Win32/ Cryptor removal solution -- ComboFix

  • ATNO/TW
  • Super Moderator
  • Super Moderator
  • User avatar
  • Posts: 23456
  • Loc: Woodbridge VA

Post 3+ Months Ago

Like a lot of people recently, I was handed another computer yesterday that had Personal Antivirus installed on it. I've found I can usually nix that pretty easily running only Spybot S&D and Malwarebytes in safemode. But this time I've been banging my head against a wall all morning, because except for a safemode AVG scan, I couldn't get a single malware scanning utility to run. I mean nothing. Fortunately, AVG identified Win32 / Cryptor, so I at least new what I was looking for.

Basically it's a rootkit virus, that inherently disables most anti-malware programs from running or even installing.

Fortunately, I finally found this post, by my "supermoderator" peer at geekpolice forums.
http://www.geekpolice.net/virus-spyware ... .htm#84546

I don't normally like to try new programs like that that I've never heard of before, but I saw he's been there as long as I've been here with almost as many posts, so I decided what the heck, I'm going to try this ComboFix program.

It worked, and not only worked well, it worked perfectly. 10 hours I've been messing with this machine, and in a half hour have the thing back, running and malware free. Not to mention my other programs now run.

Here is a good guide and tutorial page with links to download the program, but I had to follow Belhazur's advice to rename the program as instructed in his post. (oh, btw this crazy virus also disabled running programs from the CD drive.) I actually had to map a network drive to get Combofix to install. I had burned it to CD but no go on the install.)



http://www.bleepingcomputer.com/combofi ... e-combofix
  • Anonymous
  • Bot
  • No Avatar
  • Posts: ?
  • Loc: Ozzuland
  • Status: Online

Post 3+ Months Ago

  • grinch2171
  • Moderator
  • Genius
  • User avatar
  • Posts: 6807
  • Loc: Martinsburg, WV

Post 3+ Months Ago

I've used ComboFix once to remove a particular nasty virus. It has been around for a while.

Post Information

  • Total Posts in this topic: 2 posts
  • Users browsing this forum: No registered users and 54 guests
  • You cannot post new topics in this forum
  • You cannot reply to topics in this forum
  • You cannot edit your posts in this forum
  • You cannot delete your posts in this forum
  • You cannot post attachments in this forum
 
 

© 1998-2014. Ozzu® is a registered trademark of Unmelted, LLC.