• Gesamte Community
    • Gesamte Community
    • Foren
    • Ideen
    • Blogs
Erweitert

Nicht was Sie suchen? Die Experten fragen!

Danksagungen0

Hey! What are you waiting for, Norton Security?!

Got this Ransom:Win32/Urausy.C > just tried to right click that VirusShare.exe > got this "Not Responding" - somehow, this does not make any sense at all! Worse, 100% cpu!

Then: What are you waiting for, Norton Security?!

Description:
  A problem caused this program to stop interacting with Windows.

Problem signature:
  Problem Event Name:    AppHangB1
  Application Name:    explorer.exe
  Application Version:    6.1.7601.17514
  Application Timestamp:    4ce7a144
  Hang Signature:    f1c5
  Hang Type:    0
  OS Version:    6.1.7601.2.1.0.256.1
  Locale ID:    1033
  Additional Hang Signature 1:    f1c5a50fb80eeca3afe8fd96f23d1b63
  Additional Hang Signature 2:    2d74
  Additional Hang Signature 3:    2d74c95376e4ebabc7dac46a74b6ede2
  Additional Hang Signature 4:    f1c5
  Additional Hang Signature 5:    f1c5a50fb80eeca3afe8fd96f23d1b63
  Additional Hang Signature 6:    2d74
  Additional Hang Signature 7:    2d74c95376e4ebabc7dac46a74b6ede2

Read our privacy statement online:
  http:// go.microsoft.com /fwlink/?linkid=104288&clcid=0x0409

If the online privacy statement is not available, please read our privacy statement offline:
  C:\Windows\system32\en-US\erofflps.txt
 

PUP Hunter PRO: Just TRYING to save the world (U) from cyber threats, A single blog post, at a time, and ONCE & FOR ALL. (A fan of Nadia_Kovacs)

Antworten

Danksagungen0

Re: Hey! What are you waiting for, Norton Security?!

So you are doing a right click scan to see if Norton can detect it? Your malware testing correct? 

Danksagungen0

Re: Hey! What are you waiting for, Norton Security?!

Update & explanations:

1) I just extracted the said sample on Win10 (VM; build version = 10.0.10240 Build 10240; Enterprise) right now > Windows Defender (default settings: Real-time & Cloud-based Protection) quarantined that file in no time.Now that, that sample has been flagged as Trojan:Win32/Spursint.A!cl, according to Windows Defender log. The sample was known as Ransom:Win32/Urausy.C.

Yet, the Date makes no sense. Somehow, I don't care about that.

2. I can still reproduce the issue at the time of commenting:

  • I tried to right click that VirusShare.exe, then the whole folder & OS (Win7) became irresponsible - I can move the mouse only. 
  • And then I tried to shut down the file folder that contained the sample - CPU rate was high - then explorer.exe crashed.

Apologies for any confusion. Plz PM me if you need a video record.

PUP Hunter PRO: Just TRYING to save the world (U) from cyber threats, A single blog post, at a time, and ONCE & FOR ALL. (A fan of Nadia_Kovacs)

This thread is closed from further comment. Please visit the forum to start a new thread.