How do you rid of Trojan Horse Cryptic BGL?

Answer 1

1. Run Malwarebytes Anti-Malware

2. Run the anti spyware removal programs spybot

3 Run Superantispyware

4. Run a complete scan with free curing utility Dr.Web CureIt!

Use Mozilla firefox or the google chrome browsre for browsing unsafe websites

Most of the above types of clean-up process are very laborious, but still won't protect you.

Active anti-malware is needed to minimize the damage. (Free scanners only find it after damage is done (no removal w/o upgrade$),.

This particular malware is very tricky, and has many names & extensions. I like THC or "Trojan horse Cryptic.".

The main way it gets in your machine is by removable storage (ie: USB RAM (thumb drive), portable hard drive, etc.) which you have used on an infected machine. THC has installed several automatic execution files (Stupid Windows has tried but failed to fix this flaw.), including autorun.inf, which is an easily read (and later deleted!) text file (rClk>open with >Notepad). The text commands point to a new folder & its program files, with random names, (thence much confusion by "Professionals" of all stripes), When you insert the drive on your machine, Windows stupidly opens the .inf file to run the random .exe to install the THC program which immediately hijacks your machine and digs itself deeply into your system files, damaging them in the process. Most anti-malware will not see the problem. Most will not find the damaged files. Most will just destroy the infected windows system files (not repair them from the install backup). None will tell you their limitations.

Computer Hygiene:If you must use your removable storage on any other machine, ALWAYS (BEFORE you leave a possibly infected machine)

1. Examine the root folder (ie E:\) for the possibly hidden file "autorun.inf"

2. and its parasitic folder.

3. For now, you can delete them before you get off of the infected machine, and it 'should' be safe to use on your own .

The THC root directory file named 'autorun.inf' will look something like this:

[autorun]

USEAUTOPLAY=1

shellexcute=misko/trubajic.exe

Shell\fak\mi\

shell\\Explore\\command=misko/trubajic.exe

shell\Open\command=misko/trubajic.exe

icon=misko/trubajic.exe

open=misko/trubajic.exe

action=Open folder to view files using Windows Explorer

I found and deleted the file G:\autorun.inf and the folder and contents of G:\misko\ on my school computer, and my own AVG-IS did not do the usual faulty vault complaint.

(I know this is not bullet proof, but so far, so good.) I don't expect Microsoft or any of the (evasive staff) security software programs to get any smarter very soon (They are going on >8 months of denial and obliviance), but it would be nice.