system
January 21, 2016, 3:22pm
1
Hi,
One of my users got his PC infected with a ransomware that encrypted his files and ask for 0.5BTC (keybtc@inbox.com )
I am currently scanning with “Malwarebytes” but I am wondering : why Avast did not find it ???
Resident shield protection is active and a virus scan found nothing
Best regards,
I am currently scanning with "Malwarebytes" but I am wondering : why Avast did not find it
[b]NO[/b] security program have 100% detection or zero false positives
the malware world is not static, bad guys constantly update, modify, create new versions to avoid detection
This what AV vendors try to block/detect evry day https://www.av-test.org/en/statistics/malware/
One of my users got his PC infected with a ransomware that encrypted his files and ask for 0.5BTC (keybtc@inbox.com)
We can assist in removing it here if you want, but the files are gone ... unless you pay
system
January 21, 2016, 4:00pm
3
I am puzzled right now, Malwarebytes, Spyhunter cannot them it as well …
Is it possible the script erases itself after encrypting the files ?
Thanks
Is it possible the script erases itself after encrypting the files ?
That is possible, there are malware that does that, or it is a very new version that few detect
do you want help removing it?
system
January 21, 2016, 4:03pm
5
I found the originating script file … can I send it to avast for inspection ?
yes, try here https://support.avast.com/support/tickets/new?form=3
you may also upload the file to www.virustotal.com and test it, if scanned before, click rescan for a fresh result
Post link to scan result here
seems to be very new First submission 2016-01-21 16:08:36 UTC ( 2 minutes ago )
and it is a java script, so Malwarebytes will never detect it as it dont target script files