Theme

Welcome · log in · join	food

	All Forums		Hot Topics		Gallery

Forums → Software and Operating Systems →

Security → Re: U R infected ........, pay us $300 in Bitcoins

uniqs
20

« Open admin access to Xfinity customers' routers??? • Edward Snowden gets IT job in Russia »

This is a sub-selection from U R infected ........, pay us $300 in Bitcoins

joepwpb Premium Member join:2000-12-15 West Palm Beach, FL 2 edits	joepwpb to 85160670 Premium Member 2013-Oct-20 12:59 pm to 85160670 Re: U R infected ........, pay us $300 in Bitcoins It seems that between Malwarbytes Pro and adjustments to Group Policy, as defined in the Bleeping Computer post, I should be able to thwart this menace. My problem is that I have no experience with Gpedit. Would someone like to post, or IM me, a quick and easy how-to enter those Path Rules in the Bleeping Computer post? Thanks Joe P UPDATE: I may have the answer to my request in that I stumbled upon a program called CrypoPrevent. It makes the following statement: CryptoPrevent is based on the excellent prevention information from Grinler found here: »www.bleepingcomputer.com ··· ormation and will block the infection from executing It can be found here: »www.foolishit.com/vb6-pr ··· prevent/ Has anyone seen this or tried this yet??
	actions · 2013-Oct-20 12:59 pm ·
seaman Premium Member join:2000-12-08 Seattle, WA	seaman Premium Member 2013-Oct-23 2:05 pm joepwpb, thanks for posting this tool. I imaged my sys drive and installed it this morning. Question to anyone- does running MBAM Pro realtime component conflict with AV such as Avira, Eset or NAV?
	actions · 2013-Oct-23 2:05 pm ·
TheJoker MVM join:2001-04-26 Charlottesville, VA	TheJoker MVM 2013-Oct-24 9:59 pm said by seaman: Question to anyone- does running MBAM Pro realtime component conflict with AV such as Avira, Eset or NAV? No, it shoudln't conflict, as it's an antimalware program, not an antivirus program. Some security programs install routine will detect it and not install unless MBAM is first removed, but simply reinstalling MBAM after the other security software is installed will fix the problem.
	actions · 2013-Oct-24 9:59 pm ·
seaman Premium Member join:2000-12-08 Seattle, WA	seaman Premium Member 2013-Oct-24 11:45 pm Thanks for the info TheJoker!
	actions · 2013-Oct-24 11:45 pm ·

angussf Premium Member join:2002-01-11 Tucson, AZ 1 recommendation	angussf to joepwpb Premium Member 2013-Oct-25 12:53 pm to joepwpb said by joepwpb: Has anyone seen this or tried this yet?? Yes, I implemented Software Policy Restrictions on my home box, which has Windows 7 Pro and therefore allows secpol.msc to be run. Click Start, Run, type "secpol.msc" and press [Enter] to start this process. Add new path restrictions under "Software Restriction Policies" -> "Additional Rules" by right-clicking "Additional Rules" and choosing "New Path Rule". I blocked %AppData%\.exe, %AppData%\\.exe, and four %Temp%\XXX\.exe where XXX was .zip, 7z, Rar, and wz. When I rebooted, this immediately broke Cubby, Dropbox, and LogMeIn's Firefox module, so I had to explicitly allow those .exes. For most home users this won't work - home versions of Vista and Windows 7 don't support SRPs.
	actions · 2013-Oct-25 12:53 pm ·

psloss Premium Member join:2002-02-24	psloss Premium Member 2013-Oct-29 2:40 pm said by angussf: For most home users this won't work - home versions of Vista and Windows 7 don't support SRPs. Yes and no -- there's no GUI, but most of the plumbing is there on other SKUs. The aforementioned CryptoPrevent appears to be generating the SAFER entries in the Registry on Win7 Starter and the system appears to be generating what looks like SRP alert to me when I exercise one of them.
	actions · 2013-Oct-29 2:40 pm ·

Forums → Software and Operating Systems → Security	« Open admin access to Xfinity customers' routers??? • Edward Snowden gets IT job in Russia »
This is a sub-selection from U R infected ........, pay us $300 in Bitcoins