My cryptor solution

Post new topic   Reply to topic

View previous topic View next topic Go down

My cryptor solution

Post by dsuel1 on 13th May 2009, 6:40 am

Im not sure if posting a solution as a thread here is allowed, i skimmed the rules but didnt see anything saying no. SO sorry if this is in violation i sincerly apologize. ( all i saw was no posting in other members threads unless aproved staff)

Anyways, i was called over to a friends house who had been recently infected with the new cryptor.

I was able to stop it, and get rid of everything. As following are system spec and what i did. Hope it helps you out.

Windows XP service pack 3;

First thing i noticed, was there was a program named WinPC trying to get you to "purchase" its anivirus as it has found 13 threats on your computer. Now, this MAY or may not be part of cryptor, not sure, as no one else has mentioned this.

Secondly, all links from google, yahoo etc would be automaticly redirected to some ad revenue site. As well as when i tried to scan/install ANYTHING to do with antivirus, (EX/ kaspersky, avg, malwarebytes etc) it would lock up, and say its an attacker. Anything that was already installed, would simply lock of and freeze the computer when i would scan (lock up after roughly 50%... once it hit temp internet files OR system32 files.)

After playing with avenger and malwarebytes, with no luck (would either not let me open it, or would reboot the computer automaticly before anything could be done) I booted in safe mode with networking (im sure plain ol safe mode would do the trick too) and installed malwarebytes.

NOTE!>>>>>> After doing some searching i noticed malwarebytes (the update on may8th 2009) seemed to be helping people out keeping the virus at bay. After doing a QUICK scan in safe mode, it found 42 items, and with ease removed them. It then asked i reboot to remove the rest (which it didnt specify what).

Upon reboot i noticed WinPC was gone, and google etc seemed to be working fine.

Lastly, i went into my system folders, and got rid of all UCA----------- files. and rebooted one last time.

After all was said and done i tried search my registry, system, and ran my virus scans over once more. and to my delight found nothing. and all seems to be running well. (Hijackthis log seems to be clean as far as i can see too)

CONCLUSION > From what i understand malwarebytes has cracked this virus, you just need to boot in safe mode to ensure the virus doesnt lock you out and play its games.

So to all of you that are still fighting with this virus, try to simply scan with malwarebytes (or from what i have read very recently AVG Free) from safe mode, And let me know how it goes.

Solved for me on may.12/2009 10:32pm

(Fun fact... in the registry, before malwarebytes removed it, i found the following entry.. "Created by N!ghtW!sh, f***ing you since 2000 month 02. Kreator of the best f***ing viri in the world. Cryptor V3 Rogue Edition, spawned from hell on apr 19/09)

dsuel1
Beginner
Beginner

Posts Posts : 3
Joined Joined : 2009-05-13
OS OS : XP
Points Points : 27667
# Likes # Likes : 0

View user profile

Back to top Go down

Re: My cryptor solution

Post by Belahzur on 13th May 2009, 11:48 am

I will allow this to stay since you did not link to any of our tools.

The tools we use are extremely powerful, and extremely dangerous, that's why we include warnings that running these without someone watching over you could leave your machine badly damaged.


@RealBelahzur - [Prework] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34918
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : 7 Home Premium x64
Points Points : 245091
# Likes # Likes : 1

View user profile

Back to top Go down

Re: My cryptor solution

Post by dsuel1 on 14th May 2009, 2:07 am

fair enough. I tend not to give people information on forums, if its anything to do with (critical) drivers, registry, or any other alterations, as i have seen some bad cases of misunderstanding and (for example) not being able to boot. rendering the computer useless to anyone who doesnt have much knowledge about it. I prefer being there, or at the least a live chat program.(preferably with some kind of remote assistance)

Again I apologise, for just throwing this up without first asking.

dsuel1
Beginner
Beginner

Posts Posts : 3
Joined Joined : 2009-05-13
OS OS : XP
Points Points : 27667
# Likes # Likes : 0

View user profile

Back to top Go down

Re: My cryptor solution

Post by Belahzur on 14th May 2009, 8:48 am

I wasn't telling you off, I'm just trying to prevent an accident should someone follow your instructions. Wink


@RealBelahzur - [Prework] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34918
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : 7 Home Premium x64
Points Points : 245091
# Likes # Likes : 1

View user profile

Back to top Go down

View previous topic View next topic Back to top

- Similar topics

Post new topic   Reply to topic
 
Permissions in this forum:
You can reply to topics in this forum