This Ransomware Virus

Discussion in 'Operating Systems' started by Rich_Guy, May 13, 2017.

  1. Rich_Guy

    Rich_Guy Ancient Guru

    Messages:
    12,709
    Likes Received:
    679
    GPU:
    MSI 2070S X-Trio
    Ive updated Defender, but ive not had any updates for my Win 7, since they changed em to the Win 10s way, so downloaded this one from the catalogue :- March, 2017 Security Only Quality Update for Windows 7 for x64-based Systems (KB4012212), which i got from here :- https://technet.microsoft.com/en-us/library/security/ms17-010.aspx, via the Win 7 64bit SP1 (4012212)
    Security Only
    link down in the 'Affected Software' list.

    Is that the right one i need to install ? (as theres another one underneath it called March, 2017 Security Only Quality Update for Windows 7 (KB4012212), which is only 18.8mb, but im guessing thats for 32bit).

    Thanks.
     
  2. Extraordinary

    Extraordinary Ancient Guru

    Messages:
    19,562
    Likes Received:
    1,629
    GPU:
    ROG Strix 1080 OC
  3. Rich_Guy

    Rich_Guy Ancient Guru

    Messages:
    12,709
    Likes Received:
    679
    GPU:
    MSI 2070S X-Trio
    Ive got the right one then, cheers Extraordinary, ill get it installed! :D
     
  4. Extraordinary

    Extraordinary Ancient Guru

    Messages:
    19,562
    Likes Received:
    1,629
    GPU:
    ROG Strix 1080 OC

  5. Rich_Guy

    Rich_Guy Ancient Guru

    Messages:
    12,709
    Likes Received:
    679
    GPU:
    MSI 2070S X-Trio
    Yeah not got the Monthly Rollup, thanks again :)

    EDIT! and Shes In! :D
     
    Last edited: May 13, 2017
  6. Extraordinary

    Extraordinary Ancient Guru

    Messages:
    19,562
    Likes Received:
    1,629
    GPU:
    ROG Strix 1080 OC
    At the bottom of the reddit comments was the same KB :)

    You can go click random exes to your hearts content now :D
     
  7. Rich_Guy

    Rich_Guy Ancient Guru

    Messages:
    12,709
    Likes Received:
    679
    GPU:
    MSI 2070S X-Trio
  8. seahateme

    seahateme New Member

    Messages:
    1
    Likes Received:
    0
    GPU:
    RipjawsZ 4x4GB
    :)I encountered the same problem several days too.
     
  9. Ghosty

    Ghosty Ancient Guru

    Messages:
    6,207
    Likes Received:
    327
    GPU:
    AMD Radeon Graphics
    Disable Defender in group policy? Problem solved.
     
  10. AsiJu

    AsiJu Ancient Guru

    Messages:
    7,649
    Likes Received:
    2,518
    GPU:
    MSI 6800XT GamingX
    On a related matter I've now got the "Edge redirect" malware twice!

    It will randomly open a new tab when clicking a link, redirecting usually to an ad site. Neither Defender nor MalwareBytes, AdCleaner etc. have been able to remove it!

    Only way was to delete my user account and re-create it to make sure all Edge related files were gone. Sheesh...
     

  11. KissSh0t

    KissSh0t Ancient Guru

    Messages:
    10,100
    Likes Received:
    3,938
    GPU:
    ASUS RX 470 Strix
    Are there any unusual running services?
     
  12. Clouseau

    Clouseau Ancient Guru

    Messages:
    2,734
    Likes Received:
    429
    GPU:
    ZOTAC AMP RTX 3070
  13. AsiJu

    AsiJu Ancient Guru

    Messages:
    7,649
    Likes Received:
    2,518
    GPU:
    MSI 6800XT GamingX
    Nope, services and processes as usual, as were scheduled tasks.

    Tried that and didn't help, the issue recurred after restoring Edge. Guess it's some small file hidden deep within Edge libraries that don't get removed.

    Deleting user account has worked both times. Takes a while to resetup everything but thankfully installed programs remain as there's another account on the pc (from within which I deleted my account).

    And yes, before you ask I was searching for a crack... hint: do not mount and run any .iso files claiming to be something even if AV scan shows them as clean :p

    So I do know very well how I got the malware and can avoid it. Just a bit worrysome no AV or AM seem to detect it.

    It seems these .iso files contain an installer which claims to install a download searcher but in fact installs the adware.
    I knew the files were fishy but tried anyway. Thinking Defender or Malwarebytes will intercept possible malware. Nope.
     
  14. CrazY_Milojko

    CrazY_Milojko Ancient Guru

    Messages:
    2,428
    Likes Received:
    988
    GPU:
    Asus STRIX 1070 OC
    Did you tried HitmanPro ? Upon start choose: One time use... (something like that) and register via mail (real or fake, doesn't matter). Great all-around malware cleaner, even in free version.
     
  15. AsiJu

    AsiJu Ancient Guru

    Messages:
    7,649
    Likes Received:
    2,518
    GPU:
    MSI 6800XT GamingX
    ^ that too and a fourth one. They did find something but apparently failed to delete the bugger.

    Lesson learned, I wanted the crack temporarily as the trial for said software had expired. I can access a legit version via my work laptop via VPN for home work.

    The software just runs so much faster on my desktop so installed the trial version.

    In theory I should be able to install a local copy on my desktop and borrow a license, but that depends on how the license server is configured and are the work IT guys willing to allow my pc remote access to license server.
     

  16. CrazY_Milojko

    CrazY_Milojko Ancient Guru

    Messages:
    2,428
    Likes Received:
    988
    GPU:
    Asus STRIX 1070 OC
    ^^^^ Probably malware you've got integrated himself deeply into OS, saw that few times, for tough mofos like that one great solution is to use Kaspersky Rescue Disk 10, bootable Linux-like Kasperky anti-malware tool for search & destroy of all kinds of malwares who are deeply integrated into main OS located on HDD. This great piece of software more than few times has saved asses of my friends when dozens of AV and other anti-malware tools were completely unuseful against few agressive malwares. With Kaspersky Rescue Disk 10 malwares can't defend themselfs, no way to mask or hide... And it's free.
     
  17. AsiJu

    AsiJu Ancient Guru

    Messages:
    7,649
    Likes Received:
    2,518
    GPU:
    MSI 6800XT GamingX
    ^ thanks! Think I'll give it a shot now just to be sure.
     
  18. CrazY_Milojko

    CrazY_Milojko Ancient Guru

    Messages:
    2,428
    Likes Received:
    988
    GPU:
    Asus STRIX 1070 OC
    Right after the boot make sure to update KRD10's malware definitions base first, online of course, when it's done check every single HDD/SSD partition on infected machine and do a full scan. Without latest malware ddfinition base itt's not much useful against latest malwares.

    I saw few times KRD10 couldn't make a use of integrated LAN card so I had to use PCI LAN card or to move infected HDD to some older generation PC, boot KRD10 on that rig where LAN card is rwcognized by KRD10, update it's base and kill the f**ker using that older rig.

    My two cents..
     
  19. toronto699

    toronto699 Member

    Messages:
    41
    Likes Received:
    0
    GPU:
    asus GTX660
    Last edited: May 26, 2017
  20. Sabbath

    Sabbath Maha Guru

    Messages:
    1,017
    Likes Received:
    39
    GPU:
    RTX 2080 Super

Share This Page