Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

madiant virus


  • This topic is locked This topic is locked
10 replies to this topic

#1 boomer99

boomer99

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:10:05 AM

Posted 13 July 2013 - 01:42 PM

Has anyone heard of madiant virus and how to get rid of it


Edited by hamluis, 13 July 2013 - 01:59 PM.
Moved from Win 7 to Am I Infected - Hamluis.


BC AdBot (Login to Remove)

 


#2 noknojon

noknojon

  • Banned
  • 10,871 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:07:05 PM

Posted 13 July 2013 - 04:26 PM

A blog post by > > Symantec said hackers used the report as "bait", embedding a malware called, Trojan.Pidief, into fake reports which displayed a blank PDF document when opened. Unbeknownst to users, the tainted report would trigger the exploit code for Adobe Acrobat and Reader Remote Code Execution Vulnerability.
Trojan.Pidief seems to be the infection included in a PDF / email -
Norton / Symantec seems to be the company that has picked this infection up, as per their report.

ESET-NOD32 identifies it as JS/Exploit.Pdfka.PPK , a Java Exploit infection, or Win32/AutoRun.FakeAlert.DU

If you have been infected, please run this Online Scanner .....
This is best performed with Internet Explorer, however directions are also left for other browsers.
Scan your machine with ESET OnlineScan
1.Hold down Control and click HERE to open ESET OnlineScan in a new window.
2.Click the ESET Online Scanner button.
3.NOTE :.For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)

- 1.Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
- 2.Double click on the ESET Online Scanner icon on your desktop.

4.Check "YES, I accept the Terms of Use."
5.Click the Start button.
6.Accept any security warnings from your browser.
7.Under scan settings, check "Scan Archives" and "Remove found threats"
8.Click Advanced settings and select the following:
Scan potentially unwanted applications
Scan for potentially unsafe applications
Enable Anti-Stealth technology

9.ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this will take quite some time to download the program for a first time, and then download updated data base (1 to 2 hours is not unusual)
10.When the scan completes, click List Threats
11.Click Export, and save the file to your desktop using a unique name, such as ESETScan.
- Include the contents of this report in your next reply.
12.Click the Back button.
13.Click the Finish button
 

 

Thank You -



#3 boomer99

boomer99
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:10:05 AM

Posted 13 July 2013 - 07:13 PM

The problem is that when going into windows it prodocues a screen and does not let me do anything. The only way I can boot is in the safe mode to a command prompt



#4 noknojon

noknojon

  • Banned
  • 10,871 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:07:05 PM

Posted 13 July 2013 - 07:29 PM

A quick question. Do you have a USB Flash Drive to transfer any programs ??

 

Thanks -



#5 boomer99

boomer99
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:10:05 AM

Posted 13 July 2013 - 07:41 PM

yes, I actually tried to use it to run hitmanpro



#6 noknojon

noknojon

  • Banned
  • 10,871 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:07:05 PM

Posted 13 July 2013 - 07:49 PM

Sorry but due to the type of infection, and lack of booting please follow these directions for better help.

As this seems to be unable to start in any other method, please post to the Experts area for more help -

 

Please follow the instructions in ==>This Guide<== starting at Step #6.  If you cannot complete a step, skip it and continue.

Once the proper logs are created, then make a NEW TOPIC and post it ==>HERE<==


Please include a description of your computer issues, what you have done to resolve them, and a link to this topic.

If you can produce at least some of the logs, then please create the new topic and explain what happens when you try to create the log(s) that you couldn't get.

 

If you cannot produce any of the logs, then still post the topic and explain that you followed the Prep. Guide, were unable to create the logs, and describe what happens when you try to create the logs.

 

NOTE : Please Copy / Paste all logs requested, and do not use Attach unless specifically asked -


Good luck and be very patient, as the area can get very busy.

 

If HelpBot replies to your topic, PLEASE follow Step One so it will report your topic to the team members.

 

 

Thank You -



#7 boomer99

boomer99
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:10:05 AM

Posted 13 July 2013 - 07:58 PM

the problem is I cannot get on the internet with the infected computer so I cannot paste anything.



is there any anti virus I can run from a flash drive that will work?



#8 noknojon

noknojon

  • Banned
  • 10,871 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:07:05 PM

Posted 13 July 2013 - 08:22 PM

Hi -

This is why I put forward the idea to post to the Experts area, as they know the ones that will run from a USB drive.

Once it gets to a computer that needs this special care, only they will give the correct instructions.

 

If the problem computer is as bad as your post, they are the ones that know all the tricks and fixes -

 

This area level (and my level) is not to perform these fixes, but to refer you on to those experts who do this work.

I asked if you had a USB drive, as you will need this to install the repairs they will give you.

 

We have confirmed that the computer is Very Badly infected, so you are being asked to post to the people that will help you.

 

Sorry if I gave you any other impression, but this is regarded as standard (and safest) procedure for you to follow.

 

Make the post with your working computer, click Watch This Topic, and they will get back as soon as they can -

 

Thank You -



#9 boomer99

boomer99
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:10:05 AM

Posted 13 July 2013 - 08:25 PM

Thanks. I ran the dds and copied it to a new post as instructed. Thanks again.

#10 noknojon

noknojon

  • Banned
  • 10,871 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:07:05 PM

Posted 13 July 2013 - 08:30 PM

Good Luck -

I will have this post locked now that you have started the new topic -



#11 bloopie

bloopie

    Bleepin' Sith Turner


  • Malware Response Team
  • 7,927 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:New York
  • Local time:05:05 AM

Posted 13 July 2013 - 09:17 PM

Now that your logs have been properly posted here: http://www.bleepingcomputer.com/forums/t/501013/computer-infected-with-ransomware/#entry3103304

 

I'm closing this topic to avoid confusion. Good luck!

 

bloopie






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users