New Trojan Malware Encrypts All Files, Demands Ransom

A Guy

Righteous Dude
Guru
VIP
SF Team
Local time
2:46 AM
Messages
33,044
Location
Bay Area
Russian anti-virus company Doctor Web is warning users of an active ransomware campaign executed through brute force attack via the RDP protocol on target machines.

Once connected to the attacked PC, cyber-criminals launch a variant of the ArchiveLock Trojan, which uses the archiver WinRAR to encrypt files.

Source

A Guy
 

My Computer My Computer

At a glance

Windows 10 Home x64INTEL Core i5-750 Quad-Core 3.37GHzHyperX Fury Black Series 8GB (2 x 4GB) 1866MhzEVGA GeForce GTX 750 Superclocked 1GB 128-Bit...
Computer type
PC/Desktop
OS
Windows 10 Home x64
CPU
INTEL Core i5-750 Quad-Core 3.37GHz
Motherboard
ASUS P7P55D
Memory
HyperX Fury Black Series 8GB (2 x 4GB) 1866Mhz
Graphics Card(s)
EVGA GeForce GTX 750 Superclocked 1GB 128-Bit GDDR5
Monitor(s) Displays
LG 32MA68HY 32" IPS
Screen Resolution
1920 x 1080
Hard Drives
Samsung 840 Evo 120GB, SEAGATE 500GB Barracuda® 7200.12, SATA 3 Gb/s, 7200 RPM, 16MB cache
PSU
ANTEC TruePower New TP-550, 80 PLUS, 550W
Case
ANTEC Three Hundred Illusion
Cooling
COOLER MASTER Hyper 212 Plus, 4 x 120mm 1 x 140mm Noctua's
Internet Speed
85 + Mbps
Antivirus
Avast
Browser
Vivaldi
Thanks for posting..
 

My Computer My Computer

At a glance

Win 7 Home Premium SP1 32 bitAMD Athlon 64 X2 5000B4.00 GB Dual-Channel DDR2 @ 370MHz (6-6-6-18)Acer E181H (1366x768@60Hz) 64MB GeForce 6150 ...
Computer type
PC/Desktop
Computer Manufacturer/Model Number
Dell optiplex 740
OS
Win 7 Home Premium SP1 32 bit
CPU
AMD Athlon 64 X2 5000B
Motherboard
Dell Inc. 0YP696 (Socket M2 )
Memory
4.00 GB Dual-Channel DDR2 @ 370MHz (6-6-6-18)
Graphics Card(s)
Acer E181H (1366x768@60Hz) 64MB GeForce 6150 LE (Dell)
Sound Card
SigmaTel High Definition Audio CODEC
Monitor(s) Displays
Acer E181H (1366x768@60Hz) 64MB GeForce 6150 LE (Dell)
Hard Drives
699GB Seagate ST375064 0NS SCSI Disk Device (ATA)
Case
Mini tower
Internet Speed
Ping 36 ms, Download 57.71 mbps , Upload 11.79mbps
Antivirus
Free Avast. Pro paid Mbam , Free Sas
Browser
Palemoon .
Now that's new, thanks for posting.
 

My Computer My Computer

At a glance

Windows 7 Home Premium 64-bit SP1Intel core i7 920 @ 2.67Ghz; Bloomfield 45nm ...16GB Dual-Channel DDR3 @ 540MHz (7-7-7-19)4095MB NVIDIA GeForce GTX 960 (EVGA)
Computer type
PC/Desktop
Computer Manufacturer/Model Number
Frankenstein PC
OS
Windows 7 Home Premium 64-bit SP1
CPU
Intel core i7 920 @ 2.67Ghz; Bloomfield 45nm Technology
Motherboard
Intel Corporation DX58SO (J1PR)
Memory
16GB Dual-Channel DDR3 @ 540MHz (7-7-7-19)
Graphics Card(s)
4095MB NVIDIA GeForce GTX 960 (EVGA)
Sound Card
N/A Integrated Audio
Monitor(s) Displays
Acer S231HLbid LED Monitor 23"
Screen Resolution
1920x1080 1080p 60Hz
Hard Drives
BOOT: 59GB ADATA SP900 (SSD)
STORAGE 1: 977GB Hitachi HDS721010CLA (SATA) @7200RPM;
STORAGE 2: 465GB Western Digital WDC WD5000AAKS-65YGA0 (SATA) @ 7200RPM;
PSU
EVGA SuperNOVA 750 G1 80+ Gold (120-G1-0750-XR)
Case
Cooler Master Elite Gaming Case Black 430
Cooling
Cooler Master Hyper 212 Heatsink. Front and rear 120mm fan
Keyboard
Rosewill RIKB-11003
Mouse
James Donkey 112S
Internet Speed
200/40
Antivirus
Avast! Antivirus Free
Browser
Cyberfox x64 / FireFox / PaleMoon x64; kept up-to-date
Other Info
Windows Installed on March 21, 2014
Dr Web found this in Aug 2012 but now it is showing up a lot more. I assume that not allowing Remote Desktop connections they can't get in and by now I would think that AV software would pick this up. But the article doesn't say much about it.

RDP.PNG

Jim :cool:
 

My Computer My Computer

At a glance

Windows 8.1 Pro w/Media Center 64bit, Windows...Phenom II X6 1100TCrucial Balistic 8gb DDR3-1866 CL9MSI R6850 Cyclone IGD5 PE
Computer type
PC/Desktop
Computer Manufacturer/Model Number
Home Built
OS
Windows 8.1 Pro w/Media Center 64bit, Windows 7 HP 64bit
CPU
Phenom II X6 1100T
Motherboard
ASUS M5A99X EVO
Memory
Crucial Balistic 8gb DDR3-1866 CL9
Graphics Card(s)
MSI R6850 Cyclone IGD5 PE
Sound Card
On Board
Monitor(s) Displays
ASUS VE258Q 25" LED with DVI-HDMI-DisplayPort
Screen Resolution
1920 x 1080
Hard Drives
Two WD Cavier Black 2TB Sata III, WD My Book Essential 2TB USB 3.0
PSU
Seasonic X650 80 Plus GOLD Modular
Case
Corsair 400R
Cooling
Antec Kuhler H2O 620, Two 120mm and four 140mm
Keyboard
Logitech K120
Mouse
Logitech Marble Mouse USB, Logitech Precision Game Pad
Internet Speed
15MB
Antivirus
Norton IS 2013, Malwarebytes Pro Beta 2
Browser
IE-11, FF-27
Other Info
APC UPS ES 750, Netgear WNR3500L Gigabit & Wireless N Router with SamKnows Test Program, Motorola SB6120 Gigabit Cable Modem. Brother HL-2170W Laser Printer, Epson V300 Scanner
Hi there
This isn't anything new -- we've all seen this stuff "Ad Nauseam".

If you take basic precautions and use things like MSE (or whatever decent A/V stuff you want) you really should NEVER get a virus --and even if you do provided you have proper backups and archives just re-format the disk (via a bootable read only program so it cannot be infected itself), and then restore your clean system and data.

In any case you should always regularly backup your OS and archive your data.

Sometimes I think that a lot of these viruses are actually CREATED by some A/V companies into scaremongering people to buy their products or at least pay for an upgrade. Knowing how some often seemingly quite legitimate businesses work these days it wouldn't surprise me in the least if they did this.


SIMPLE RULES:

1) SEPARATE OS FROM USER DATA (User data - music, photos, video, documents etc).
2) Backup OS Daily (use a program which allows BOOTABLE restore).
3) Archive User data regularly -- it doesn't change hugely so archive the static parts first (music files for example - once archived you don't have to back up the same files again -- only new ones).
4) Don't even THINK of opening email from unknown recipients.
5) Don't open email attachments unless you know exactly who sent them and what they are about.
6) Don't download dubious software from torrents etc -- especially things like Key gens, KMS activators etc.
7) Don't give away data about yourself -- amazing how people put confidential data on public sites like facebook -- that's the best way of "Identity theft, Internet Fraud etc.

WEB stuff : Avoid simple scams like "FREE this ---" then you have to give a Credit card number.
When downloading open source software click on the PROPER LINK -- a lot of sites are so confusing (deliberately) so you click on what you think is the program and then it's either something like "Managed download" or a particularly annoying one is the AVS video converter (pay for) rather than the program you are actually trying to download.

NEVER use those online "Fix your registry" or "find drivers for you" programs. The Driver one is a particularly nasty piece of Sneakware as it might find a driver but then will ask you to PAY to access the site. Drivers these days are all in PUBLIC DOMAIN especially if you HAVE the hardware so should be free.

If you can test software in a VM before installing on your main machine so if it doesn't work you haven't lost any time etc - just delete the VM.

Be careful also of Websites that LOOK like legit Bank sites etc etc. Also when buying online choose reputable suppliers.

Internet FRAUD / Identity theft is FAR FAR more a problem than Viruses on individual users machines --these days hackers are more likely to attempt cyber crime against institutions like FBI, NYSE, NASDAQ,BANKS and large global multi-nationals.

Cheers
jimbo
 
Last edited:

My Computer My Computer

At a glance

Linux CENTOS 7 / various Windows OS'es and se...Intel i7 Intel i58GB, 16GBOn Motherboard
Computer type
PC/Desktop
Computer Manufacturer/Model Number
Custom built, several laptops HP/ASUS
OS
Linux CENTOS 7 / various Windows OS'es and servers
CPU
Intel i7 Intel i5
Memory
8GB, 16GB
Graphics Card(s)
On Motherboard
Sound Card
Realtek HD audio
Monitor(s) Displays
Apple Cinema display, Samsung LCD
Screen Resolution
1920 X 1080
Hard Drives
4 X 1TB SATA
Mouse
Toshiba wireless laser
Internet Speed
> 20MB up
Backup HDD Image

Another reason to create HDD images (often) and have external backup copies. :geek:

A lot of good suggestions jimbo45. :)
 

My Computer My Computer

At a glance

W7 Ultimate SP1, LM19.2 MATE, W10 Home 1703, ...AMD Phenom II x6 1100T, 3.3 GHz12GB DDR3 1333 G-Skill (4GB x 2), G-Skill (2G...NVIDIA GeForce GTX 660
Computer type
PC/Desktop
Computer Manufacturer/Model Number
n/a
OS
W7 Ultimate SP1, LM19.2 MATE, W10 Home 1703, W10 Pro 1703 VM, #All 64 bit
CPU
AMD Phenom II x6 1100T, 3.3 GHz
Motherboard
ASUS M4A88T-M/USB3 (AM3)
Memory
12GB DDR3 1333 G-Skill (4GB x 2), G-Skill (2GB x 2)
Graphics Card(s)
NVIDIA GeForce GTX 660
Sound Card
Realtek?
Monitor(s) Displays
Samsung S23B350
Screen Resolution
1920x1080
Hard Drives
WD Green 2TB (SATA), WD Green 3TB (SATA), WD Blue 4TB (SATA), WD Blue 6TB (SATA)
PSU
Cooler Master
Case
Antec GX300 Tower
Cooling
3x Antec TRICOOL 120mm Fans
Mouse
Wired Optical
Internet Speed
DSL
Antivirus
Avast
Browser
Pale Moon (64 bit)
Other Info
2018-12-27 Upgraded HDDs
2015-12-10 Upgraded case, graphics card, storage
2015-08-15 Upgraded motherboard & RAM
2015-07-15 Upgraded LM17.1 to LM17.2
Every good post jimbo, I've seen many OP's use driver programs and registry cleaners, and my first response is: Remove program(s), scan for malware and then scan for corrupted system files.
 

My Computer My Computer

Computer type
Laptop
Another good reason to turn off SNMP.
 

My Computer My Computer

At a glance

Windows 7 Pro-x64i7-2600 3.4GHz - 3.8GHz Turbo8Gb - 2x4GB, Muskin 991770 PC3-1333Integrated Intel HD 2000
Computer type
PC/Desktop
Computer Manufacturer/Model Number
Built 2/11/2011
OS
Windows 7 Pro-x64
CPU
i7-2600 3.4GHz - 3.8GHz Turbo
Motherboard
Intel DH67BL-B3
Memory
8Gb - 2x4GB, Muskin 991770 PC3-1333
Graphics Card(s)
Integrated Intel HD 2000
Sound Card
Integrated Intel 10.1 HD, RealTek ALC892
Monitor(s) Displays
Asus LCD VH222H, Haier HL24XSL2a
Screen Resolution
1920x1080, 1920x1080
Hard Drives
Crucial SSD C300-128Gb,
Western Digital WD5002AALX - 500Gb,
Western Digital WD7501AALS - 750Gb
PSU
Seasonic 650W 80+ Gold Modular
Case
Rosewill Defender
Cooling
Stock CPU, Four 120mm case fans, PCH fan added
Keyboard
Logitech EX100 Y-RBH94 Wireless
Mouse
Logitech EX100 M-RCE95 Wireless
Internet Speed
3.0/1.5 Mbs
Antivirus
Microsoft Security Essentials
Browser
Microsoft Internet Explorer 11
Other Info
Antec Veris Premier-Multimedia IR Station,
Cyber Accoustics-3602 Speakers,
AFT XM-5U Card Reader,
Hauppauge TV-HVR-2250,
Sony LX300 USB Turntable
Thanks for posting this.
 

My Computer My Computer

At a glance

Win 10 Pro 64Intel Core i7 960 @3.20 GHz24.0 GB DDR3EVGA GTX 750Ti
Computer type
PC/Desktop
Computer Manufacturer/Model Number
Custom Build
OS
Win 10 Pro 64
CPU
Intel Core i7 960 @3.20 GHz
Motherboard
MSI MS7522
Memory
24.0 GB DDR3
Graphics Card(s)
EVGA GTX 750Ti
Monitor(s) Displays
LG E2341 23 Inch
Screen Resolution
1920x1080
Hard Drives
1TB Western Dgital 1002FAEX-00Y9A0
1TB Hitachi HDS721010CLA322
PSU
700 Watt
Case
Haf 912
Cooling
Fans
Keyboard
Logitech MK710
Mouse
Logitech M705
Internet Speed
Cable
Antivirus
AIS 2015 .10.0.2225
Browser
Firefox 49
Other Info
MalwareBytes Anti-Rootkit utility
Good to know, thanks ;)
 

My Computer My Computer

At a glance

Windows 7 Home Premium 64x
Computer type
Laptop
OS
Windows 7 Home Premium 64x
Another good reason to turn off SNMP.

One of the first things I do, after installing Windows, is disable the Remote Access services.

Since I don't have Wireless or Bluetooth devices, I disable the Wireless and Bluetooth services too.
 

My Computer My Computer

At a glance

W7 Ultimate SP1, LM19.2 MATE, W10 Home 1703, ...AMD Phenom II x6 1100T, 3.3 GHz12GB DDR3 1333 G-Skill (4GB x 2), G-Skill (2G...NVIDIA GeForce GTX 660
Computer type
PC/Desktop
Computer Manufacturer/Model Number
n/a
OS
W7 Ultimate SP1, LM19.2 MATE, W10 Home 1703, W10 Pro 1703 VM, #All 64 bit
CPU
AMD Phenom II x6 1100T, 3.3 GHz
Motherboard
ASUS M4A88T-M/USB3 (AM3)
Memory
12GB DDR3 1333 G-Skill (4GB x 2), G-Skill (2GB x 2)
Graphics Card(s)
NVIDIA GeForce GTX 660
Sound Card
Realtek?
Monitor(s) Displays
Samsung S23B350
Screen Resolution
1920x1080
Hard Drives
WD Green 2TB (SATA), WD Green 3TB (SATA), WD Blue 4TB (SATA), WD Blue 6TB (SATA)
PSU
Cooler Master
Case
Antec GX300 Tower
Cooling
3x Antec TRICOOL 120mm Fans
Mouse
Wired Optical
Internet Speed
DSL
Antivirus
Avast
Browser
Pale Moon (64 bit)
Other Info
2018-12-27 Upgraded HDDs
2015-12-10 Upgraded case, graphics card, storage
2015-08-15 Upgraded motherboard & RAM
2015-07-15 Upgraded LM17.1 to LM17.2
Thanks for posting, good tips Jimbo.
 

My Computer My Computer

At a glance

Windows 7 Ultimate x86, Windows 7 Professiona...AMD Athlon 7750 Dual-Core 2.70 GHz3GBNvidia
Computer type
PC/Desktop
Computer Manufacturer/Model Number
Custom Build (multiple machines)
OS
Windows 7 Ultimate x86, Windows 7 Professional x64, Windows 8 Pro x64
CPU
AMD Athlon 7750 Dual-Core 2.70 GHz
Motherboard
ECS GF8200A
Memory
3GB
Graphics Card(s)
Nvidia
Monitor(s) Displays
Asus 24''
Screen Resolution
1680x1050
Antivirus
Microsoft Security Esentials
Browser
IE, Chrome, Firefox (Primary)
Other Info
Will update a full list soon...am planning on upgrading my system later this summer anyways.
Back
Top