I Can't Remove Virus (Win32/Crypt.Exe)

Status
Not open for further replies.
ComputerNo0b

ComputerNo0b

Posts: 25   +0
I can't remove the virus stated in the title.
I tried KillerBox but i can't seem to run it.
This is the message that appeared when i tried to remove it.
"This application has failed to start because MSVBVM60.DLL was not found. Re-installing the application may fix this problem."
I downloaded KillerBox alot of times but i just can't seem to run it.
I keep on seeing that AVG Antivirus has found the virus and i move it into the virus vault, but there are endless amounts of them. I tried SpyCatcher, Windows Defender and Ad-Aware but none of them seem to work.
It is very annoying and i wish to stop this as soon as possible.
[Edit] I am also unable to download HijackThis as it also displays the same error message.
 
Hi ComputerNo0b and welcome to TechSpot. :wave:

You need to have a read of this - If your system is infected. Read this before deciding whether to CLEAN or REFORMAT.

Please download FindAWF to your Desktop.
Double-click FindAWF.exe to start the tool.
Select "option #1 - Scan for bak folders" by typing 1 and press Enter
When the tool has completed, a report will open up in notepad. Please post the results of the awf.txt as an attachment.
Please post the result of this scan before proceeding.

If you encounter problems, go straight to step 3 in the link below and run an online virus scan.

Then you need to go and read the Viruses/Spyware/Malware, preliminary removal instructions. Follow all the instructions exactly.

Post fresh HJT, Combofix, and AVG Antispyware logs as ATTACHMENTS into this thread, only after doing the above.


This thread is for the use of ComputerNo0b only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
 
I can't find the dslreports links in the CLEAN or REFORMAT thread.
It's taking so long to search..
Btw, Hi rik.

Finally. FindAWF completed searching.
[edit] I attached the document.
Btw, There's some kind of buzzing noise in my computer. Is it a problem?
 

Attachments

  • awf.txt
    280 bytes · Views: 5
Your awf log is clean. You need to do as much of the other scans as you possibly can.

If the links wont work for you. Go to http://housecall.trendmicro.com/ and do an online scan.


This thread is for the use of ComputerNo0b only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
 
Trend Micro said that my internet connection was very slow. :mad: It IS very slow.. It's almost 7pm here in Singapore and i hafta go eat soon.. Mum is hopping mad and i don't know what to do. I'm worried for the computer...
[Edit] I was looking at AVG Antispyware's scan log when i saw that ALL of the "Infected" files were just tracking cookies.
PS: I'm doing a quick scan.
 
If you are sure that it is a virus problem that you have then you will need to persevere with the online scan.


This thread is for the use of ComputerNo0b only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
 
I think this is where the virus is "hiding".
AVG's virus vault showed me this.
C:\Documents and Settings\Compaq_Owner\Local Settings\Temporary Internet Files\Comtent.IE5\VH2P50K0\ps19[1].exe
[edit] Your words gave me strenght! (puts on 'Victory' headband)
Just joking.. i'm gonna go bathe now.
 
Within internet explorer, click on Tools then Internet Options, then Temporary Internet Files, Delete Files and see if that helps.

It will clear all your tempory internet files so it may take a while to visit previously visited sites for the first time.



This thread is for the use of ComputerNo0b only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
 
rik said:
Post fresh HJT, Combofix, and AVG Antispyware logs as ATTACHMENTS into this thread, only after doing the above.
Click to expand...

That is not an ATTACHMENT.


This thread is for the use of ComputerNo0b only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
 
Your avg log says "no action taken". You need to get it to delete all entries.

I now need the rest of the requested logs.



This thread is for the use of ComputerNo0b only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
 
The links for the dslreports are working fine, I`ve just checked.

Forget the panda online scan if you`re having problems and continue with the rest of the instructions.

Then, post the requested log files as well as the results of the Panda Antirootkit scan.

Regards Howard :)

This thread is for the use of ComputerNo0b only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
 
I found something in my AVG's scan.
It was the file sent to me!
image07.zip and image09.zip.
and ps[1].exe.
image 07 and 09 are trojan horse IRC/BackDoor.SdBot3.
ps[1].exe is the virus! Win32/CryptExe.

Should I delete all the files in C:\Compaq_Owner\Local Settings\Temp ?
I found the virus zip folder inside it.
 
Wow. I deleted 2212 items at one go.
WAIT! i can't delete fnm100, it's being used by another computer or program.
It's giving me this message.
"Cannot delete fnm100: it is being used by another computer or program.

Close any programs that might be using the file and try again."

The files i deleted RESTORED THEMSELVES!
I refreshed it.
Then all the files came back!
 
Don`t worry too much about that at the moment.

Just, follow the instructions, then post the 3 requested log files as well as the Panda Antirootkit scan results.

Regards Howard :)

This thread is for the use of ComputerNo0b only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
 
I can't download HijackThis.
This is the message that appeared when i tried to remove it.
"This application has failed to start because MSVBVM60.DLL was not found. Re-installing the application may fix this problem."
I downloaded KillerBox alot of times but i just can't seem to run it.
I keep on seeing that AVG Antivirus has found the virus and i move it into the virus vault, but there are endless amounts of them. I tried SpyCatcher, Windows Defender and Ad-Aware but none of them seem to work.
It is very annoying and i wish to stop this as soon as possible.
[Edit] I am also unable to download HijackThis as it also displays the same error message.
Click to expand...
Bringing
Up
My
Post.

I'm going to run Combofix now.
 
If your system is so badly infected that you can`t follow the instructions, then it seems like you don`t have much choice but to re-format.

Sorry, but we can`t help you without seeing the requested logfiles.

Regards Howard :)

This thread is for the use of ComputerNo0b only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
 
It does that to me as well. I use FF as my default browser and after running Combofix, it always changes mu default browser back to IE.

Plus, if it detects infection within your browser, it has to change it in order to get rid of the infections.

This thread is now at 23 posts long and is getting us nowhere.

Unless you are able to post the log files, You really need to consider a format. It really is that simple.

Edit: Please stop making multiple posts. If you forget anything, you should use the edit button, rather than making a new post, when there are no other replies in between.

Regards Howard :)

This thread is for the use of ComputerNo0b only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
 
Okay. I'll take note of that. Here's the ComboFix log.
`Going to scan with antirootkit now.
-It said no rootkits were found.
[edited]
 
1. Please download The Avenger by Swandog46 from HERE. Save it to your Desktop and extract it.

2. Download the attached avengerscript.txt and save it to your desktop

Note: the above code was created specifically for this user. If you are not this user, do NOT follow these directions as they could damage the workings of your system.

3. Now, start The Avenger program by double clicking on its icon on your desktop.

Under "Script file to execute" choose "Load script from file".
Now click on the folder icon which will open a new window titled "open Script File"
navigate to the file you have just downloaded, click on it and press open
Now click on the Green Light to begin execution of the script
Answer "Yes" twice when prompted.

4. The Avenger will automatically do the following:

It will Restart your computer. ( In cases where the code to execute contains "Drivers to Unload", The Avenger will actually restart your system twice.)
On reboot, it will briefly open a black command window on your desktop, this is normal.
After the restart, it creates a log file that should open with the results of Avenger’s actions. This log file will be located at C:\avenger.txt
The Avenger will also have backed up all the files, etc., that you asked it to delete, and will have zipped them and moved the zip archives to C:\avenger\backup.zip.

5. Please attach the content of c:\avenger.txt into your reply, as well as a fresh HJT, Combofix and AVG Antispyware log.

I also want to know the results of the Panda Antirootkit scan.

Regards Howard :)

This thread is for the use of ComputerNo0b only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
 
I don't know what happened. After the 1st restart, i logged in again but suddenly, the computer restarted itself again.
PS:I really don't know what happened.
Would a Full System Restore help the computer to restore it's original factory settings without harbouring any viruses?
 
Status
Not open for further replies.

Similar threads

M
Virus warning popup
Replies
1
Views
544
Mark Fuller
M
Jess_123
My num pad + doesn't work ...
Replies
0
Views
284
Jess_123
Jess_123
AGenericFool
Help - Valid Windows 10 Licenses deactivate after two days?!
Replies
1
Views
322
Nelson28
N

Latest posts

Back