Win32/Crytor HELP

View previous topic View next topic Go down

Win32/Crytor HELP

Post by deathman444 on 31st March 2009, 12:08 am

Hi, my AVG detected 2 win32/cryptor virus about 1 week ago...and i tried to remove it using AVG but it said "operation intercrupted by user". So i left it there seing its not changing my computer/internet in anyways. Then yesterday i search on google on how to remove it, and someone told me to download Malwarebytes Anti-Malware. I did that and found about 6 viruses (didnt read/look wat they are....), then i selected them and removed them and restarted my computer...then i started the internet again and AVG still detect the 2 win32/cryptor. Can you help please?

deathman444
Novice
Novice

Posts Posts : 16
Joined Joined : 2009-03-31
OS OS : vista
Points Points : 28112
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Win32/Crytor HELP

Post by Belahzur on 31st March 2009, 12:29 am

Yes, we can.

Please download the current version of HijackThis from [You must be registered and logged in to see this link.]

  • Double click and run the installer.
  • It will install to C:\Program Files\Trend Micro\HijackThis\hijackthis.exe
  • After installing, you should get the user agreement, press accept and Hijack This will run.
  • Select Do a system scan and save a log file. This will open a notepad file of everything Hijack This found, copy and paste it back here.


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34918
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : 7 Home Premium x64
Points Points : 245091
# Likes # Likes : 1

View user profile

Back to top Go down

Re: Win32/Crytor HELP

Post by deathman444 on 31st March 2009, 5:26 pm

Now my DHCP is not working....
it said program caused DHCP client to stop working....how can i fix that?

deathman444
Novice
Novice

Posts Posts : 16
Joined Joined : 2009-03-31
OS OS : vista
Points Points : 28112
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Win32/Crytor HELP

Post by Belahzur on 31st March 2009, 5:27 pm

The rootkit is blocking internet access. Do you have another machine to use + a USB memory stick to transfer stuff over to and from?


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34918
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : 7 Home Premium x64
Points Points : 245091
# Likes # Likes : 1

View user profile

Back to top Go down

Re: Win32/Crytor HELP

Post by deathman444 on 31st March 2009, 9:38 pm

im using computers at my school right now...but i dont have a USB

deathman444
Novice
Novice

Posts Posts : 16
Joined Joined : 2009-03-31
OS OS : vista
Points Points : 28112
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Win32/Crytor HELP

Post by Belahzur on 31st March 2009, 9:39 pm

Can you write to CD? we can burn a few tools to use all at once and then run them when we need them.


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34918
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : 7 Home Premium x64
Points Points : 245091
# Likes # Likes : 1

View user profile

Back to top Go down

Re: Win32/Crytor HELP

Post by deathman444 on 31st March 2009, 9:52 pm

dam...i dont have a CD eiter

deathman444
Novice
Novice

Posts Posts : 16
Joined Joined : 2009-03-31
OS OS : vista
Points Points : 28112
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Win32/Crytor HELP

Post by Belahzur on 31st March 2009, 9:54 pm

Well looks like you'll need to get your hands on an external drive, because without tools, there isn't much I can do from here.

You can try resetting the winsock to see if it helps connection any.
Go to Start > Run. In the Run box, type in:
netsh winsock reset
Press enter and reboot normally.


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34918
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : 7 Home Premium x64
Points Points : 245091
# Likes # Likes : 1

View user profile

Back to top Go down

Re: Win32/Crytor HELP

Post by deathman444 on 1st April 2009, 6:06 pm

ok i'll try that....is there anything else i can try?

deathman444
Novice
Novice

Posts Posts : 16
Joined Joined : 2009-03-31
OS OS : vista
Points Points : 28112
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Win32/Crytor HELP

Post by Belahzur on 1st April 2009, 6:14 pm

Nope, unfortunately.


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34918
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : 7 Home Premium x64
Points Points : 245091
# Likes # Likes : 1

View user profile

Back to top Go down

Re: Win32/Crytor HELP

Post by deathman444 on 1st April 2009, 6:32 pm

well i might come to my friend's house and get a disc.....u wanna post the programs that i need? so i can burn it when i get 1

deathman444
Novice
Novice

Posts Posts : 16
Joined Joined : 2009-03-31
OS OS : vista
Points Points : 28112
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Win32/Crytor HELP

Post by Belahzur on 1st April 2009, 6:38 pm

Hello.
Okay, here are the four tools we might need to use.

Do not use them on your own, because they are too dangerous if used incorrectly.

[You must be registered and logged in to see this link.]
[You must be registered and logged in to see this link.]
[You must be registered and logged in to see this link.]
[You must be registered and logged in to see this link.]

For starters, install both Hijack This and MBAM.
Don't use MBAM yet, just run Hijack This and get a log and we'll see how things go from there.


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34918
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : 7 Home Premium x64
Points Points : 245091
# Likes # Likes : 1

View user profile

Back to top Go down

Re: Win32/Crytor HELP

Post by deathman444 on 1st April 2009, 11:02 pm

well i got my old computer to work....
and the thing you told me to do before....
Start>run>something....
it said the action require elevation...
idk wat that is

deathman444
Novice
Novice

Posts Posts : 16
Joined Joined : 2009-03-31
OS OS : vista
Points Points : 28112
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Win32/Crytor HELP

Post by Belahzur on 1st April 2009, 11:05 pm

Hello.
Ah, you didn't tell me this was a Vista OS. The Run box/cmd require elavated privileges.

But if you can get the machine to boot now/internet access, then skip the Run command do install Hijack This.
Install and run a system scan and save a log file. Post the log file back here.


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34918
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : 7 Home Premium x64
Points Points : 245091
# Likes # Likes : 1

View user profile

Back to top Go down

Re: Win32/Crytor HELP

Post by deathman444 on 1st April 2009, 11:10 pm

i meant the older computer....not the infected computer, but the computer that i was about to throw away because its super old.

deathman444
Novice
Novice

Posts Posts : 16
Joined Joined : 2009-03-31
OS OS : vista
Points Points : 28112
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Win32/Crytor HELP

Post by Belahzur on 1st April 2009, 11:12 pm

Oh. Is the old machine able to write to CD's?


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34918
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : 7 Home Premium x64
Points Points : 245091
# Likes # Likes : 1

View user profile

Back to top Go down

Re: Win32/Crytor HELP

Post by deathman444 on 1st April 2009, 11:18 pm

it probally can but i dont have CDs =/.....ill keep searching my house for CDs

deathman444
Novice
Novice

Posts Posts : 16
Joined Joined : 2009-03-31
OS OS : vista
Points Points : 28112
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Win32/Crytor HELP

Post by deathman444 on 1st April 2009, 11:29 pm

can i still burn programs into a disc that already has stuff in it?

deathman444
Novice
Novice

Posts Posts : 16
Joined Joined : 2009-03-31
OS OS : vista
Points Points : 28112
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Win32/Crytor HELP

Post by Belahzur on 1st April 2009, 11:53 pm

No, that would mean the disc has to be RE-writable.


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34918
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : 7 Home Premium x64
Points Points : 245091
# Likes # Likes : 1

View user profile

Back to top Go down

Re: Win32/Crytor HELP

Post by deathman444 on 4th April 2009, 2:44 am

ok, super bad news.....i just installed hijackthis and scanned for a log, now my the window wont start.....it started up, then i had a black screen. So i restarted the computer, then it ask if i want to go into safe mode, which i did....it frozed while it was loading the win32 stuff....

deathman444
Novice
Novice

Posts Posts : 16
Joined Joined : 2009-03-31
OS OS : vista
Points Points : 28112
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Win32/Crytor HELP

Post by Belahzur on 4th April 2009, 1:37 pm

Reboot it again.
Start tapping the F8 key after the beep to access the advanced boot menu.
Boot from "Last known good configuration"

Can you boot now?


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34918
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : 7 Home Premium x64
Points Points : 245091
# Likes # Likes : 1

View user profile

Back to top Go down

Re: Win32/Crytor HELP

Post by deathman444 on 4th April 2009, 9:09 pm

nope, its still the same.

deathman444
Novice
Novice

Posts Posts : 16
Joined Joined : 2009-03-31
OS OS : vista
Points Points : 28112
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Win32/Crytor HELP

Post by Belahzur on 4th April 2009, 9:18 pm

Darn.
Unless you can get access to a CD writer, there isn't much I can do.

If we can get a CD writer, we can boot to Avira's rescue disc.


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34918
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : 7 Home Premium x64
Points Points : 245091
# Likes # Likes : 1

View user profile

Back to top Go down

Re: Win32/Crytor HELP

Post by deathman444 on 6th April 2009, 4:27 pm

i do have a CD writer,

deathman444
Novice
Novice

Posts Posts : 16
Joined Joined : 2009-03-31
OS OS : vista
Points Points : 28112
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Win32/Crytor HELP

Post by Belahzur on 6th April 2009, 4:30 pm

Okay.
Read this article and guide, the Avira boot disc link is at the bottom of the article.

[You must be registered and logged in to see this link.]

Everything you need to do this is there in the article. Smile


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34918
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : 7 Home Premium x64
Points Points : 245091
# Likes # Likes : 1

View user profile

Back to top Go down

View previous topic View next topic Back to top

- Similar topics

 
Permissions in this forum:
You cannot reply to topics in this forum