Kryptic.azr pops in logs

Posted 11/10/2009 6:40 PM
User avatar

petlad Advanced member

Date Joined Nov 2016
Total Posts: 31
Dear Touch, Jintan ,

I formatted my PC however Eset Nod 32 that i received free from my computer shop deletes one perticular file stating its a virus . I scanned with malware bytes and log is as under I did not quarantined these two of the files as upon deletion internet explorer does not get connected. My connection shows that connection is established but I cannnot get any website.

This files are as under I restored it to be able to surf and write you this. Please advise action.


11/10/2009 8:18:35 PM Real-time file system protection file C:\System Volume Information\_restore{A5C432EB-5E6D-4B68-80E4-22579A825D84}\RP58\A0014013.dll a variant of Win32/Kryptik.AZR trojan cleaned by deleting - quarantined NT AUTHORITY\SYSTEM Event occurred on a file modified by the application: C:\WINDOWS\System32\svchost.exe.
11/10/2009 7:50:22 AM Startup scanner file C:\WINDOWS\system32\ro.dll a variant of Win32/Kryptik.AZR trojan cleaned by deleting (after the next restart) - quarantined ADMIN-ECBDB9734\Administrator

Malware Bytes log =====================

Malwarebytes' Anti-Malware 1.41
Database version: 3140
Windows 5.1.2600 Service Pack 3

11/10/2009 10:22:57 PM
mbam-log-2009-11-10 (22-22-57).txt

Scan type: Quick Scan
Objects scanned: 115841
Time elapsed: 13 minute(s), 52 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 1
Registry Values Infected: 0
Registry Data Items Infected: 2
Folders Infected: 0
Files Infected: 4

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_CLASSES_ROOT\CLSID\{1dbd6574-d6d0-4782-94c3-69619e719765} (Spyware.OnlineGames) -> Quarantined and deleted successfully.

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

Folders Infected:
(No malicious items detected)

Files Infected:
C:\WINDOWS\Temp\NOD60.tmp (Backdoor.Bot) -> Delete on reboot.
C:\WINDOWS\Help\F3C74E3FA248.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\WINDOWS\2.bat (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\Help\F3C74E3FA248.exe (Trojan.Agent) -> Quarantined and deleted successfully.
  • Unread posts or replies
  • No unread posts or replies
  • Unread Posts (Read Only Forum)
  • No Unread Posts (Read Only Forum)

Forum Information

Currently it is Tuesday, January 17, 2017, 5:56 AM (GMT +1)
There are a total of 61,158 posts in 13,448 threads.
In the last 3 days there were 0 new threads and 1 reply posts.

Who's online

This forum has 37,983 registered members. Please welcome our newest member, Alvarezz.
There are currently no users on-line.