Well, I need to have some sort of protection on there for spyware and anti virus. It’s better than having nothing right?
Just run Microsoft security essentials its free
I was just explaining there isn’t a end all for antivirus/spyware protection.
You’re also much better off not using internet explorer and using chrome 
I use FF most of the time. Never use IE.
Avast is ranking pretty high on detection right now. I think MSE has been slacking off a bit.
We just got hit with a phishing attack that contained the above (cryptolocker). Good times ahead. LOL
Any of you guys see this in the wild? I was warned about it a few weeks back.
^Damn that looks scary. As LZ said run the EMET tool. Wondering if the DEP portion takes care of this?
If you want to install Avast (which is what I’m using). Download from this link http://www.avast.com/get/TRKxgoo2
If I get a certain number of installs It bumps up to Avast Internet Security for 1 year. Remember to remove previous versions of your A/V before installing a new one.
spent all day dealing with cryptolocker. It’s really fun when you have multiple shared network drives mounted to the machine. We are seeing whole directories on shared network resources being completely encrypted and fucked…fml, not getting any sleep anytime soon.
All started with a malicious email attachment. A .zip with a .exe in it, that is masquarading as a PDF (thumbnail shows PDF once extracted) Exactly the same behaviors as above link. Luckily it’s easy to identify on machines but it’s still a brutal mess.
Motherfuckers really need to stop clicking on shit!
UGGG fuck. It encrypted your mapped drives? I’m not sure whether we got hit there or not at this point. The one user was at home so that should be a no, the other one was an internal tower so…
-
-
- Updated - - -
-
AV have been lagging on this gem. Really it comes down to the users being smart enough to not click stupid shit…which is a near impossibility it seems. 8/
Yep, any drive that is mapped and is writable will be fucked
We’re having to restore from backup and mount read-only until this is under control…
Bummer. You don’t have incremental backups on the mapped shares? I’ll update when I hear whether paying the ransom worked or not, I suspect it will.
See other thread :-p
Fucking thanks alot, now I have to update 2 threads. 
EMET Tool 4.1 out
Change your eBay passwords:
Looks like Malwarebytes is rolling out their own EMET type tool. Has a free and paid version:
http://blog.malwarebytes.org/news/2014/06/introducing-malwarebytes-anti-exploit/
Any of you enterprise guys using Applocker via GPO?
Nope, never heard of it honestly. Just deny users from installing software (usually) only to the %programfiles% folder. SCCM for program distribution.