Results 1 to 4 of 4

Thread: windows 7 locked down by tr/crypt.xpack.gen

  1. #1
    Junior Member
    Join Date
    Jan 2012
    Posts
    2

    Default windows 7 locked down by tr/crypt.xpack.gen

    running windows 7 home premium sp1

    recieved warning from avira of infection.
    dont remember the name of the virus named on dialoge box.
    clicked "Remove" on dialoge box, but didnt run scan imediately(Stupid move).
    after a few minutes my pc froze and restarted.
    now unable to start:

    internet explorer
    firefox
    avira
    ad aware
    windows media player
    vlc media player

    and probably many more.

    also unable to install software.
    when i try it says " the windows installer service could not be accessed".

    what i have done to date:

    attempted to boot in safe mode resulting in blue screen(dont remember message on blue screen).

    in boot menu(f8) i selected "load last known good configuration". this failed.

    succeeded in booting in safe mode after this, still unable to install or run antivirus. all symtoms remain.

    was able to run windows defender(didnt try before) still in safe mode.
    the quick scan and full scan reported no infections. symtoms remain.

    performed system restore to a point before the infection(i now realize this was probably another bad move) symtoms remain.

    looked through event logs and found the the logs from the avira warning dialoge naming TR/Cript.XPACK.gen.

    google searched on another machine and found instructions for manual removal. they said to search in start menu for bincd32.dat and delete it.
    this file did not appear in the results. they said to find and delete a few regestry keys, none of which are present.

    dds will not run.

    task manager processes are:

    winlogon.exe---------SYSTEM
    taskmgr.exe----------ME
    taskhost.exe---------ME
    RavCpl64.exe--------ME
    Nvxdsync.exe--------SYSTEM
    Nvtray.exe-----------ME
    Ipoint.exe------------ME
    igfixtray.exe---------ME
    igfixpers.exe--------ME
    hkcmd.exe-----------ME
    explorer.exe---------ME
    dwm.exe-------------ME
    csrss.exe------------SYSTEM

    also these are blinking ocasionaly for a second and disapearing:

    svchost.exe*32
    werfault.exe*32

    I now realize many of my decisions where probably not the best. i appologize if ive made this harder for us.

  2. #2
    Emeritus
    Join Date
    Nov 2005
    Location
    @localhost
    Posts
    6,066

    Default

    hi froglegg1,

    Your post is a few days old. If you still need help simply reply back.
    How Can I Reduce My Risk?

  3. #3
    Junior Member
    Join Date
    Jan 2012
    Posts
    2

    Default

    Thank you for your reply.

    Unfortunately, I needed my computer badly
    and chose to format and reinstall last night.

    A day late and a dollar short as they say.

    I did manage to connect a usb hdd and back up my files, so
    I suffered no data loss.

    Again, thank you for your reply and the service you provide.

  4. #4
    Emeritus
    Join Date
    Nov 2005
    Location
    @localhost
    Posts
    6,066

    Default

    hi froglegg1

    Sometimes a reformat can be the quickest and safest thing to do. Dont forget to update Windows, install a AV and a antimalware or two. Thanks for letting me know. Happy safe surfing out "there."
    How Can I Reduce My Risk?

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •