Free Republic
Browse · Search
General/Chat
Topics · Post Article

Skip to comments.

New (Windows) ransomware strain coded entirely in Javascript
BBC ^ | June 20, 2016

Posted on 06/20/2016 7:31:04 PM PDT by Swordmaker

click here to read article


Navigation: use the links below to view more comments.
first previous 1-2021-4041-47 last
To: Swordmaker

Hats off for the tip!


41 posted on 06/21/2016 2:06:28 PM PDT by Mr Radical
[ Post Reply | Private Reply | To 1 | View Replies]

To: Company Man
Can one of you expand on the Bleeping Computer article on what to include, to stop Windows Scripting Host from executing?

I added a DWORD key “Enabled” but that just doesn't look right.

Plus I am on Win 10 64-bit. Do I need to add a QWORD entry?

42 posted on 06/21/2016 8:19:22 PM PDT by texas booster (Join FreeRepublic's Folding@Home team (Team # 36120) Cure Alzheimer's!)
[ Post Reply | Private Reply | To 20 | View Replies]

To: texas booster
I am using Win10 64bit also. The article is a little unclear, but you want to create a registry value called Enabled in the Settings key, not a new key. In other words the value (a Dword, as the article states) will appear in the right hand pane of regedit when the Settings key is selected in the left pane. It defaults to a value of zero, so nothing to do there.

Search your system for .js files, or create a dummy using notepad (making sure it doesn't have .txt appended to the .js extension). I found a ton of .js files related to a game I have installed. Double-click the file and you should see the exact error shown in the article. I'm assuming you have restarted the computer since creating this DWORD value.

43 posted on 06/21/2016 8:36:07 PM PDT by Company Man (Keep on Trumpin')
[ Post Reply | Private Reply | To 42 | View Replies]

To: Swordmaker

Does anyone know what could be causing my problem with my computer. It still has 7.

On the 13th around 2-3pm central time when I was out of the room, I came back to a black screen but the computer was still on. I hit the keyboard a few times and it came back up but something had opened Windows mail and live and was doing a search of my files. I turned off the internet and closed them all out but the screen kept going black and it kept opening searches. I finally deleted the Mail and Live which I don’t use anyways but I still have it trying the searches. I have the internet unplugged.

I have run several cleaners and virus scans.
Today I was running AVG and it did the blackout a few times and then it was trying to delete AVG. I turned off the computer as soon as I could.

I ended up pinning the Task manager and a few of the others because it often does it several times in a row and even locks and messes with the password entry. I sometimes didn’t even have time to start looking at the tasks or start a scan.

Some of the searches have 0,i6* ect in many combinations.

It also does this in safe mode.
For a while I couldn’t type in msconfig because it wouldn’t let me type i and it would go black for a few seconds and back to opening the search.

Nothing I have done has lasted for more than a few hours.


44 posted on 06/22/2016 12:20:52 AM PDT by CARDINALRULES (Tough times never last -Tough people do. DK57 --RIP 6-22-02)
[ Post Reply | Private Reply | To 1 | View Replies]

To: CARDINALRULES; dayglored
Does anyone know what could be causing my problem with my computer. It still has 7.

Sounds like you have a root kit malware installed. It will work even in Safe Mode, unfortunately.

Check out this youtube for instructions on how to remove a RootKit from your Windows 7

It has instructions from Kaspersky's and links you to a remover. I hope this helps.

45 posted on 06/22/2016 9:43:00 AM PDT by Swordmaker (This tag line is a Microsoft insult free zone... but if the insults to Mac users continue..)
[ Post Reply | Private Reply | To 44 | View Replies]

To: Swordmaker; CARDINALRULES

What he (Swordmaker) said. Yep.


46 posted on 06/22/2016 9:49:55 AM PDT by dayglored ("Listen. Strange women lying in ponds distributing swords is no basis for a system of government.")
[ Post Reply | Private Reply | To 45 | View Replies]

To: Swordmaker

Thanks, I will give that a try tonight.

Today I turned on the computer and it of course was happening again but I had looked up some of the things running that I did not recognize from being on the list in the past few weeks. One of them was WUDFHOST which is supposed to be running but not supposed to show on the task manager.
I turned it off for now and it seems to be at least part of the problem. Running some scans and then will see after I restart. Been on for over 4 hours without a problem since I made the changes. Still not connected to internet.

I do think the problem is bigger so I won’t stop looking until I am positive it is clean.

Now I am also making sure this XP netbook is up to date on the scanners and such.

I always used to be very proactive making sure everything was updated and ran at least once every week, but I have really let some things go too long for the past year.


47 posted on 06/22/2016 2:51:24 PM PDT by CARDINALRULES (Tough times never last -Tough people do. DK57 --RIP 6-22-02)
[ Post Reply | Private Reply | To 45 | View Replies]


Navigation: use the links below to view more comments.
first previous 1-2021-4041-47 last

Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.

Free Republic
Browse · Search
General/Chat
Topics · Post Article

FreeRepublic, LLC, PO BOX 9771, FRESNO, CA 93794
FreeRepublic.com is powered by software copyright 2000-2008 John Robinson