Windows 7 Forums
Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.


Windows 7: New Trojan Malware Encrypts All Files, Demands Ransom


17 Mar 2013   #1

Microsoft Community Contributor Award Recipient

Windows 7 Home Premium x64 SP1
 
 
New Trojan Malware Encrypts All Files, Demands Ransom

Quote:
Russian anti-virus company Doctor Web is warning users of an active ransomware campaign executed through brute force attack via the RDP protocol on target machines.

Once connected to the attacked PC, cyber-criminals launch a variant of the ArchiveLock Trojan, which uses the archiver WinRAR to encrypt files.
Source

A Guy


My System SpecsSystem Spec
.

17 Mar 2013   #2

Win 7 Home Premium SP1 32 bit
 
 

Thanks for posting..
My System SpecsSystem Spec
20 Mar 2013   #3

Windows 7 Home Premium 64-bit SP1
 
 

Now that's new, thanks for posting.
My System SpecsSystem Spec
.


20 Mar 2013   #4

Windows 8.1 Pro w/Media Center 64bit, Windows 7 HP 64bit
 
 

Dr Web found this in Aug 2012 but now it is showing up a lot more. I assume that not allowing Remote Desktop connections they can't get in and by now I would think that AV software would pick this up. But the article doesn't say much about it.

Name:  RDP.PNG
Views: 12
Size:  21.0 KB

Jim


My System SpecsSystem Spec
20 Mar 2013   #5

W7 X-64 W8.1 X-64 Opensuse 13.1 W2003 Server
 
 

Hi there
This isn't anything new -- we've all seen this stuff "Ad Nauseam".

If you take basic precautions and use things like MSE (or whatever decent A/V stuff you want) you really should NEVER get a virus --and even if you do provided you have proper backups and archives just re-format the disk (via a bootable read only program so it cannot be infected itself), and then restore your clean system and data.

In any case you should always regularly backup your OS and archive your data.

Sometimes I think that a lot of these viruses are actually CREATED by some A/V companies into scaremongering people to buy their products or at least pay for an upgrade. Knowing how some often seemingly quite legitimate businesses work these days it wouldn't surprise me in the least if they did this.


SIMPLE RULES:

1) SEPARATE OS FROM USER DATA (User data - music, photos, video, documents etc).
2) Backup OS Daily (use a program which allows BOOTABLE restore).
3) Archive User data regularly -- it doesn't change hugely so archive the static parts first (music files for example - once archived you don't have to back up the same files again -- only new ones).
4) Don't even THINK of opening email from unknown recipients.
5) Don't open email attachments unless you know exactly who sent them and what they are about.
6) Don't download dubious software from torrents etc -- especially things like Key gens, KMS activators etc.
7) Don't give away data about yourself -- amazing how people put confidential data on public sites like facebook -- that's the best way of "Identity theft, Internet Fraud etc.

WEB stuff : Avoid simple scams like "FREE this ---" then you have to give a Credit card number.
When downloading open source software click on the PROPER LINK -- a lot of sites are so confusing (deliberately) so you click on what you think is the program and then it's either something like "Managed download" or a particularly annoying one is the AVS video converter (pay for) rather than the program you are actually trying to download.

NEVER use those online "Fix your registry" or "find drivers for you" programs. The Driver one is a particularly nasty piece of Sneakware as it might find a driver but then will ask you to PAY to access the site. Drivers these days are all in PUBLIC DOMAIN especially if you HAVE the hardware so should be free.

If you can test software in a VM before installing on your main machine so if it doesn't work you haven't lost any time etc - just delete the VM.

Be careful also of Websites that LOOK like legit Bank sites etc etc. Also when buying online choose reputable suppliers.

Internet FRAUD / Identity theft is FAR FAR more a problem than Viruses on individual users machines --these days hackers are more likely to attempt cyber crime against institutions like FBI, NYSE, NASDAQ,BANKS and large global multi-nationals.

Cheers
jimbo
My System SpecsSystem Spec
20 Mar 2013   #6

Windows 7 Ultimate SP1 (64 bit), Windows XP SP3, Linux Mint 17 MATE (64 bit)
 
 
Backup HDD Image

Another reason to create HDD images (often) and have external backup copies.

A lot of good suggestions jimbo45.
My System SpecsSystem Spec
20 Mar 2013   #7

Microsoft Community Contributor Award Recipient

Windows 7 Home Premium x86 Service Pack 1 - Linux Mint Mate 14 x64
 
 

Every good post jimbo, I've seen many OP's use driver programs and registry cleaners, and my first response is: Remove program(s), scan for malware and then scan for corrupted system files.
My System SpecsSystem Spec
20 Mar 2013   #8

Windows 7 Pro-x64
 
 

Another good reason to turn off SNMP.
My System SpecsSystem Spec
20 Mar 2013   #9

Win7 Pro SP1 64
 
 

Thanks for posting this.
My System SpecsSystem Spec
20 Mar 2013   #10

Windows 7 Home Premium 64x
 
 

Good to know, thanks
My System SpecsSystem Spec
Reply

 New Trojan Malware Encrypts All Files, Demands Ransom




Thread Tools



Similar help and support threads for2: New Trojan Malware Encrypts All Files, Demands Ransom
Thread Forum
Continuous Bluescreens after removal of Ransom Malware BSOD Help and Support
Ransomware encrypts files claiming SOPA piracy charges Security News
Dorifel Malware Encrypts Files, Steals Financial Data... Security News
Windows Backup Not Working + Ransom Malware problem Backup and Restore
Conan demands: You must air my show in Finland! Chillout Room
Virus/malware/trojan info System Security

Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd

All times are GMT -5. The time now is 04:11 AM.
Twitter Facebook Google+



Windows 7 Forums

Seven Forums Android App Seven Forums IOS App
  

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33