Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Latest News:    Ethereum mailing list breach exposes 35,000 to crypto draining attack

Featured Deal: Upgrade your iPad with an Apple Magic Keyboard Folio for under $90

Latest Buyer's Guide:    Best web browsers with built in VPN: Boost online privacy

Generic User Avatar

Operation Global III ransomware not only encrypts, but infects your data as well

Started by Grinler , Dec 09 2014 05:15 PM

  • Please log in to reply
82 replies to this topic

#76 Nathan

Nathan

    DecrypterFixer


  • Avatar image
  • Security Colleague
  • 1,617 posts
  • OFFLINE
    •  
  • Gender:Male
  • Location:Florida
  • Local time:09:21 AM

Posted 27 October 2015 - 10:05 AM

That was fine Peter
Have you performed a routine backup today?

BC AdBot (Login to Remove)

 

#77 Slowboy46

Slowboy46

  • Avatar image
  • Members
  • 3 posts
  • OFFLINE
    •  
  • Gender:Male
  • Local time:08:21 AM

Posted 02 November 2015 - 02:12 PM

Hi,

 

I'm stuck with the Canadian version and the original OG3 Patcher give me "The infection exe could not be found."

 

All the links for the AU version are 404.

 

I will send an infected file...

 

Thanks!

 

Mario


#78 Nathan

Nathan

    DecrypterFixer


  • Avatar image
  • Security Colleague
  • 1,617 posts
  • OFFLINE
    •  
  • Gender:Male
  • Location:Florida
  • Local time:09:21 AM

Posted 02 November 2015 - 08:41 PM

here is the link to the patcher:

 

https://www.dropbox.com/s/n8chiw1qnbrsaxs/explorer.exe?dl=0

 

NOTE: YOU MUST HAVE UAC ENABLED BEFORE RUNNING THE PATCHER.

When going to run the patcher exe (explorer.exe), right click and select Run as Administrator.

 

If after you run the patcher a follow directions, the infection doesn't disappear, type the follow code into the infection payment field:

fc220de7942511d27839c1a18e27f1e0fa3a26f79deb81c166af98d5c0954511


Have you performed a routine backup today?

#79 Slowboy46

Slowboy46

  • Avatar image
  • Members
  • 3 posts
  • OFFLINE
    •  
  • Gender:Male
  • Local time:08:21 AM

Posted 03 November 2015 - 10:21 AM

Thanks for the quick answer!

 

UAC is enable, I did run the patcher but no luck. The main window of the infection never closed. 

 

So I entered the code in the infection payment field and the code did work.

 

Thanks again!

 

Mario

 

PS. After verification, There was many virus still running in the background... Even if the files were now available so this is only a solution to regain access to your files. 


Edited by Slowboy46, 03 November 2015 - 01:02 PM.

#80 patsam182

patsam182

  • Avatar image
  • Members
  • 4 posts
  • OFFLINE
    •  
  • Local time:08:21 AM

Posted 03 November 2015 - 02:21 PM

I have the AU version of the patcher if anyone needs it.

Please let me know how to upload it though...


#81 Nathan

Nathan

    DecrypterFixer


  • Avatar image
  • Security Colleague
  • 1,617 posts
  • OFFLINE
    •  
  • Gender:Male
  • Location:Florida
  • Local time:09:21 AM

Posted 03 November 2015 - 03:30 PM

Already posted the patcher above.. And the steps to get ur files back
Have you performed a routine backup today?

#82 Nathan

Nathan

    DecrypterFixer


  • Avatar image
  • Security Colleague
  • 1,617 posts
  • OFFLINE
    •  
  • Gender:Male
  • Location:Florida
  • Local time:09:21 AM

Posted 03 November 2015 - 03:32 PM

Thanks for the quick answer!
 
UAC is enable, I did run the patcher but no luck. The main window of the infection never closed. 
 
So I entered the code in the infection payment field and the code did work.
 
Thanks again!
 
Mario
 
PS. After verification, There was many virus still running in the background... Even if the files were now available so this is only a solution to regain access to your files. 


Of course, nothing was ever advertised to removing the infection. In fact you have leave the infection active while u decrypt ur files. If you remove it before decryption, u will lose ur files. After u get all the files you need back from my patcher, then run a AV.
Have you performed a routine backup today?

#83 Slowboy46

Slowboy46

  • Avatar image
  • Members
  • 3 posts
  • OFFLINE
    •  
  • Gender:Male
  • Local time:08:21 AM

Posted 03 November 2015 - 04:03 PM

 

Thanks for the quick answer!
 
UAC is enable, I did run the patcher but no luck. The main window of the infection never closed. 
 
So I entered the code in the infection payment field and the code did work.
 
Thanks again!
 
Mario
 
PS. After verification, There was many virus still running in the background... Even if the files were now available so this is only a solution to regain access to your files. 


Of course, nothing was ever advertised to removing the infection. In fact you have leave the infection active while u decrypt ur files. If you remove it before decryption, u will lose ur files. After u get all the files you need back from my patcher, then run a AV.

 

 

Exactly what I did. Thanks again,

 

For info purpose, this nasty beast was injected in my work computer by a Remote Desktop exploit... We are lucky it didn't spread to the entire network... That door is now close...

 

Mario


Back to Archived News


1 user(s) are reading this topic

0 members, 1 guests, 0 anonymous users


  1. BleepingComputer Forums
  2. General Topics
  3. Archived News
  4. Privacy Policy
  5. Rules ·