Nasty virus
Posted: Thu Sep 24, 2015 8:10 pm
This was a right b@lls up and the result of a collection of unusual circumstances but.....
Our e-commerce software was having trouble uploading to the web space so we had to consult with the e-commerce providers for solutions. Firstly they are in Australia so communications were totally out of sync meaning a days wait between Q&As. Anyhow, one of the suggestions from them was that our AV software might be stopping the site uploading so 'can you disable it and check'?
Sadly, Mrs k_e did the disabling - and in her mind, disabling means REMOVING IT FROM THE PC COMPLETELY
Doesn't help when she leaves her email program running............
In the subsequent two hours before I realised what she'd done we got a virus known as 'decrypt'. It trawls your hard disk and encrypts (256-bit) all Microsoft documents, text files, PDFs and jpgs......
Of course, to resolve the matter you have to pay some scum bag for the decrypt key........as if. No way hozay (Jose).
I found the virus before it could go past the C: drive but it had right royally screwed the whole system up. Close down the service, delete the program, search the registry and delete the entries associated with it, re-install AV, Malware detection etc, all run, all clean but I'm still not happy so.....
Spent the last two days reformatting, re-installing (XP, believe it or not, can't use any other due to incompatibility with the version of Quickbooks we're using and the new Quickbooks would cost us £600+
) Fxck that for a lark.
Getting XP to re-install, SP3, updates, standard software packages, drivers (the video was particularly poxy to install and get working - about twenty restarts to black screens was getting a bit trying after a while
)
Anyway, today we're back to square one..... FINALLY. The only saving grace awas that the virus didn't encrypt programs or file extensions outside the common ones so our financial package database was untouched - phew.
I'd happily set a nuke under the tw@ts that distributed that virus. It's the first time in over 8 years we've had a virus and the last one we got was a 'joke' one (green men falling down the screen) but, by christ, it was a git.....
Beware.
Don't let the missus do ANYTHING on your PC........
Our e-commerce software was having trouble uploading to the web space so we had to consult with the e-commerce providers for solutions. Firstly they are in Australia so communications were totally out of sync meaning a days wait between Q&As. Anyhow, one of the suggestions from them was that our AV software might be stopping the site uploading so 'can you disable it and check'?
Sadly, Mrs k_e did the disabling - and in her mind, disabling means REMOVING IT FROM THE PC COMPLETELY

In the subsequent two hours before I realised what she'd done we got a virus known as 'decrypt'. It trawls your hard disk and encrypts (256-bit) all Microsoft documents, text files, PDFs and jpgs......

I found the virus before it could go past the C: drive but it had right royally screwed the whole system up. Close down the service, delete the program, search the registry and delete the entries associated with it, re-install AV, Malware detection etc, all run, all clean but I'm still not happy so.....
Spent the last two days reformatting, re-installing (XP, believe it or not, can't use any other due to incompatibility with the version of Quickbooks we're using and the new Quickbooks would cost us £600+

Getting XP to re-install, SP3, updates, standard software packages, drivers (the video was particularly poxy to install and get working - about twenty restarts to black screens was getting a bit trying after a while

Anyway, today we're back to square one..... FINALLY. The only saving grace awas that the virus didn't encrypt programs or file extensions outside the common ones so our financial package database was untouched - phew.
I'd happily set a nuke under the tw@ts that distributed that virus. It's the first time in over 8 years we've had a virus and the last one we got was a 'joke' one (green men falling down the screen) but, by christ, it was a git.....
Beware.
Don't let the missus do ANYTHING on your PC........