Jump to content

scandisk.ink | win32/cryptor virus

Recommended Posts


Someone brought in her machine today which was completely infected and asked me to take a look at it.

I have no idea what exactly happened to it, but here's the description of the infection:

So, I boot the pc and I instantly get rundll errors saying dlls dont exist (because avg removed them).

one of the dlls in question is eyloadq32.dll which gets associated with a win32/cryptor virus by avg.

I checked the startup with CCleaner and I found the entry "scandisk.Ink" running rundll32.exe, did some research and I guess this is the main infection.

after running another AVG scan I get some trojans all somewhere in C:\users\Fien

I ran a hijack this scan and added the log to the attachment: hijackthis.log

Thanks in advance!

Link to post
Share on other sites

  • Staff

Hi and welcome to Malwarebytes.

Please update MBAM, run a Quick Scan, and post its log.

Next, download DDS by sUBs and save it to your Desktop.

Double-click on the DDS icon and let the scan run. When it has run two logs will be produced, please post only DDS.txt directly into your reply (don't attach them).

Link to post
Share on other sites

  • Staff

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.