Jump to content

Can Kaspersky Total Security detect and recover .hoop malware?


Recommended Posts

Ari Setya Negara
Posted

Just yesterday, i got my hard disk infected with .hoop malware… All my files have .hoop extension… The malware only take hours to infect all 1TB data… I try to scan with KIS but no threat detected… Then i try with KTS on infected SD card but got the same result… Please find solution to this malware… thanks before... 

 

My KIS is 2020 version and my KTS (got an upgrade) is version 2021...

Posted

@Ari Setya Negara Welcome.
 

Please check this :

https://noransom.kaspersky.com/  (*)

https://support.kaspersky.com/us/14844 

https://www.kaspersky.com/blog/no-no-ransom/13364/ 

https://www.nomoreransom.org/en/decryption-tools.html

https://id-ransomware.malwarehunterteam.com/ 


(*) “Ask for the tech support (only for Kaspersky’s paid products customers)”

 

Also, in a lot of cases files can't be decrypted without the private key that is only known by the attacker.

Posted

Thanks for advice Berny. I went through them all and no solution. It appears I have an online ID. Will it help others if I pay the criminals and get the password?

 

Ive tried Emisoft and PhotoRec so far. No dice..

Posted

Hi @KoelMeester

Will it help others if I pay the criminals and get the password?

It will not, regretfully. 

If you are a licensed customer, you can send a couple of files to support to check if decription is possible. 

Posted

Hi @KoelMeester

Will it help others if I pay the criminals and get the password?

It will not, regretfully. 

If you are a licensed customer, you can send a couple of files to support to check if decription is possible. 


Hi Igor. Thanks for the response. Your notification email ended up in my spam folder for some reason. Not sure why Yahoo would do this.

 

I'm currently on a trail license but used Kaspersky for many years on other systems. Will definitely get it again.

 

Right now I’m more concerned why security center and security services isn't working on my PC? The virus disabled it all and I cant get it to function properly. All the files were repaired through scans and reported working but the interface still seems corrupted. When I open Update & Security > Windows security on the left panel > Open Windows Security I get an empty “security at a glance” window. I believe this UI got corrupted and the system isn't looking for this particular file.

Security at a glance empty

In the services interface I cant find Security Center or Security Services running. Are these turned of by Kaspersky? Why arent they showing?

Security Center gone

I’ve searched for many hours online and nothing seems to get “security at a glance” back or the security services. Have no idea what is normal after Kaspersky intervened. I am also concerned that malware are still accessing my PC through firewall.

I isolated the virus on a memory stick before I disinfected my PC and all the files they installed was about 1GB. They used my GPU to encrypt my files and when I saw my GPU at 100% usage in the task manager I continually reset the drivers to confuse their malicious operations until Kaspersky removed the last part of the Virus “ServiceMicrosoftAPI”. So not too much got infected. They got hold of my Discord and Facebook passwords that was stored in Firefox. So I had to change many passwords and activate 2 step authentication. But I also don't know how strong my router’s built in security is. Kaspersky blocked activity coming from

2021/08/16 18:46:55; Access denied;ScreanDriver;ScreanDriver.exe;C:\Users\%%%\AppData\Roaming\ServiceMicrosoftApi\ScreanDriver.exe;C:\Users\%%%\AppData\Roaming\ServiceMicrosoftApi;12392;%%%%\%%%;Active user;Blocked;Blocked;http://80.87.198.164/delonl.php?hwid=%%%-%%%;Malicious link;High;Exactly;http://80.87.198.164/delonl.php?hwid=%%%-%%%;delonl.php?hwid=%%%-%%%;http://80.87.198.164;Web page;Databases

Its as if they used my PC to be a host of the virus and infect other people because I kept an eye on my data usage while this was happening and saw my usage going up. So I unplugged my connection and researched from another PC. These hackers are very experienced. Windows Defender was nothing for them. In a matter of 20 seconds they automatically restarted my PC and all security was gone.

I do feel safe with Kaspersky. But worry about these security services. Especially my firewall. The fact that Windows cant automatically repair these issues worries me. These hackers are smarter than Microsoft’s own employees.

Posted

Hi @KoelMeester , 

I cant find Security Center or Security Services running. Are these turned of by Kaspersky? Why arent they showing?

I have Security Center running on my PC with Kaspersky installed.

  1. In case with a corrupted system you may try to restore the system by sfc/dism commands combination, please check out this instruction from Microsoft support:

https://support.microsoft.com/en-us/topic/use-the-system-file-checker-tool-to-repair-missing-or-corrupted-system-files-79aa86cb-ca52-166a-92a3-966e85d4094e

  1. Disable Remote Desktop (if you are not on Windows Home): 
    - type “remote settings” into the Cortana search box. 
    - open Remote Desktop properties.
    - disable "Enable Remote Desktop". You've now disabled remote access to your computer.
  2. Use the following set of instruction to secure your router and wi-fi network: 
    https://support.kaspersky.com/common/windows/12779
  3. Use System Configuration and Task Manager to disable unknown services (make sure to leave Microsoft services enabled), remove unfamiliar applications from start up. 
Posted

Hi @KoelMeester ,

  1. In case with a corrupted system you may try to restore the system by sfc/dism commands combination, please check out this instruction from Microsoft support:

https://support.microsoft.com/en-us/topic/use-the-system-file-checker-tool-to-repair-missing-or-corrupted-system-files-79aa86cb-ca52-166a-92a3-966e85d4094e

Thanks again for your response and recommendations. Everything here seems to be in order. I’ve tried this process numerous times without solving the issue. The hackers knows about this operation and must have infected this too. It doesn't bring back the security center or security at a glance. So they’ve outsmarted Microsoft again. Microsoft’s repair functions doesn't fix the problem.

Microsoft needs better security programmers.

I really don't want to reinstall windows. Everything can be replaced but I don't have uncapped internet and I already wasted about 25 hours on this issue. None of the decryption methods works and the videos on Youtube about the hoop virus basically only helped to get rid of the majority of malware the manual way.

Right now I put all my trust in Kaspersky. The question is how well is my system protected without these windows security center and services? Can Kaspersky handle everything by itself?

The scary part is that the hackers are here in this lobby. They follow all the drama to outsmart the countermeasures to improve their evil methods.

Posted

Hi @KoelMeester , 

Right now I put all my trust in Kaspersky. The question is how well is my system protected without these windows security center and services? Can Kaspersky handle everything by itself?

From my personal point of view, yes, Kaspersky Total Security provides virus&threat protection, Firewall&network protection, App&browser control. Your system is well protected, no doubt. 

An option for you to conder, is Windows refresh: 

Refresh your PC to reinstall Windows and keep your personal files and settings. Refresh also keeps the apps that came with your PC and the apps you installed from the Microsoft Store.”

https://support.microsoft.com/en-us/windows/how-to-refresh-reset-or-restore-your-pc-51391d9a-eb0a-84a7-69e4-c2c1fbceb8dd

You will have to reinstall the applications that were installed not from Microsoft Store. But the system should get back to its original state. 

 

Guest
This topic is now closed to further replies.


×
×
  • Create New...