Kryptik.AB trojan

Do you have a question? Post it now! No Registration Necessary.  Now with pictures!

Threaded View
Forgive me for using Google Groups, main PC is infected with above
trojan, and I have removed it from my network.

NOD32 has identified this virus on PC and has cleaned most instances
of it apart from 1 which is resident in system memory.

"a variant of Win32/Kryptik.AB trojan found in operating memory. The
file can be deleted. It is strongly recommended that you back up any
crucial data before you proceed. No action can be taken while the file
is in memory. Click "Leave" to continue and subsequently run the
cleaning of all local disks. System memory infection originated from
file C:\windows\system32\qoMdDusT.dll."

I don't have the option of deleting it.  I cannot delete "C:\windows
\system32\qoMdDusT.dll" either even using Unlocker.

Is there any tool that will clean this , maybe something that installs
on a USB flash disk and I can boot from should do the disk.

TIA


Re: Kryptik.AB trojan

In article <0ae96251-badb-4737-a37d-8b1ecec9e668
@r37g2000prr.googlegroups.com>, rodmac@gmail.com says...
Quoted text here. Click to load it
These sites are for downloading Anti-Malware and Anti-Spyware tools, in
order that I would use them myself:

Dave Lipman's tools:
Download MULTI_AV.EXE from the URL --
(this is a non-english site, but it's a great tool)
http://www.pctipp.ch/downloads/dl/35905.asp

MalwareBytes Anti-Malware
From http://www.bleepingcomputer.com /
http://download.bleepingcomputer.com/malwarebytes/mbam-setup.exe

--
- Igitur qui desiderat pacem, praeparet bellum.
- Calling an illegal alien an "undocumented worker" is like calling a
  drug dealer an "unlicensed pharmacist"
spam999free@rrohio.com (remove 999 for proper email address)

Re: Kryptik.AB trojan

Eednud wrote:
Quoted text here. Click to load it

The portable version of FA might do it
http://www.malwarebytes.org/FA_Portable.zip

Re: Kryptik.AB trojan


| Forgive me for using Google Groups, main PC is infected with above
| trojan, and I have removed it from my network.

| NOD32 has identified this virus on PC and has cleaned most instances
| of it apart from 1 which is resident in system memory.

| "a variant of Win32/Kryptik.AB trojan found in operating memory. The
| file can be deleted. It is strongly recommended that you back up any
| crucial data before you proceed. No action can be taken while the file
| is in memory. Click "Leave" to continue and subsequently run the
| cleaning of all local disks. System memory infection originated from
| file C:\windows\system32\qoMdDusT.dll."

| I don't have the option of deleting it.  I cannot delete "C:\windows
| \system32\qoMdDusT.dll" either even using Unlocker.

| Is there any tool that will clean this , maybe something that installs
| on a USB flash disk and I can boot from should do the disk.

| TIA


Boot into the Windows Revery Console.
There you will be able to rename or delete %windir%\system32\qoMdDusT.dll

--
Dave
http://www.claymania.com/removal-trojan-adware.html
Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp



Site Timeline