Kryptik Trojan infecting Windows through "harmless" google ads

[Zeealex]

just a warning to all you windows users; not even your antivirus will help.

the Kryptic Trojan opens a Back Door allowing hackers to do as they please to the windows OS. the severity varies from computer to computer but from the observations i have made i have collected this info;

the Trojan attacks Basic windows functions stopping you from opening windows media player, windows movie maker, internet explorer, regedit, dxdiag and other windows native executables (i can run Disk Defragmenter and drivers so it isn't so severe as to BSOD the PC but i was forced to Cntrl scroll lock the PC (in other words deliberately crash the machine to prevent hackers getting in)) . it corrupts the firewall DLLs so you are open to all sorts of attacks, i suppose thats what a backdoor is meant to do. i (supposedly) got infected from here (sorry guys this was the only tab open) through "harmless" Google ads, you don't even have to click them to be infected.

your inernet will suddenly close and windows security center will open, telling you to turn the firewall on, but you cant, and the antivirus will pick it up too late.

i have Linux (Ubuntu) installed on another HDD on the G-1 but all gaming ability has vanished and all the documents stored on windows were able to be backed up and transferred to Linux. but i can safely say, i'm not giving Windows the 400th chance, I'm sicking to Linux.

if anyone knows how to solve the Kryptik Trojan, please tell.

[Cobblers]

Whats the best anti virus software suite to be using these days?

@ OP - Sounds nasty indeed. Too much time on their hands imho.

[Zeealex]

Avira or AVG paired with Malwarebytes is the best if you don't want harrassment to get rid of cookies.

norton is just a bunch of annoying bollox

dont use all three, conflicts cause system failures. AVG and Malware Bytes is what i had.

and install Ubuntu on a second Partition of your drive so if something goes wrong in windows you can still use the internet.

Edited April 20, 2011 by Zeealex

[ROCO*AFZ*]

On the free side... Microsoft Security Essentials.

and always have malwarebytes around for any of the malware that doesn't get classed as a virus and is skipped. (all antiviruses do this and malwarebytes is the best for removal)

[Dai-San]

juif anyone knows how to solve the Kryptik Trojan, please tell.

Boot into 'Safe Mode' and run Combofix (don't download from anywhere else, use the link part way down that downloads from BleepingComputer.com).

Once this has run, boot back into Windows and uninstall any AV you have installed and reinstall it as it will probably have corrupted files.

Also run MBAM once back into Windows.

[ROCO*AFZ*]

Combofix is good. usually though only works for so long then you have to go back and get the new version if i remember right.

[Zeealex]

cool, thanks guys, i'll try it out would there be an objection if i said Ubuntu is my safe mode? meaning that when something like this happens i just boot into Ubuntu and get what i need from there, would it have to be downloaded in safe mode with networking? obviously i would load it onto a memory stick and install it from there.

[ROCO*AFZ*]

Remember the file that is infected will still be infected and tranferred to your next windows load + executed 1st time you click on it. Using linux doesn't disinfect an infected file.

[Zeealex]

true, but it comes in handy for when windows does get infected. if i just need to back stuff up.

it wouldn't surprise me if i do a clean install of windows again considering the hard drive was partitioned by Ubuntu so i wont lose it. then get windows loaded again. then get avast on Ubuntu (which apparently picks up windows threats too) disinfect the backup files and transfer them back into windows. i know sounds stupid and ignorant but i think fixing the damage done by said virus shall be harder, it looks like it has ######ed up registry entries and other things too.

but i shall remember this advice if i get one of these again, along with DON'T RESTART THE COMPUTER. that way i'll still be able to open internet explorer. as soon as i reinstall i shall install combo-fix and MBAM on the PC before i do anything else.