Just a quick warning for d7 users running on Windows 8 and 8.1 – dCloud and FTP uploads from these operating systems may fail and corrupt the upload. Areas affected: FTP uploads using the internal FTP client FTP uploading of your reports to PCRT dCloud configuration uploads dCloud definition merge On a personal level, I had no issues from Windows 8, but 8.1 definitely corrupts the uploads for me. I would say it is something about...
First on the list is protection from executables running from inside the Recycle Bin – you know that pesky type of malware that likes to hide in nested subfolders in there… Protected. Next on the list is the new optional CryptoPrevent Automatic Updates service for home users! ’nuff said.
Changes in v2.6: Implemented protection (and whitelisting) for *.com *.scr and *.pif files in addition to *.exe for %appdata% directories in order to block a lot more malware than just Cryptolocker. Why not!? Added new file extensions to the fake file extension protection. Implemented a 12 second timer to stop waiting on group policy to refresh when applying actions, as it was noted on some systems that gpupdate seems to freeze up. Hopefully this will...
http://www.youtube.com/watch?v=VchceUk2jks Tune in and check out the entire show, it’s a good one. If you’re just interested in me saying “umm” a lot then tune to the 59:00 minute mark. 🙂
CryptoPrevent v2.5 has just been released with a few changes, including a new layer of protection against malicious software. How often have you seen executable trojan droppers for malware disguised as a document? If you have any experience in the field, the answer should be FREQUENTLY. This particular tactic of malware relies on the fact that file extensions are hidden in Windows by default, so most users will see the normal icon and a filename...
Recent changes: v2.4 – implemented the option to check for updates direct from this website within the application itself. v2.3 – relaxed protection methods on Vista+ OSes as rules of prior versions were blocking some executables running from %temp% directories which could cause certain application installations to fail unless you temporarily removed protection during the installation. This should no longer be necessary. Tested relaxed protection against Cryptolocker to ensure it still cannot infect the OS,...
There’s a lot of buzz revolving around my last new utility, CryptoPrevent, and there are a lot of sharp folks out there who prefer to examine the file hashes of their downloads (especially with software of this type) to ensure that the download is actually what it is supposed to be, and not a corrupted or infected replacement. For this purpose, I’ve introduced QuickHash, a tiny utility to quickly examine a file’s hashes (MD5, SHA1,...
After being tested on some systems, the protection wasn’t working for temporarily extracted executables from archive files. What I discovered was in software protection policies, the %temp% environment variable simply wasn’t expanding as expected. It is a complete MYSTERY to me why it works with %appdata% and not %temp%. Thanks for the unpredictable behavior, Microsoft! Note that CryptoPrevent’s internal test function only tests for the protection in %appdata% so it would succeed once properly applied,...
v2.0 v2.0.1 of my Cryptolocker prevention utility has been released with new whitelisting capabilities and command line parameters for scripting! UDPATE: v2.0 had a bug in the whitelisting component which didn’t work on some systems, it is fixed in v2.0.1 and is tested on all platforms. https://www.d7xtech.com/cryptoprevent-malware-prevention/ New functionality: Automatically whitelist all EXEs currently located in %appdata% / %localappdata% and their first level subdirectories. Whitelist editor where you can view existing whitelisted items, and whitelist individual EXEs...
With all this mess about Cryptolocker going around, a lot of folks are looking to immunize themselves from this nasty bit of malware which will encrypt user files and hold them for ransom. Removal of the malware is easy with d7, but there is no known method to decrypt the files except by paying the ransom, so prevention is crucial. There is a Cryptolocker Prevention Kit here: http://msmvps.com/blogs/bradley/archive/2013/10/15/cryptolocker-prevention-kit.aspx however the kit is for domains and professional...
© 2024 · d7xtech.com