kryptik.gs trojan and infected autorun.inf

Discussion in 'ESET NOD32 Antivirus' started by Prodigy146, Feb 17, 2009.

Thread Status:
Not open for further replies.
  1. Prodigy146

    Prodigy146 Registered Member

    Joined:
    Feb 17, 2009
    Posts:
    1
    Using Windows Xp SP3, i've never had a virus infection until now.

    Basically my computer has a longer boot time, changed font, not allowed to click c: drive in my computer, comes up with a message
    C:\RECYCLER\S-7-9-31-100009765-100012854-100020469-6288.com is not found
    for me to access my files in the c: i just type c: in explorer. also i constantly get redirected to other sites (even after virus scan and clean up) and every anti virus program i've tried doesnt update. only nod32 is totally up to date.

    EDIT: Internet Explorer 6 does not work, i get a system beep and computer locks up when i launch it , when i try to download 7 or 8 in firefox it says interference with connection to server. windows update also does not work


    My first scan had 52 infected files, here are the places there infecting:

    C:\Documents and Settings\Administrator\Local Settings\Temp\tmp11C.tmp - a variant of Win32/Kryptik.GS trojan - cleaned by deleting - quarantined [1] (Over 25 temp files infected)

    C:\RECYCLER\S-7-9-31-100009765-100012854-100020469-6288.com - a variant of Win32/Kryptik.GS trojan - cleaned by deleting - quarantined [1] (still exists in autorun.inf eset cant clean or isolate it)

    C:\WINDOWS\Temp\121140.tmp - a variant of Win32/Kryptik.GS trojan - cleaned by deleting - quarantined [1]
    (Over 27 infected temp files)

    my second scan there was 2 infected temp files in windows\temp still and it required reboot.

    My autorun.inf file has this in it:
    [autorun]
    ;jqufhbeivcxzoimtdgxfueazqbudehfpnvmznnuiioadhpdtkztttwowjcvwymlqmxucclrqiahapqzpjq
    shellexecute="RECYCLER\S-7-2-69-100002032-100019990-100001046-8954.com c:\"
    ;ehwxdztsrdjfeglcqxghdscjckkhduxpekj
    shell\Open\command="RECYCLER\S-7-2-69-100002032-100019990-100001046-8954.com c:\"
    ;amxfxnzblpiwzbtzlnfwntwuqsfxrmjgkolsonueiayawjdeknufjmcvmxtqqgj
    shell=Open


    My autorun.inf file for my dvd drive is also corrupted, my windows xp discs dont boot up anymore. i cant reformat

    Any ideas?
     
    Last edited: Feb 17, 2009
    Prodigy146, Feb 17, 2009
    #1
  2. Rmuffler

    Rmuffler Former Eset Moderator

    Joined:
    Jun 26, 2008
    Posts:
    1,000
    Location:
    Bismarck, ND USA
    Hello Prodigy146,

    Our team of Support Engineers can help you with this. Please contact us at http://www.eset.com/support/contact.php

    or at

    Toll Free. +1 (866) 343-ESET [3738]
    Tel. +1 (619) 876-5400

    Thank you,
    Richard
     
    Rmuffler, Feb 17, 2009
    #2
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Accept Learn More...