This Ransomware Virus

Discussion in 'Operating Systems' started by Rich_Guy, May 13, 2017.

  1. Rich_Guy

    Rich_Guy Ancient Guru

    Messages:
    11,518
    Likes Received:
    2
    GPU:
    Sapphire Fury Tri-X OC x2
    Ive updated Defender, but ive not had any updates for my Win 7, since they changed em to the Win 10s way, so downloaded this one from the catalogue :- March, 2017 Security Only Quality Update for Windows 7 for x64-based Systems (KB4012212), which i got from here :- https://technet.microsoft.com/en-us/library/security/ms17-010.aspx, via the Win 7 64bit SP1 (4012212)
    Security Only
    link down in the 'Affected Software' list.

    Is that the right one i need to install ? (as theres another one underneath it called March, 2017 Security Only Quality Update for Windows 7 (KB4012212), which is only 18.8mb, but im guessing thats for 32bit).

    Thanks.
     
  2. Extraordinary

    Extraordinary Ancient Guru

    Messages:
    17,767
    Likes Received:
    16
    GPU:
    GTX980 SLI
  3. Rich_Guy

    Rich_Guy Ancient Guru

    Messages:
    11,518
    Likes Received:
    2
    GPU:
    Sapphire Fury Tri-X OC x2
    Ive got the right one then, cheers Extraordinary, ill get it installed! :D
     
  4. Extraordinary

    Extraordinary Ancient Guru

    Messages:
    17,767
    Likes Received:
    16
    GPU:
    GTX980 SLI

  5. Rich_Guy

    Rich_Guy Ancient Guru

    Messages:
    11,518
    Likes Received:
    2
    GPU:
    Sapphire Fury Tri-X OC x2
    Yeah not got the Monthly Rollup, thanks again :)

    EDIT! and Shes In! :D
     
    Last edited: May 13, 2017
  6. Extraordinary

    Extraordinary Ancient Guru

    Messages:
    17,767
    Likes Received:
    16
    GPU:
    GTX980 SLI
    At the bottom of the reddit comments was the same KB :)

    You can go click random exes to your hearts content now :D
     
  7. Rich_Guy

    Rich_Guy Ancient Guru

    Messages:
    11,518
    Likes Received:
    2
    GPU:
    Sapphire Fury Tri-X OC x2
  8. seahateme

    seahateme New Member

    Messages:
    1
    Likes Received:
    0
    GPU:
    RipjawsZ 4x4GB
    :)I encountered the same problem several days too.
     
  9. Ghosty

    Ghosty Ancient Guru

    Messages:
    4,876
    Likes Received:
    0
    GPU:
    GT 840M
    Disable Defender in group policy? Problem solved.
     
  10. AsiJu

    AsiJu Ancient Guru

    Messages:
    3,571
    Likes Received:
    4
    GPU:
    EVGA 980Ti SC+/Xtreme IV
    On a related matter I've now got the "Edge redirect" malware twice!

    It will randomly open a new tab when clicking a link, redirecting usually to an ad site. Neither Defender nor MalwareBytes, AdCleaner etc. have been able to remove it!

    Only way was to delete my user account and re-create it to make sure all Edge related files were gone. Sheesh...
     

  11. KissSh0t

    KissSh0t Ancient Guru

    Messages:
    5,101
    Likes Received:
    2
    GPU:
    ASUS RX 470 Strix Gaming
    Are there any unusual running services?
     
  12. Clouseau

    Clouseau Ancient Guru

    Messages:
    1,805
    Likes Received:
    0
    GPU:
    MSI RX 480 Gamming
  13. AsiJu

    AsiJu Ancient Guru

    Messages:
    3,571
    Likes Received:
    4
    GPU:
    EVGA 980Ti SC+/Xtreme IV
    Nope, services and processes as usual, as were scheduled tasks.

    Tried that and didn't help, the issue recurred after restoring Edge. Guess it's some small file hidden deep within Edge libraries that don't get removed.

    Deleting user account has worked both times. Takes a while to resetup everything but thankfully installed programs remain as there's another account on the pc (from within which I deleted my account).

    And yes, before you ask I was searching for a crack... hint: do not mount and run any .iso files claiming to be something even if AV scan shows them as clean :p

    So I do know very well how I got the malware and can avoid it. Just a bit worrysome no AV or AM seem to detect it.

    It seems these .iso files contain an installer which claims to install a download searcher but in fact installs the adware.
    I knew the files were fishy but tried anyway. Thinking Defender or Malwarebytes will intercept possible malware. Nope.
     
  14. CrazY_Milojko

    CrazY_Milojko Ancient Guru

    Messages:
    1,685
    Likes Received:
    0
    GPU:
    GTX760, R9 270X, GTX970..
    Did you tried HitmanPro ? Upon start choose: One time use... (something like that) and register via mail (real or fake, doesn't matter). Great all-around malware cleaner, even in free version.
     
  15. AsiJu

    AsiJu Ancient Guru

    Messages:
    3,571
    Likes Received:
    4
    GPU:
    EVGA 980Ti SC+/Xtreme IV
    ^ that too and a fourth one. They did find something but apparently failed to delete the bugger.

    Lesson learned, I wanted the crack temporarily as the trial for said software had expired. I can access a legit version via my work laptop via VPN for home work.

    The software just runs so much faster on my desktop so installed the trial version.

    In theory I should be able to install a local copy on my desktop and borrow a license, but that depends on how the license server is configured and are the work IT guys willing to allow my pc remote access to license server.
     

  16. CrazY_Milojko

    CrazY_Milojko Ancient Guru

    Messages:
    1,685
    Likes Received:
    0
    GPU:
    GTX760, R9 270X, GTX970..
    ^^^^ Probably malware you've got integrated himself deeply into OS, saw that few times, for tough mofos like that one great solution is to use Kaspersky Rescue Disk 10, bootable Linux-like Kasperky anti-malware tool for search & destroy of all kinds of malwares who are deeply integrated into main OS located on HDD. This great piece of software more than few times has saved asses of my friends when dozens of AV and other anti-malware tools were completely unuseful against few agressive malwares. With Kaspersky Rescue Disk 10 malwares can't defend themselfs, no way to mask or hide... And it's free.
     
  17. AsiJu

    AsiJu Ancient Guru

    Messages:
    3,571
    Likes Received:
    4
    GPU:
    EVGA 980Ti SC+/Xtreme IV
    ^ thanks! Think I'll give it a shot now just to be sure.
     
  18. CrazY_Milojko

    CrazY_Milojko Ancient Guru

    Messages:
    1,685
    Likes Received:
    0
    GPU:
    GTX760, R9 270X, GTX970..
    Right after the boot make sure to update KRD10's malware definitions base first, online of course, when it's done check every single HDD/SSD partition on infected machine and do a full scan. Without latest malware ddfinition base itt's not much useful against latest malwares.

    I saw few times KRD10 couldn't make a use of integrated LAN card so I had to use PCI LAN card or to move infected HDD to some older generation PC, boot KRD10 on that rig where LAN card is rwcognized by KRD10, update it's base and kill the f**ker using that older rig.

    My two cents..
     
  19. toronto699

    toronto699 Member

    Messages:
    43
    Likes Received:
    0
    GPU:
    asus GTX660
    Last edited: May 26, 2017
  20. Sabbath

    Sabbath Master Guru

    Messages:
    909
    Likes Received:
    0
    GPU:
    Gigabyte WF3 GTX670 2GB

Share This Page