Windows 10: Trojans reappearing after restoring "clean" disk image TR/Crypt.XPACK.Gen,...

Discus and support Trojans reappearing after restoring "clean" disk image TR/Crypt.XPACK.Gen,... in AntiVirus, Firewalls and System Security to solve the problem; The following trojans were detected when scanning the boot SSD on my Windows 10 machine: TR/Crypt.XPACK.Gen, TR/Crypt.XPACK.Gen3, TR/Crypt.ZPACK.Gen,... Discussion in 'AntiVirus, Firewalls and System Security' started by itm2, Aug 1, 2020.

  1. ITM2
    itm2 Win User

    Trojans reappearing after restoring "clean" disk image TR/Crypt.XPACK.Gen,...


    The following trojans were detected when scanning the boot SSD on my Windows 10 machine:

    TR/Crypt.XPACK.Gen, TR/Crypt.XPACK.Gen3, TR/Crypt.ZPACK.Gen, TR/Crypt.XPACK.Gen2, TR/ATRAPS.Gen2

    There were 18 occurrences in all see log below.


    They were detected by an Avira boot CD, but were not flagged by either Panda AV or Malwarebytes in Windows.


    When the machine first arrived I took an image of all of the partitions on the "clean" SSD using Macrium Reflect. The image was written to an external USB HDD, which is only connected temporarily for the purpose of backups. When I restored this image to the SSD and re-scanned using the Avira CD the trojans were detected again.


    It could be that the Macrium image has been infected with the trojan when the external drive was temporarily connected to make a backup. Could it also be possible that one or more of these viruses is a firmware rootkit, and not removable by simply restoring a "clean" image of the SSD?


    Any advice for how I can get rid of these trojans?

    Detection:/target/C:/program files x86/common files/microsoft shared/ink/pipanel.exe
    Virus name:TR/Crypt.XPACK.Genfile renamed
    Virus Type:trojan
    Detection:/target/C:/windows/syswow64/cmstp.exe
    Virus name:TR/Crypt.XPACK.Genfile renamed
    Virus Type:trojan
    Detection:/target/C:/windows/syswow64/colorcpl.exe
    Virus name:TR/Crypt.XPACK.Genfile renamed
    Virus Type:trojan
    Detection:/target/C:/windows/syswow64/ime/imejp/imjpuex.exe
    Virus name:TR/Crypt.XPACK.Gen3file renamed
    Virus Type:trojan
    Detection:/target/C:/windows/syswow64/ime/imetc/imtclnwz.exe
    Virus name:TR/Crypt.XPACK.Gen3file renamed
    Virus Type:trojan
    Detection:/target/C:/windows/syswow64/ime/shared/imccphr.exe
    Virus name:TR/Crypt.XPACK.Gen3file renamed
    Virus Type:trojan
    Detection:/target/C:/windows/syswow64/rasphone.exe
    Virus name:TR/Crypt.ZPACK.Genfile renamed
    Virus Type:trojan
    Detection:/target/C:/windows/syswow64/wscadminui.exe
    Virus name:TR/Crypt.XPACK.Genfile renamed
    Virus Type:trojan
    Detection:/target/C:/windows/winsxs/amd64_microsoft-windows-e..-firsttimeinstaller_31bf3856ad364e35_10.0.18362.833_none_a91ce678f8bbddfc/microsoftedgestandaloneinstaller.exe
    Virus name:TR/Crypt.XPACK.Gen2file renamed
    Virus Type:trojan
    Detection:/target/C:/windows/winsxs/amd64_multipoint-wmssvc_31bf3856ad364e35_10.0.18362.1_none_932164290f30bed0/wmssvc.exe
    Virus name:TR/ATRAPS.Gen2file renamed
    Virus Type:trojan
    Detection:/target/C:/windows/winsxs/wow64_microsoft-windows-d..-japanese-utilities_31bf3856ad364e35_10.0.18362.1_none_c9e3593323b3da97/imjpuex.exe
    Virus name:TR/Crypt.XPACK.Gen3file renamed
    Virus Type:trojan
    Detection:/target/C:/windows/winsxs/wow64_microsoft-windows-i..tional-chinese-core_31bf3856ad364e35_10.0.18362.1_none_363617dab2913de6/imtclnwz.exe
    Virus name:TR/Crypt.XPACK.Gen3file renamed
    Virus Type:trojan
    Detection:/target/C:/windows/winsxs/wow64_microsoft-windows-icm-ui_31bf3856ad364e35_10.0.18362.1_none_170ad1b852689779/colorcpl.exe
    Virus name:TR/Crypt.XPACK.Genfile renamed
    Virus Type:trojan
    Detection:/target/C:/windows/winsxs/wow64_microsoft-windows-ime-eashared-ccshared_31bf3856ad364e35_10.0.18362.1_none_b2cc1f362bcb79d0/imccphr.exe
    Virus name:TR/Crypt.XPACK.Gen3file renamed
    Virus Type:trojan
    Detection:/target/C:/windows/winsxs/wow64_microsoft-windows-rasclienttools_31bf3856ad364e35_10.0.18362.1_none_4bf8ea165a4a737b/rasphone.exe
    Virus name:TR/Crypt.ZPACK.Genfile renamed
    Virus Type:trojan
    Detection:/target/C:/windows/winsxs/wow64_microsoft-windows-rasconnectionmanager_31bf3856ad364e35_10.0.18362.1_none_3bd259bf121ebdca/cmstp.exe
    Virus name:TR/Crypt.XPACK.Genfile renamed
    Virus Type:trojan
    Detection:/target/C:/windows/winsxs/wow64_microsoft-windows-securitycenter-core_31bf3856ad364e35_10.0.18362.449_none_7a710c20780fc5c4/wscadminui.exe
    Virus name:TR/Crypt.XPACK.Genfile renamed
    Virus Type:trojan
    Detection:/target/C:/windows/winsxs/wow64_microsoft-windows-t..acyinkingcomponents_31bf3856ad364e35_10.0.18362.1_none_1ea3e6193b2e7a0c/pipanel.exe
    Virus name:TR/Crypt.XPACK.Genalert ignored
    Virus Type:trojan

    :)
     
    itm2, Aug 1, 2020
    #1
  2. TSHORTS
    TShorts Win User

    Trojan Virus TR/Crypt.XPACK.Gen.3

    How can I remove trojan virus TR/Crypt.XPACK.Gen.3 and all its elements from my Windows 10?
     
    TShorts, Aug 1, 2020
    #2
  3. ZEROCOOL0099
    zerocool0099 Win User
    TR/Crypt.XPACK.Gen

    I have been advised that TR/Crypt.XPACK.Gen is a part of Microsoft Windows. I have further seen advice that it is a Trojan. My computer has had a number of this item (also TR/Crypt.XPACK.Gen2 and TR/Crypt.XPACK.Gen3) in various Windows files (eg
    disk2/Windows//WinSxS/wow64_microsoft-windows-securitycenter-core_31bf3856ad364e35_10.0.17134.1_none_0a15945c4fa3fe226/wscadminui.exe) and have had conflicting reports as to what they are. What is the truth?
     
    zerocool0099, Aug 1, 2020
    #3
  4. JOSé ANTONIO PONTóN POSADA CEO
    José Antonio Pontón Posada CEO Win User

    Trojans reappearing after restoring "clean" disk image TR/Crypt.XPACK.Gen,...

    Trojan Virus TR/Crypt.XPACK.Gen.3

    Reformat the system disk and rebuild it from scratch (reinstall Windows and your applications).

    `~`
     
    José Antonio Pontón Posada CEO, Aug 1, 2020
    #4
Thema:

Trojans reappearing after restoring "clean" disk image TR/Crypt.XPACK.Gen,...

Loading...

  1. Trojans reappearing after restoring "clean" disk image TR/Crypt.XPACK.Gen,... - Similar Threads - Trojans reappearing restoring

  2. "TR/Crypt.CFI.Gen"

    in Windows 10 Gaming
    "TR/Crypt.CFI.Gen": I downloaded Restoro for free and I did a scan, it told me that i have a virus by the name of "TR/Crypt.CFI.Gen" the directory shown is the one of Windows Live Messenger, so basically MSN from around 2010 which i have downloaded through escargot.chat a website of a group of...

  3. "TR/Crypt.CFI.Gen"

    in Windows 10 Software and Apps
    "TR/Crypt.CFI.Gen": I downloaded Restoro for free and I did a scan, it told me that i have a virus by the name of "TR/Crypt.CFI.Gen" the directory shown is the one of Windows Live Messenger, so basically MSN from around 2010 which i have downloaded through escargot.chat a website of a group of...

  4. Can't restore Windows from disk image

    in Windows 10 Installation and Upgrade
    Can't restore Windows from disk image: I can't boot Windows. Created installation media on USB. Automatic repair doesn't work. I have a disk image on an external hard drive and 2 backups. [ATTACH] [ATTACH] Screenshots taken on different device. Windows can't find the image. When trying to point to the...

  5. .crypt files

    in Windows 10 Network and Sharing
    .crypt files: How can I open a .crypt file and can it be opened, or saved as a .csv file https://answers.microsoft.com/en-us/windows/forum/all/crypt-files/16117e76-9601-4409-ade0-e3b95dd06ca8

  6. Create / restore disk image in windows7

    in Windows 10 Customization
    Create / restore disk image in windows7: I have an issue when i was trying to restore a previous disk image mage by windows 10 os. As i have a dual booted partition on my 240gb ssd drive with the other one being Windows 7 os. I was expecting the other one being restored as well. Instead i got a blank partition where...

  7. Clean W10 Install, Can't Restore System Image

    in Windows 10 Backup and Restore
    Clean W10 Install, Can't Restore System Image: I created an image of my tower a week or two ago. I decided to restore to said image, but cancelled it. I went to boot it up later, and I received an error that there was no OS. I reasoned that it would be fine to reinstall and then restore. I got W10 through the free upgrade...

  8. Ηow to restore the capacity of a hard disk after image recovery

    in Windows 10 Backup and Restore
    Ηow to restore the capacity of a hard disk after image recovery: Let me explain my problem. I have 3 HDD's (2 internals (1 SSD 120 GB and 1 HDD-Sata 200 GB) and 1 external USB HDD (2 TB)). I have installed Windows 10 Pro x64 final οn the SSD 120 GB without problems and i have installed the extra programs that i use, also without problems....

  9. Restore a windows 10 disk image

    in Windows 10 Backup and Restore
    Restore a windows 10 disk image: Hello, I made a windows 10 disk image with the built in tool as i had to send my surface pro back to CS. Now that it it bask I want to restore it. The problem is when I want to do recover it it finds correclty my backup on my external hard drive but after selecting it it...

  10. Restore with disk image

    in Windows 10 Installation and Upgrade
    Restore with disk image: How do I reinstall Windows 10 from a USB Disk Image 17737