Polycrypt.b Problem

Discussion in 'ewido anti-spyware forum' started by hkedi, May 24, 2007.

Thread Status:
Not open for further replies.
  1. hkedi

    hkedi Registered Member

    Joined:
    May 24, 2007
    Posts:
    5
    Hello everyone, I am new here.
    I am a user of NOD32 anti virus and AVG anti spyware.
    Recently my PC has been affected by a malware named Trojan.PolyCrypt.b.
    My NOD32 has been updated however it cannot scan out this malware while my AVG can only scan this out as file under the system volume information of my c drive.
    Here is the problem, since there is only one file that can be found is detected, I first tried to delete and of cuz it does not work and after reboot it comes out again. So I quarintined it and tried to use my PC normally again.
    However, few days later it became another file in system volume information and my PC runs wierd again.
    I tried to find out solutions from internet but seems no help at all. therefore I came here and I hoped anyone can help me to delete this malware.
    Thank you!:)
     
  2. ASpace

    ASpace Guest

    I would then recommend you to contact ESET Techical support for further help.

    Include as many details as possible , exact file names and location , link to this thread and other appropriate things.
     
  3. karl.ewido

    karl.ewido former ewido team

    Joined:
    Dec 9, 2005
    Posts:
    236
    Location:
    Germany
  4. hkedi

    hkedi Registered Member

    Joined:
    May 24, 2007
    Posts:
    5
    Sorry, maybe my english is bad.
    Let me explain it 1 more time.
    My NOD32 has been updated and IT CANNOT SCAN OUT ANY VIRUS OR MALWARE in my PC.
    My AVG anti spyware can scan it out, it is a file inside my System Volume Information.
    I tried to delete it but it appears again after I reboot my PC.
    The problem is that when my internet is on it will suddenly have thousands of pop ups and my programs will open randomly.
    (example, microsoft word, excel, anti virus)
    And there is even one time that my NOD32 has even been once uninstalled and I did not know it.

    I will send the file to Ewido soon, and thx for replying my post :)
     
  5. Firecat

    Firecat Registered Member

    Joined:
    Jan 2, 2005
    Posts:
    7,927
    Location:
    The land of no identity :D
    PolyCrypt....isn't that a dependent packer detection? o_O

    The best way to delete this thing forever is to disable System Restore and enable it again. See below:

    http://www.trendmicro.com/vinfo/secadvisories/default6.asp?VNAME=Disabling/Enabling System Restore
     
  6. hkedi

    hkedi Registered Member

    Joined:
    May 24, 2007
    Posts:
    5
  7. Firecat

    Firecat Registered Member

    Joined:
    Jan 2, 2005
    Posts:
    7,927
    Location:
    The land of no identity :D
    No, since the malware was in your System volume information folder, you should just disable System Restore which will delete all restore points. Then run another scan with your AV/As and you should be clean.
     
Thread Status:
Not open for further replies.