Kryptic.azr pops in logs

Posted 11/10/2009 6:40 PM
#79431
User avatar

petlad Advanced member

Date Joined Nov 2016
Total Posts: 31
Dear Touch, Jintan ,


I formatted my PC however Eset Nod 32 that i received free from my computer shop deletes one perticular file stating its a virus . I scanned with malware bytes and log is as under I did not quarantined these two of the files as upon deletion internet explorer does not get connected. My connection shows that connection is established but I cannnot get any website.

This files are as under I restored it to be able to surf and write you this. Please advise action.

==============



11/10/2009 8:18:35 PM Real-time file system protection file C:\System Volume Information\_restore{A5C432EB-5E6D-4B68-80E4-22579A825D84}\RP58\A0014013.dll a variant of Win32/Kryptik.AZR trojan cleaned by deleting - quarantined NT AUTHORITY\SYSTEM Event occurred on a file modified by the application: C:\WINDOWS\System32\svchost.exe.
11/10/2009 7:50:22 AM Startup scanner file C:\WINDOWS\system32\ro.dll a variant of Win32/Kryptik.AZR trojan cleaned by deleting (after the next restart) - quarantined ADMIN-ECBDB9734\Administrator



Malware Bytes log =====================



Malwarebytes' Anti-Malware 1.41
Database version: 3140
Windows 5.1.2600 Service Pack 3

11/10/2009 10:22:57 PM
mbam-log-2009-11-10 (22-22-57).txt

Scan type: Quick Scan
Objects scanned: 115841
Time elapsed: 13 minute(s), 52 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 1
Registry Values Infected: 0
Registry Data Items Infected: 2
Folders Infected: 0
Files Infected: 4

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_CLASSES_ROOT\CLSID\{1dbd6574-d6d0-4782-94c3-69619e719765} (Spyware.OnlineGames) -> Quarantined and deleted successfully.

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

Folders Infected:
(No malicious items detected)

Files Infected:
C:\WINDOWS\Temp\NOD60.tmp (Backdoor.Bot) -> Delete on reboot.
C:\WINDOWS\Help\F3C74E3FA248.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\WINDOWS\2.bat (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\Help\F3C74E3FA248.exe (Trojan.Agent) -> Quarantined and deleted successfully.
  • Unread posts or replies
  • No unread posts or replies
  • Unread Posts (Read Only Forum)
  • No Unread Posts (Read Only Forum)

Forum Information

Currently it is Saturday, April 29, 2017, 1:21 PM (GMT +2)
There are a total of 61,198 posts in 13,463 threads.
In the last 3 days there were 0 new threads and 5 reply posts.

Who's online

This forum has 38,021 registered members. Please welcome our newest member, kevint89.
There are currently no users on-line.
We use cookies to ensure that we give you the best experience on our website. By continuing to browse, we are assuming that you have no objection in accepting cookies. You can change your cookie settings at any time.