Jump to content

Recommended Posts

Forbes online posted the following on 6-28: "concerned users should check whether their computer is already infected, and if so, if the ransomware is not yet running. To do this, look for two "rundll32.exe" files running in the Windows Task Manager. If they're present, power off the PC and do not turn it back on again. Reinstalling Windows will then remove NotPetya."

I have those two files running. I am using Malware Bytes Premium 3.0.6. Am I protected or should I reinstall Windows as suggested?

Link to post
Share on other sites

The information provided in this article is way too generic to identify NotPetya. It's basically saying "if you see a rundll32.exe process running, you're done for it". rundll32.exe is a legitimate Windows process and multiple instances can run on a normal system, it does not mean that you're infected. Honestly, I wouldn't trust any information coming from websites that aren't an "authority" in InfoSec when it comes to information security. Blogs from Antivirus vendors, security product vendors, independant (recognized) malware researchers, etc. can, but not Forbes, The Washington Post, etc.

Follow the instructions below and provide me both the FRST.txt and Addition.txt logs so I can confirm it.

https://forums.malwarebytes.com/topic/9573-im-infected-what-do-i-do-now/

 

Link to post
Share on other sites

Glad we could help. :)If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.