Trojan Horse Crypt.FIC

[paul1077]

Hi. Forum newbie - first time poster.

Bought a new laptop a few weeks back, Sony Vaio, FGN-FW41M running Windows Vista Premium Home. I have AVG version 8.5.387. I got a virus alert last week, "Trojan Horse Crypt.FIC". AVG failed to remove it. I suspected it may be a false alarm but didnt want to take the chance.

Hence I followed the eight steps. Please advise if it was a false alarm and if not is there any residue infection/malware/spyware on my machine?

Cheers,

Paul

 

[paul1077]

was it something I said?

Why no reply? Have I done something wrong/rude?

 

[snowchick7669]

No you havent done anything wrong

There are just only a few Malware helpers and they are generally rather busy. Your thread may have just been overlooked.

Be patient, help will be on its way

 

[cosmido]

Hi,

After the Malwarebytes scan was complete, you didn't take any action (-> No action taken.)
• Open Malwarebytes, go in Quarantine and select >>>>>> [Delete All].

Because this Malwarebytes scan have been done few days ago.
• Start another [Quick Scan] and after it, select >>>>> [Remove Selection].
If some infection appears in the report, post it..

No infection in your hijackthis report !

Optimization
Many of these following proposal lines to fix, are for improve the performance of your PC.
The lines 04- are processus who start automatically when the Pc start.
Some of these processus aren't necessary to start like that.
And somes other ones, can have a shortcut on desktop, to be use by double-click when the user need it.

Open HijackThis
• Select [Do a system scan only],
• Close Internet exporer and all other apps,
• Put a hook in front of each following lines,
• And press [Fix Checked].

Fix it.
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe

As you want - Touchpad software for laptop PC's. For instance it is found on the Panasonic machines and allows part of the touchpad to be used for document or Web-page scrolling. Required for proper functioning of the pointing software but not required for the laptop to wor
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe

Fix it.
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun

As you want - If you chose to fix some, you can create shortcut on your desktop.
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [VirtualCloneDrive] "C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
O4 - HKLM\..\Run: [XboxStat] "C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe" silentrun
O4 - HKLM\..\Run: [BlackBerryAutoUpdate] C:\Program Files\Common Files\Research In Motion\Auto Update\RIMAutoUpdate.exe /background
O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe"

Fix it.
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter

It's up to you - NetGear Wireless LAN configuration utility for the MA311 802.11b
O4 - HKCU\..\Run: [NSUFloatingUI] "C:\Program Files\Sony\Network Utility\LANUtil.exe"

Fix it.
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

As you want - Related to tray_bar_process for the Microsoft Media Center.
It gives you easy access to the digital media manager.
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe

As you want.
O4 - HKCU\..\Run: [RegistryMechanic] C:\Program Files\Registry Mechanic\RMTray.exe /H

Fix it.
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - Global Startup: Bluetooth.lnk = ?
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\Windows\system32\PnkBstrB.exe

• Restart the computer.

_______________________________________________________________________________________

Optimization too
• Open Command Prompt (Start Menu --> All programs --> Accessory..) with a right-click and select "Run As Administrator",
• Copy/Paste following lines into the shell and press <Enter> (for each line) :

sc config "Apple Mobile Device" start= demand
sc config "FLEXnet Licensing Service" start= demand
sc config IDriverT start= demand
sc config "iPod Service" start= demand
sc config PnkBstrA start= demand
sc config PnkBstrB start= demand

_______________________________________________________________________________________


With AVG8 ( includes antispyware) you could disable real-time protection of Windows Defender.
And use it for an occasional scan.

These toolbar are usualy not used.
As you want - You can uninstall them, this will improve performance of your PC.
- Google Toolbar
- Yahoo! Toolbar

• Post another hijackthis report.

 

[paul1077]

thanks

Thanks a million Cosmido. I will get busy tonight and tidy things up and report back if I have any problems.

Cheers:wave:

 

[paul1077]

Wow, great advice Cosmido. Many thanks. No more problems and Vista now starts nice and fast.