win32/cryptor

View previous topic View next topic Go down

win32/cryptor

Post by eddiehgeek on Tue Apr 21, 2009 11:31 pm

i have this virus. I ran the avg and it detected but did not remove. i updated the avg and ran in safe mode. detected and moved infected files to virus vault and still infected. installed MalWareBot and it dected the virus and deleted it. still there. downloded the malwarebytes and installed. it will not start. when i click on icon the hourglass comes on for a few seconds then goes ff. nothing happens. i go to taskmanager and the task is in the processes but not in the tasks.

eddiehgeek
Beginner
Beginner

Status :
Online
Offline

Posts : 2
Joined : 2009-04-21
OS : xp

View user profile

Back to top Go down

Re: win32/cryptor

Post by Belahzur on Wed Apr 22, 2009 12:34 am

1. Please download The Avenger by Swandog46 to your Desktop
Link: [You must be registered and logged in to see this link.] or [You must be registered and logged in to see this link.].

  • Click on Avenger.zip to open the file
  • Extract avenger.exe to your desktop

Note: This tool was posted specifically for this user. If you are not this user, do NOT follow these directions as they could damage the workings of your system.[/color][/b][/i]

2. Now, start The Avenger program by clicking on its icon on your desktop.

  • Leave the script box empty.
  • Leave the ticked box "Scan for rootkit" ticked.
  • Then tick "Disable any rootkits found"
  • Now click on the Execute to begin execution of the script.
  • Answer "Yes" twice when prompted.

    The Avenger will automatically do the following:

  • It will Restart your computer.
  • On reboot, it will briefly open a black command window on your desktop, this is normal.
  • After the restart, it creates a log file that should open with the results of Avengerís actions. This log file will be located at C:\avenger.txt
  • The Avenger will also have backed up all the files, etc., that you asked it to delete, and will have zipped them and moved the zip archives to C:\avenger\backup.zip.
3. Please copy/paste the content of c:\avenger.txt into your reply.


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Status :
Online
Offline

Posts : 34916
Joined : 2008-08-03
Gender : Male
OS : XP SP3 Media Centre

View user profile

Back to top Go down

Re: win32/cryptor

Post by eddiehgeek on Wed Apr 22, 2009 5:45 pm

ran avenger and the units freezes during index checking and restarts the cycle

eddiehgeek
Beginner
Beginner

Status :
Online
Offline

Posts : 2
Joined : 2009-04-21
OS : xp

View user profile

Back to top Go down

Re: win32/cryptor

Post by Belahzur on Wed Apr 22, 2009 5:57 pm

Lets start with the basics.

Please download the current version of HijackThis from [You must be registered and logged in to see this link.]

  • Double click and run the installer.
  • It will install to C:\Program Files\Trend Micro\HijackThis\hijackthis.exe
  • After installing, you should get the user agreement, press accept and Hijack This will run.
  • Select Do a system scan and save a log file. This will open a notepad file of everything Hijack This found, copy and paste it back here.


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Status :
Online
Offline

Posts : 34916
Joined : 2008-08-03
Gender : Male
OS : XP SP3 Media Centre

View user profile

Back to top Go down

View previous topic View next topic Back to top

- Similar topics

 
Permissions in this forum:
You cannot reply to topics in this forum