How to Remove Win32/cryptor ?

May 27, 2009 at 09:24:06
Specs: Windows XP, 1 GH / 256 MB
I have recently found Win32/cryptor virus in my
PC which is detected by AVG Free 8.5 but not
removed permanently. I have scanned my PC
by mbam, MS Windows Defender and True
Sword Anti Spyware but they all didn't detect
any virus. Now tell me what i should have to do
for removing this virus. I have my hijack and combofix log too. If you say I will posted it later.

Qasim Ali

See More: How to Remove Win32/cryptor ?

Report •

May 27, 2009 at 09:49:02
Upload these logs to rapidshare and post a link:
AVG scan log
combofix log
NEW recent hijackthis log

To Private Message me Click Here

Report •

May 27, 2009 at 12:04:29
Hi, neoark!

I didn't scan my PC with AVG myself own, AVG itself own
detects virus and give alert again and again. So I have not
AVG's log file.

Here is Combofix Link:

Here is Hijackthis Link:

Here is Mbam Link:

I have given all links to you as you said, so it's now up to you
to remove my PC's infections. I hope you will do best.

Thank you for anticipation,

Qasim Ali

Report •

May 27, 2009 at 12:55:06
Mbam Link link doesn't work. Post the filename which AVG detects. Also:

Download and run Kaspersky AVP tool:

Once you download and start the tool select all the objects/places to be scanned and hit Scan. Fix what it detects and at the end of the scan post screenshot/scan-summary log of detected items that is fixed and which it could not fix.

To Private Message me Click Here

Report •

Related Solutions

May 28, 2009 at 03:28:25
Hi, neoark!

The link that you have given to me for Kaspersky AVP tool
has not opened neither in Google Chrome nor in Internet

Second is that When I write "Kaspersky AVP tool" in Google
Search then Google does not search it, but when I write
anything else in Google search then it shows that page in
milli seconds.

If I open Kaspersky Website directly in any browser then it
display nothing.

I think that any term or web page related to Kaspersky AVP
tool is restricted by the virus in my Computer. So Now what I
should have to do for removing this second problem? Tell me
any method which easily download this tool despite restricted
by Virus.

All websites opened in my PC except Kaspersky or AVP
related websites.

I will be grateful to you for this act.


Qasim Ali.

Report •

May 28, 2009 at 06:26:37
Run this scan:

Run a full scan with

# Check the box next to YES, I accept the Terms of Use.
# Click Start
# When asked, allow the activex control to be installed.
# Click Start
# Check below options:

    * Remove found threats
    * Scan unwanted applications.

# Click Scan
# Wait for the scan to finish
# When it finishes it will create a log file here: C:\Program Files\EsetOnlineScanner\log.txt
# Attach this logfile to your next message.

At the end upload that log to rapidshare and post a link.

edited by moderator

Report •

May 28, 2009 at 22:39:14
remove win32 cryptor trojan manually, see manaual removal steps

Report •

May 29, 2009 at 13:13:50
Hi, neoark! and james88!

First of all thanks for your co-operation.

Disappointedly, this virus had disabled all Antiviruses and their tools, so I couldn't send Logs. Even online scanning was also disabled. So after all my efforts go in vain, I format my hard drive and installed Windows again. James88 sent me manually settings after when I had done Windows.

So I again like to thanks to your fabulous efforts and sharing ideas. I'll never forget you people. I'll apply these tools and manully settings in future. Specially, anyone who will read this thread, will get big benefit.

In the end, I request both neoark! and James88 to tell me which Antivirus do you like most and which antivirus I should have to install in my PC for maximum protection?

Warm Regards,

Qasim Ali

Report •

May 29, 2009 at 13:30:48
You gave up pretty fast. Should have just told me you coudn't do RN 5. Anyways kaspersky/bitdefender/eset/norton are good ones.


Report •

May 31, 2009 at 21:22:49
Ok, Qasim,
i am sure you are in Pakistan, and installing windows and having windows CD`s is a no problem there in Pakistan because of no copyright law or action. right? Good Luck

Report •

August 4, 2009 at 18:09:23
Hi, I am a mom of three stating that so you will know I am not great with systems. I also have found my system infected windows virus called Win32/Cyptor, it is basically causing all in windows ( apps) to crash or stop responding one by one and at times crashing system. I downloaded the AVG it ran found some and placed in a vault but just as it does so a duplicate of virus comes back up in same files over and over again for hours gettin worse by the minute for faster in duplication. Please can anyone here help me , anyone know where I may of gotten this? Can we find a way to remove it or lock it up the kids and I really need this comp.
Thank you very much,


Report •

Ask Question