Author Topic: CryptoLocker detection?  (Read 4237 times)

Offline Syl

  • Comodo's Hero
  • *****
  • Posts: 540
CryptoLocker detection?
« on: October 17, 2013, 06:26:10 PM »
I was wondering if CIS was able to detect CryptoLocker, since other antivirus have trouble with it.

Here is a reddit post explaning what it is.
Be careful to not click on the exe inside the post, since it's the virus.

http://www.reddit.com/r/sysadmin/comments/1mizfx/proper_care_feeding_of_your_cryptolocker/

Offline Qiuhui.Wang

  • Comodo Staff
  • Comodo's Hero
  • *****
  • Posts: 2111
Re: CryptoLocker detection?
« Reply #1 on: October 17, 2013, 06:55:27 PM »
Hi Syl ,

Thanks for reporting.
Could you please submit the detected file at
http://internetsecurity.comodo.com/submit.php.

Regards
Qiuhui.Wang

Offline Syl

  • Comodo's Hero
  • *****
  • Posts: 540
Re: CryptoLocker detection?
« Reply #2 on: October 17, 2013, 08:00:55 PM »
so... you want me to download the virus on my computer, then upload it with your form?
That would be a stupid move, I don't download this rubbish*.

Offline Chiron

  • Global Moderator
  • Comodo's Hero
  • *****
  • Posts: 11951
Re: CryptoLocker detection?
« Reply #3 on: October 17, 2013, 08:12:34 PM »
I downloaded it from that site and CIS detected it as malware.

Offline Qiuhui.Wang

  • Comodo Staff
  • Comodo's Hero
  • *****
  • Posts: 2111
Re: CryptoLocker detection?
« Reply #4 on: October 17, 2013, 08:18:35 PM »
I haven't found the sample link in this article。

About the sample in this article CryptoLocker (Trojan:Win32/Crilock.A)  Sample SHA1: 65559245709fe98052eb284577f1fd61c01ad20d, CIS have detected.
« Last Edit: October 17, 2013, 08:22:58 PM by Qiuhui.Wang »

Offline Chiron

  • Global Moderator
  • Comodo's Hero
  • *****
  • Posts: 11951
Re: CryptoLocker detection?
« Reply #5 on: October 17, 2013, 09:00:59 PM »
Qiuhui.Wang, I have sent you a PM with the link provided in the original article.

Offline Qiuhui.Wang

  • Comodo Staff
  • Comodo's Hero
  • *****
  • Posts: 2111
Re: CryptoLocker detection?
« Reply #6 on: October 17, 2013, 09:34:28 PM »
About file <name:1002.exe> <SHA1:1ccb7703f1862f76ba0992d16cf5478e6562314f>

this is normal file.

Offline Syl

  • Comodo's Hero
  • *****
  • Posts: 540
Re: CryptoLocker detection?
« Reply #7 on: October 18, 2013, 06:13:29 AM »
thanks for the update.

Offline Cavehomme

  • Comodo's Hero
  • *****
  • Posts: 395
Re: CryptoLocker detection?
« Reply #8 on: October 25, 2013, 09:24:32 AM »
Any updates on CIS and CryptoLocker? This is a very nasty piece of malware, would the CIS sandbox stop it from executing or not?

Offline Kreynolds15

  • Newbie
  • *
  • Posts: 5
Re: CryptoLocker detection? - CIS Ensures 100% Immunity!
« Reply #9 on: October 25, 2013, 06:34:09 PM »
CIS protects users from CryptoLocker - you are 100% immune when browsing through the CIS browsing feature. This blog post explains it all, plus what to do if you're already infected.
 
http://blogs.comodo.com/pc-security/cryptolocker-virus-best-practices-to-ensure-100-immunity/

 

Free Endpoint Protection
Seo4Smf 2.0 © SmfMod.Com Smf Destek