Ransomware is about to get a lot worse

The product was unknown to me, and that's exactly why I started a thread asking for others' opinions about it.
The product's official site was in Russian, so I posted a link going to a download site in English.
However, I just found that the official site can be changed to English.

Borg 386 said:

you would have to boot into the command line (provided it hasn't blocked that) & format the drive

On another forum, someone asked me the following question:
'Isn't it possible to boot it from a USB installer and then repair the master boot record?'

Can anyone answer it?

Matthew

They may have been referring to 'fixmbr' & other CMD MBR-repair tools that can be accessed from a Windows Install media (USB, CD).

Here's some info about it: Restore, Fix, Repair Master Boot Record (MBR) in Windows

I already knew about Bootrec.exe long ago, but the problem is whether it can repair a master boot record modified by ransomware.

How about the /fixboot parameter within bootrec? I believe it writes a new MBR which would replace the infected MBR.

Hi there

TOTAL SCAREWARE

as I've said Many times - almost to the point of AD NAUSEAM

1) Immediately SWITCH off computer -- don't even power down via the power off control panel --simply unplug and if using a laptop keep power off switch held until computer powers off.

2) Restore from CLEAN backup.

Job done.

Don't be bullied into buying a load of "Bovine Scatology" from some of these 3rd party A/V vendors who are making a last ditch attempt to part you from your money.

Optionally if you are MEGA paranoid you can re-format HDD before restore -- or even Hard erase with those programs that write Hex '00' to every sector on HDD.

Things like Macrium have FREE bootable restore programs and there are a load of other (free) bootable programs that can format / secure erase / re-partition HDD's.

I really can't see ANY need to use anything other than the standard Windows Defender PLUS HUMAN BRAIN

SCAMS usually can't be defended by Software anyway - and NEVER EVER be lulled into a false sense of security because you've installed some A/V software that "Says 100% secure".

All those using this pile of CRUD -- can you name a SINGLE High security Prison that NO ONE has ever escaped from. (OK people might get recaptured later - but that's a different argument).

Cheers
jimbo

Voyager 1 said:

How about the /fixboot parameter within bootrec? I believe it writes a new MBR which would replace the infected MBR.

I hope this belief is true, so that things will be easier for victims.

jimbo45 said:

1) Immediately SWITCH off computer

The infection might have already finished before a user notices it and does the above.

jimbo45 said:

I really can't see ANY need to use anything other than the standard Windows Defender PLUS HUMAN BRAIN

Some idiots having no brains like me do need something else.

Matthew Wai said:

I hope this belief is true, so that things will be easier for victims.

The infection might have already finished before a user notices it and does the above.

Some idiots having no brains like me do need something else.

Hi there

THAT'S the whole point of booting a secure erase program from an external device to format the HDD's and then restore your backups.

If you don't take backups - then ask yourself - should I really be using a computer. And take and check backups REGULARLY - don't do the job once and think its all over.

It's a bit like a car driver saying why do I need a mirror - who cares what's behind me as I'm in front !!!.

Cheers
jimbo

Borg 386 said:

we're likely to see more variants of this type of ransomware, which is designed to modify the infected computer's Master Boot Record

Is switching to UEFI a solution?
'On an MBR disk, the partitioning and boot data is stored in one place. If this data is overwritten or corrupted, you’re in trouble. In contrast, GPT stores multiple copies of this data across the disk, so it’s much more robust and can recover if the data is corrupted.'──quoted from What’s the Difference Between GPT and MBR When Partitioning a Drive?