, with perfectly imitated graphics-intensive letterhead just like Paypal, and full of hyperlinks to various sub-departments.
It said my account had encountered suspicious activity, a 'Paypal Identity Issue', with case serial number, and that my access to Paypal was being restricted until I could clear this up.
I was then instructed to reply to the email, and give my correct user name, password, credit card and bank info, mother's maiden name, and a host of other critical details.
It was a disaster-in-the-making, a rat trap waiting to be sprung by me, the unsuspecting target.
I did NOT click on any links in the email, but instead went to my browser and logged into Paypal with no problem whatsoever.
Curiously, I was still 'in denial' and trying to convince myself that this was actually happening.
I found Paypal's email address for reporting 'spoofs', which is appropriately named <[email protected]> and forwarded the email, and a second one sent to me by the scam artists as a 'reminder'.
Paypal sent back a notice a day later that it was indeed a phishing attempt.
That @#$&* phishing email looked exactly like a Paypal graphics letterhead, so authentic it was amazing.
So beware and be aware, "they're out there".
Reminder: Paypal will never ask you for your critical info like credit card number, bank account number, your mother's maiden name, Paypal log-in password and so on, by email.
If they do, they ain't Paypal and it's probably a phishing rat-trap waiting for you to spring it on yourself.

wraith808:
One thing that I do want to remind people of that are in the same position as bit- with an authentic looking e-mail from their financial institution:

A little bit of convenience is not worth a whole lot of heartache.

Even with official e-mails and such, I never use the links in the e-mail.  Anything that you find in the email should be findable if you go to the site yourself and login.  Most financial institutions have a secure internal messaging system- the one that you receive by your e-mail is in general just a backup from what I've seen.  Look for the alert there in your messages.  Sometimes it even in the banner when you sign in- that's if you need to do anything.  Especially in relation to some problem with your account.  Worst case- call.  But don't get in the habit of clicking links to financial institutions I think is the best advice towards phishing that can be given.

Navigation

[0] Message Index

[#] Next page

[*] Previous page