kryptik.gs trojan and infected autorun.inf

Discussion in 'ESET NOD32 Antivirus' started by Prodigy146, Feb 17, 2009.

Thread Status:
Not open for further replies.
  1. Prodigy146

    Prodigy146 Registered Member

    Joined:
    Feb 17, 2009
    Posts:
    1
    Using Windows Xp SP3, i've never had a virus infection until now.

    Basically my computer has a longer boot time, changed font, not allowed to click c: drive in my computer, comes up with a message
    C:\RECYCLER\S-7-9-31-100009765-100012854-100020469-6288.com is not found
    for me to access my files in the c: i just type c: in explorer. also i constantly get redirected to other sites (even after virus scan and clean up) and every anti virus program i've tried doesnt update. only nod32 is totally up to date.

    EDIT: Internet Explorer 6 does not work, i get a system beep and computer locks up when i launch it , when i try to download 7 or 8 in firefox it says interference with connection to server. windows update also does not work


    My first scan had 52 infected files, here are the places there infecting:

    C:\Documents and Settings\Administrator\Local Settings\Temp\tmp11C.tmp - a variant of Win32/Kryptik.GS trojan - cleaned by deleting - quarantined [1] (Over 25 temp files infected)

    C:\RECYCLER\S-7-9-31-100009765-100012854-100020469-6288.com - a variant of Win32/Kryptik.GS trojan - cleaned by deleting - quarantined [1] (still exists in autorun.inf eset cant clean or isolate it)

    C:\WINDOWS\Temp\121140.tmp - a variant of Win32/Kryptik.GS trojan - cleaned by deleting - quarantined [1]
    (Over 27 infected temp files)

    my second scan there was 2 infected temp files in windows\temp still and it required reboot.

    My autorun.inf file has this in it:
    [autorun]
    ;jqufhbeivcxzoimtdgxfueazqbudehfpnvmznnuiioadhpdtkztttwowjcvwymlqmxucclrqiahapqzpjq
    shellexecute="RECYCLER\S-7-2-69-100002032-100019990-100001046-8954.com c:\"
    ;ehwxdztsrdjfeglcqxghdscjckkhduxpekj
    shell\Open\command="RECYCLER\S-7-2-69-100002032-100019990-100001046-8954.com c:\"
    ;amxfxnzblpiwzbtzlnfwntwuqsfxrmjgkolsonueiayawjdeknufjmcvmxtqqgj
    shell=Open


    My autorun.inf file for my dvd drive is also corrupted, my windows xp discs dont boot up anymore. i cant reformat

    Any ideas?
     
    Last edited: Feb 17, 2009
  2. Rmuffler

    Rmuffler Former Eset Moderator

    Joined:
    Jun 26, 2008
    Posts:
    995
    Location:
    San Diego, CA USA
    Hello Prodigy146,

    Our team of Support Engineers can help you with this. Please contact us at http://www.eset.com/support/contact.php

    or at

    Toll Free. +1 (866) 343-ESET [3738]
    Tel. +1 (619) 876-5400

    Thank you,
    Richard
     
Thread Status:
Not open for further replies.