So this showed up.

My 2c:
Most, if not all malware infections come from:
1) Visiting smut sites
2) Visiting sites looking for keygens/cracks for illicit software/warez
 
My 2c:
Most, if not all malware infections come from:
1) Visiting smut sites
2) Visiting sites looking for keygens/cracks for illicit software/warez

#2 for sure, but how do you figure #1?
 
Currently scanning my old external.

Atm running Panda Anti Virus 2015 and anti malwarebytes.

Where as before all I ran was MSE. I just hope these are as unobtrusive as MSE.
 
Let's see ... if I was a malware developer where would I put my stuff?

In pirate games and keygens, of course!

But I don't want to give the game away and lose that infection vector, so let it count down for a few months before being activated. That way the victims will never know where it came from. And in addition it can spread via flash drives and the LAN.

Brilliant!

PROFIT

PS: there is so much malware released each day that the anti virus companies have no chance of keeping up.

Ugh, you are like the Jehovah's witness of malware.
 
Okay, the external hdd is fine. the only affected media was about 3000 pictures and word documents

it chose them at random though, it locked down picturrss and icons from games and programs that have no relevance to me and some of them had thousands of little icons already so the program wasted its time there.

pdf, mp3, mp4, amv etc all are unaffected.

i still have a bunch of pictures and word docs that were not encrypted.


overall underwhelmed by this ransomware.


meh.

In the end i got two new ssds out of it so...


whatevs
 
Well, the best option is to do a clean OS reinstallation. Sorry :(

EDIT:

Install a Linux distro (I recommend Debian 8 Testing/Ubuntu 15.04) alongside your Windows OS and use it for browsing the interwebs only! Play games/watch videos on Windows. That's it!

That's a bit overkill. Rather go virtualbox with either windows or linux on it. Then if you get any issues just restore. Plus, you don't need to reboot everytime..
 
related?

Sleeper ransomware "Locker" rises from the dead, infects hundreds of PCs
http://www.neowin.net/news/sleeper-ransomware-locker-rises-from-the-dead-infects-hundreds-of-pcs

We reported almost two years ago about the nasty little program called Cryptolocker, which holds your files hostage, and demands expensive bitcoins in exchange for the decryption key. The malware has been evolving, with a new variant caught in the wild a couple of months ago.

According to a report by KnowBe4, a similar ransomware program has recently been activated, and is now making the rounds on the internet. Named "Locker," the program was originally quiescent, but was activated on May 25th, wreaking its havoc on hundreds of computers.

How the ransomware is installed is not exactly known. However, it was reported that Windows services will apparently be used to install Locker to a victim's computer. During installation, the program will check if the system is running on a virtual machine, and then terminate if this is confirmed. Once it installs, it will start to encrypt files using 2048-bit RSA encryption, though it will not modify file extensions. It will delete shadow volume copies of the C:\ drive, to prevent restoring files from a backup, and then display its interface, asking for ransom. Locker encrypts the following file types: .doc, .docx, .xlsx, .ppt, .wmdb, .ai, .jpg, .psd, .nef, .odf, .raw, .pem, .rtf, .raf, .dbf, .header, .wmdb, .odb, and .dbf, among others.

Like Cryptolocker, it displays a message saying, "Warning any attempt to remove damage or even investigate the Locker software will lead to immediate destruction of your private key on our server!" Locker will demand 0.1 bitcoin (roughly $23), which is unusually lower than other ransoms that are sometimes as high as $500.

As of this moment, hundreds are reportedly infected, but it is not known if anyone has paid the ransom. Bleeping Computer's forums are currently flooded with posts regarding the issue, and the website has stated that the strain has a large install base, only worsening the news for those who are infected. This should be another reminder on why everyone should make sure they have backups of their data available in multiple places.

long winded forum
http://www.bleepingcomputer.com/forums/t/577246/locker-ransomware-support-topic/

then faq
http://www.bleepingcomputer.com/virus-removal/locker-ransomware-information

...this bit (?)
How do you become infected with the Locker Ransomware?

At this time the only known vector for this ransomware is the Trojan.Downloader that is installed through a cracked version of Minecraft. As some people have stated that they do not, and never had, Minecraft installed on their computer there are mostly likely other vectors that are unknown at this time. The known Minecraft related Trojans are:
 
Last edited:
Top
Sign up to the MyBroadband newsletter
X