I Have A Problem With "JS:Trojan.Cryxos.4572" Malware. Any Help?
Hi,
I have a problem with a piece of malware that both exists and doesn't exist.
An old friend was tricked and gave the scammers remote access to her computer; fortunately, she didn't hand over any money. It appears from log files that they got into her computer in the first instance through some old remote support software because they messaged her initially in Windows. (I'm a bit hazy on this because she is quite elderly and can't quite recall what happened, in what order.)
I ran a scan with Bitdefender, which didn't find anything. Then I installed Malwarebytes, which triggered below response from Bitdefender:
C:\Users\user_name\Downloads\This computer is BLOCKED.html has been detected as infected with JS:Trojan.Cryxos.4572. Bitdefender deleted this item, your device is safe.
The thing is, every time I run a Malwarebytes scan on the download folder, it triggers the same response in Bitdefender. Running a scan on the download folder with Bitdefender gives no results. Needless to say, a file named BLOCKED.html isn't anywhere on her computer, according to Everything.
Then I downloaded Housecall and Kaspersky, which found nothing, but the ESET scanner triggers that response from Bitdefender yet again, every time.
I uninstalled every piece of bloatware and all the remote support software, and looked through Program Files, Program Files (x86) and AppData, and got rid of a few other old things, but the Trojan still pops up every time in the scans. Her computer is an elderly Dell with up-to-date Windows 10 and current Bitdefender and Malwarebytes.
Any advice would be much appreciated.
Peter
Answers
-
Hello.
Do the following:
1) Start your PC in Safe Mode, by following these steps:
2) Open the Run command:
https://www.makeuseof.com/windows-open-run-command-dialog-box/
and run the below commands one by one:
temp - delete all the folders/files in the folder
%temp% - delete all the folders/files in the folder
prefetch - delete all the folders/files in the folder
3) Restart your PC in General Mode, by following these steps:
https://www.techwalla.com/articles/how-to-restart-a-computer-in-normal-mode
4) Reset/Refresh your browsers:
Google Chrome - https://support.google.com/chrome/answer/3296214?hl=en
Mozilla Firefox - https://support.mozilla.org/en-US/kb/refresh-firefox-reset-add-ons-and-settings
Microsoft Edge - https://malwaretips.com/blogs/reset-microsoft-edge/
Opera - https://browsersolution.com/reset-opera-browser
Vivaldi - https://help.vivaldi.com/desktop/install-update/full-reset-of-vivaldi/
Brave - https://support.brave.com/hc/en-us/articles/360017903152-How-do-I-reset-Brave-settings-to-default-
5) Run a System Scan with your Bitdefender program.
6) Restart your PC
7) If the steps provided above didn't help, do the following steps:
Take screenshot(s) of the issue,
create a log file on your Windows device using Bitdefender Support Tool, by following these steps:
https://www.bitdefender.com/consumer/support/answer/1733/
and
create a log file on your Windows device using BDsysLog, by following these steps:
https://www.bitdefender.com/consumer/support/answer/1922/
Next, contact Bitdefender Consumer Support by e-mail:
https://www.bitdefender.com/consumer/support/help/
with short description of the issue.
After that, you will get an automated reply by the Bitdefender Customer Care Team, with your ticket number.
Now, in reply to that automated reply, you can send the screenshot(s) you already took and the log files you already created in the first step.
Since you are all done, just wait for the support engineers to investigate your issue and find a solution to fix the issue.
Remember that the screenshot(s) and the log files will help a lot to the support engineers for better and faster investigation on your issue and finding a solution.
Regards.
2
