Segurazo Antivirus!!!!!

[DVDR_Dog]

This has to be one of the most pain in the ass programs I ever remember dealing with. For some reason it also installs TAP with it, a VPN? It has taken over any system the a user has brought in. Add/remove doesn't work, Revo doesn't work even in hunter mode. CC doesn't even see it. It really is more persistent than most virus I encounter. Doesn't start up through the registry but it there none the less. I have Malwarebytes on the job now we shall see. Next step is major registry surgery. Probably should just reload but I love the challenge and don't feel like moving all the customer's stuff to a new install.

Update: This one is pure evil. I chatted with someone from Malwarebytes earlier and I am not sure they are aware of how bad this is yet. TAP must be it's own way of calling home without your knowledge. Looks like there may be another tagalong with it. Hotspot or Hotpoint something. It's bad. Usually when you look at an infection there are always some telltales and commonalities. Not seeing it. Took the night off from it. The other 2 infected systems that showed up today I and their owners could care less what happens to them as long as they can play on-line games (Senior citizens. I work with a man and we get systems in the hands of seniors. Community work. I'm not a bad dog. Not intended for playing games but they figure that out quickly enough). I did mention to the Malwarebytes rep that if variants start showing up it could be a long Fall and Winter.

 

[ThumperTM]

Thanks for share!

 

[DVDR_Dog]

UPDATE 9-18-2019
Well who knows? Did my chat with the Malwarebytes rep have an impact? After today's update MWB picks up 1209 pieces of nasty related to this infection during a scan. Things it didn't know were there yesterday. That's why us old folks always have Malwarebytes as a fall back. It rarely lets you down. Well the reports aren't in on this one but it may be calling home stealing who knows what using a VPN. Of course the users I asked have no idea where it came from. Stay tuned. The real nerds have yet to be heard from.

 

[DVDR_Dog]

Another update:
If you are infected with this one or are working on a system that is wipe it out and perform a low level format. I have been trying to save an infected system all week. Each day MWB comes up with yet another list of bad stuff and this system other than MWB updates isn't crusin' the web. This is a very nasty infection and who the heck knows what it's up to esp. since it installs a VPN on the way in.
Malwarebytes forum wants you to use it in safe mode now. Unfortunately it has now disabled MWB from starting in safe mode.

 

[DVDR_Dog]

VICTORY IS MINE!!!!!!
This virus had to be written by someone that has worked or has close knowledge of the security industry. The person or group that crafted this were beyond clever. They knew every conventional way that you would approach this and it didn't really stop you so you thought "Oh it's gone". Nope. It cleverly places things all over the hard drive and not only that it may call home and morph. Getting it gone was a matter of watching waiting and being as clever as you can. Brute force works on part of it and cripples it but doesn't kill. I found big pieces hiding in Chrome which may have been the original vector. So yeah the second part is hunting down the rest of it. It doesn't solely rely on the registry either. It's a real pain and not a battle like most. You have to massage the final bits out.

So I go back to what I originally said. Wipe the system clean and start again. This wasn't worth the blood sweat and tears. Besides I think it was trying to send private info back home maybe with the VPN it installed. This system had nothing to tell so I didn't mind exposing it.

 

[DVDR_Dog]

Wow this virus has come and gone. Was this a Beta of a framework being tested for sale or lease later on? I doubt with the amount of work that went into writing this piece from hell that we have heard the last of it.

 

[Real Richkid Gh]

Hi can i get a crack code for adobe photoshop 2019?