I've seen a topic on here about it (http://www.bleepingcomputer.com/forums/t/493322/dirtydecryptexe/) but I don't know where to start and I urgently need direct help.
I was trying to watch a video, and then it told me I needed to download a version of Java Flash or something, and I thought it was an message to "allow" or "deny" using it, and it downloaded to my downloads. I didn't open it then, but after a bit I opened it after scanning it with Malwarebytes Anti-Malware and IObit Malware Fighter and it said it was clean. I didn't go along with installing it, but just opened it (I think). Then a white process type thing popped up and with the words "Dirty Decrypt" or something like that and then disappeared and my whole laptop screen went white. I restarted the laptop, and I clicked on opening things as soon as the computer started like I usually do, and then the thing flashed again and the screen went white. This time I went to "Safe Mode" (not with the network) and I seen one of the pictures (I don't have many) with the "Dirty Decrypt" stuff all over it, I didn't read it, but just deleted it.
The program that I downloaded, I'm not sure if it was legit or not, is in the C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup directory along with the "Dropbox", and I deleted it, dragged it to the trash bin, and even used the "shred file" that comes with the Advanced System Care6, and it reappears not even a few seconds afterwards in the same place.
The application name is "YrHXGxkN". In the property details it says "Copyright © 2013", Application T, T.EXE, Product version 1,0,0,1, 267 KB, French (France) and the last modified time. So that makes me think it was a legit Java download, I'm just not sure.
Maybe this Dirty Decrypt was caused from all of the music I've downloaded from Piratebay, but it just became apparent after downloading this "application", so I think it is this.
Anyway, while I was in the "Safe Mode", I ran a full system scan with Advanced System Care6 (it also defragged the system), Malwarebytes Anti-Malware, IObit Malware Fighter, and CCleaner which cleaned the registry also.
I then saw a "Read Before" notepad thing with "Dirty Decrypt" in it (I searched it and that showed), so I deleted it. This was before I knew what was going on, but the name looked suspicious.
I also deleted files in the programs like Conduit and safee and other random files that downloaded with other things that I haven't gotten to (I searched these things on Google to make sure I could delete them).
The scans showed that it fixed and deleted files.
Now when I search "Dirty Decrypt" I don't find anything.
But I just found out about the "regedit" thing, and I tried opening it to see if there were any programs with "Dirty Decrypt" and it opened and instantly closed. I tried it multiple times. Also I tried to open the Task Manager, which always worked for me before, and it closed instantly. Internet Explorer stopped working for me after awhile (it instantly closed), even after redownloading it, so that's not new. Also my Tor Browser stopped working a few weeks ago (screen is black). We just got the internet back two days ago, I really hope I could fix this "Dirty Decrypt" thing. I downloaded the http://housecall.antivirus.com/ thing and the program was just white after download until I closed it.
I run Windows 7 on 64x.
Skype just logged me in as if I was a new member (tutorial). I guess that's because I tried logging in when I didn't have internet connection on "Safe Mode". Also it told me to update it, which I did and the screen is just white (with "skype", "home", and "help" at the top).
I also looked at these:
I can't figure out what to do exactly, if anybody could help me get rid of this "Dirty Decrypt" thing, I would be thankful.
Edited by AnarchistRebel, 25 July 2013 - 10:43 AM.