Seems like it’s just going to remove the virus. If it really could recover the files I think they would be making a bigger deal about it.
Yea I don’t see anywhere that mentions deblocker for the cryptovirus.
JayS corp amex and dispute charges or follow reddit and complain to the company that processes the payment.
I’m surprised that paying is still working. Figured the payment processing would have been shut down by now.
It’s odd that people still get this when its mostly going around as an email attachment and is less likely to be generated on the fly and easier for signature detection.
THIS.
Sorry I forgot to update you guys, the $300 random worked. Symantec gave a fit despite having allowed infection in the first place, but once my guys sorted that out it was smooth sailing. We got lucky it didn’t encrypt any network volumes or externals. The admin that originally told me about this many weeks ago has a user today that got hit and it scrambled their net shares. They don’t have incremental backups so…
Free service Deblocker helps to:
delete/remove banner from Desktop,
unlock Windows,
restore access to encrypted files without sending an SMS message.
Says it right on the page…
The few attacks that we saw we’re not being caught by a/v.
AV doesn’t work durrrr
I can take a metasploit payload which is the most easily detectable things and make no AV pick it up which highlights a much larger issue
What kinda booze do you drink? I’ll stock up.
Not sure if you’re mocking me or not, but I wasn’t disagreeing… You don’t have to tell me that A/V doesn’t work. You said it should be easier for sig based detection since it’s mostly static executables. I was confirming that even though it SHOULD be easier, 2 major vendors were missing it…
So maybe you can tone down the condescension?
I wasn’t trying to be condescending you sure have a sandy vagina.
My durrrr was a mocking the AV industry not you :lol:
I don’t think he was directing that at you. Durrrr is Symantec’s middle name.
Annnnnd…another one bites the dust. When you open an email notification about pending voicemail and it’s a .zip containing an application…you’re gonna have a bad time.
Time to make another nas box and copy all my crap from one nas box to the other and unplug it 
I get blasted with at least 20 of these type of emails a day…I just laugh at them now, silly spammers.
I have a user base that can’t seem to grasp the warning signs for whatever reason. Fuck it, they can pay the $300 or they can have me restore their 2 month old image I took when I migrated their laptop to Windows 7. I guess I should be glad they made it 2 months. LOL
Apparently CryptoLocker is trying to install via these emails specifically the “You need to change your outlook settings” one.
That is another smart idea if the zip file has a password AV will ignore it.
Did not know this. I pick up so many lil tidbits through talking to you. 
-
-
- Updated - - -
-
And it seems I have a different infection on tap today…a student assistant updated java for a user using a download from an external source. SMRT
A/V can’t scan inside a zip if it doesn’t have the password to open the zip… Indeed a good idea, but I bet the password protection decreases the number of clicks. Better than no clicks though.