New Virus this week - Nasty Nasty Critter!

TechLarry

RIP [H] Brother - June 1, 2022
Joined
Aug 9, 2005
Messages
30,481
There appears to be a new Virus floating around that started up this weekend.

Instead of trying to get money from people, this one is set to seek and destroy, and appears to do as much damage as possible to a users computer.

It hides literally every file on the computer, both executable and data file. It causes the system to report bogus hard drive failure and controller failures. After 5-10 minutes, the system reboots itself.

Anyone know what this thing is, what it's called, and if any Virus company has come up with a stand-alone fix for it?
 
Its bad to say but..... SWEET!

Things like this make my phone ring. Hopefull I get a crack at it this week/weekend.
 
Its bad to say but..... SWEET!

Things like this make my phone ring. Hopefull I get a crack at it this week/weekend.

you in it for the challenge, or the money, or both?
I'm in it for the lolz myself. "I'm infected...i didnt do anything it just installed itself.....no i dont look at porn" yeah sure whatever.
 
It's not new. I have had these coming in for a couple weeks now. No better or worse than any of the other flavors that have been floating around. Combofix takes care of most of it without breaking a sweat, but it does take a little longer than some of the others, because it has to unhide the files.
 
you in it for the challenge, or the money, or both?
I'm in it for the lolz myself. "I'm infected...i didnt do anything it just installed itself.....no i dont look at porn" yeah sure whatever.

Mostly for the money. Side business has been slow after I graduated, stopped working for a big retailer where 200 people knew I do these types of thing, and found a real job. However theres 4 or 5 people who still have my number on speed dial. Its funny how all the calls come in at the same time within a few days of each other.
 
There appears to be a new Virus floating around that started up this weekend.

Instead of trying to get money from people, this one is set to seek and destroy, and appears to do as much damage as possible to a users computer.

It hides literally every file on the computer, both executable and data file. It causes the system to report bogus hard drive failure and controller failures. After 5-10 minutes, the system reboots itself.

Anyone know what this thing is, what it's called, and if any Virus company has come up with a stand-alone fix for it?

I had one a couple weeks ago that literally locked up a users PC, so we did a cold reboot. Upon reboot, windows wouldn't even load. I bet it only took 5 minutes from infection to lock-up. Crazy quick. I still don't know what it was. I ended up formatting & starting over.


 
I had one a couple weeks ago that literally locked up a users PC, so we did a cold reboot. Upon reboot, windows wouldn't even load. I bet it only took 5 minutes from infection to lock-up. Crazy quick. I still don't know what it was. I ended up formatting & starting over.


with how viruses are these days, that is the only method we use at the place i work because of the volume of people we deal with, anything else is too time consuiming
 
Oh great, my phone is probably going to start ringing again. Hopefully it's people I've dealt with before since I probably already have a restore image ready for their PC. I don't waste much time anymore with these calls and I charge an arm and a leg. So far I have to say it has slightly cut down on the number of calls. :D Not worth my time, when it's what I do all day.
 
Seen this one a few times over the past month or so....but nothing in the past week. Oddly enough, after seeing this thread last night, just got a call this morning from a client that picked it up on his laptop. His is failing to boot back into Winders again also. Rolling up my sleeves and diving into it again today...
 
I've dealt with two recent infections that were almost identical in their effects (hiding files, warnings, etc.). Thankfully both were fairly benign and nothing like this. Remedial user training (i.e. smack upside the head) was in order.
 
It's not new. I have had these coming in for a couple weeks now. No better or worse than any of the other flavors that have been floating around. Combofix takes care of most of it without breaking a sweat, but it does take a little longer than some of the others, because it has to unhide the files.

Are you saying ComboFix will repair this one all by itself? No need to manually unhide all the files ?
 
with how viruses are these days, that is the only method we use at the place i work because of the volume of people we deal with, anything else is too time consuiming

I know the feeling. It pisses me off, but I fully understand it. I have to resort to the same thing. Especially when it's a ship-in of the computer from some dark corner of the earth. You must be able to say without a doubt it's clean, and there's really only one way to guarantee that.
 
I work at a university and luckily we have a site license for Win7 Enterprise so when we get virus's that are anything more than just the fake AV's I just wipe the machine. Saves so much time and usually everyone is happy because their machine is running so much better.
 
Nowadays most enterprise machines are swapped out and re-imaged if issues arise. AV software helps cut down on the amount of machines you have to swap out and helps prevent virii spreading from your network.
 
I dealt with this last week. There is a piece of software out there that you can run to automatically unhide everything that is not supposed to be hidden. I also found a lot of malware on the system with MB, which took care of the 'hard disk failure' error. It also disables right clicking the desktop (but taskbar or folders works OK). I haven't found a fix for that yet.
 
Are you saying ComboFix will repair this one all by itself? No need to manually unhide all the files ?

The newer versions have been unhiding the files for me, but it took them a little bit to catch up. I wouldn't say that means that combofix will take care of it 'all by itself', because I always run scans with at least 2 other utilities before I declare it clean.

As for re-imaging machines, I agree. For business customers with multiple machines and data stored on a server, this is what I do, too. It takes too much time and is too uncertain to just clean them. For home customers, though, backing up and formatting takes just as long, and they always call back wondering where 'x' program is, or why 'y' looks different, etc. They are far happier just have things the way they were.
 
Home users: Wipe machine, build it up, clonezilla image for 60 days before I get rid of it. Businesses I keep the image longer, 1-2 years.

Makes it so much sweeter when the business calls with 2-3 machines [same hardware] that need wiping. Easy money.

I need to look at the WDS though, prob would speed things up even more for me.
 
Back
Top