Malware

Question

Gravatar
0 Votes
Locked

Cryp_Xed-15

By clark.c ·
There are multiple machines in my office environment claimed to be infected by "Cryp_Xed-15". The symptom is that the user will be "kicked out" to the logon screen without any error message, and they will never be able to logon even with admin id.
We have put in the latest virus definition from TrendMicro but it seems no solution to it.
No alternative but to reformat the machine as it is not bootable anymore even from Safe mode.
Please advice.

This conversation is currently closed to new comments.

Thread display: Collapse - | Expand +

All Answers

gravatar
Collapse -

This is Trend Micros clean up procedure

by OH Smeg Moderator In reply to Cryp_Xed-15

http://threatinfo.trendmicro.com/vinfo/virusencyclo/default5.asp?VName=CRYP%5FXED%2D12&VSect=Sn

But if the initial files have been executed you may very well need to Wipe the HDD's then format and install. It's important that you wipe the Drives first as a Format is no Guarantee of killing this beastie. When you use the Format option it only writes to every third sector but if you use the Quick Format option this is a much lower number so the infection can survive through a reinstall and come back and reinfect the systems again.

You can use Boot & Nuke to Wipe the Drives with.

http://www.dban.org/download

PS this isn't fast but it needs to be performed if you want to be sure that you have killed this one.

Col

gravatar
Collapse -

Thanks

by clark.c In reply to This is Trend Micros clea ...

Thanks Col.
Formatting each of them is not an option..we have multiple machines infected everyday and formating a machine may take hours.Is XED-12 exactly the same with XED-15?
Do we have a quick win to recover this? or at least protect the machines from infected?

Back to Malware Forum

Start or search

Related Discussions

Related Forums