Kryptic.azr pops in logs - Free Antivirus Forum

Free Antivirus Forum - Learn about antivirus, firewalls and personal security

Kryptic.azr pops in logs

BullGuard Antivirus Forum > Virus Removal > Removal Help > Kryptic.azr pops in logs

Forum Quick Jump

[ << Previous Thread | Next Thread >> ]

petlad
New Member

Date Joined Dec 2008
Total Posts : 27

Posted 11/10/2009 9:40 PM (GMT +3)

Dear Touch, Jintan ,

I formatted my PC however Eset Nod 32 that i received free from my computer shop deletes one perticular file stating its a virus . I scanned with malware bytes and log is as under I did not quarantined these two of the files as upon deletion internet explorer does not get connected. My connection shows that connection is established but I cannnot get any website.

This files are as under I restored it to be able to surf and write you this. Please advise action.

==============

11/10/2009 8:18:35 PM Real-time file system protection file C:\System Volume Information\_restore{A5C432EB-5E6D-4B68-80E4-22579A825D84}\RP58\A0014013.dll a variant of Win32/Kryptik.AZR trojan cleaned by deleting - quarantined NT AUTHORITY\SYSTEM Event occurred on a file modified by the application: C:\WINDOWS\System32\svchost.exe.
11/10/2009 7:50:22 AM Startup scanner file C:\WINDOWS\system32\ro.dll a variant of Win32/Kryptik.AZR trojan cleaned by deleting (after the next restart) - quarantined ADMIN-ECBDB9734\Administrator

Malware Bytes log =====================

Malwarebytes' Anti-Malware 1.41
Database version: 3140
Windows 5.1.2600 Service Pack 3

11/10/2009 10:22:57 PM
mbam-log-2009-11-10 (22-22-57).txt

Scan type: Quick Scan
Objects scanned: 115841
Time elapsed: 13 minute(s), 52 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 1
Registry Values Infected: 0
Registry Data Items Infected: 2
Folders Infected: 0
Files Infected: 4

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_CLASSES_ROOT\CLSID\{1dbd6574-d6d0-4782-94c3-69619e719765} (Spyware.OnlineGames) -> Quarantined and deleted successfully.

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

Folders Infected:
(No malicious items detected)

Files Infected:
C:\WINDOWS\Temp\NOD60.tmp (Backdoor.Bot) -> Delete on reboot.
C:\WINDOWS\Help\F3C74E3FA248.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\WINDOWS\2.bat (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\Help\F3C74E3FA248.exe (Trojan.Agent) -> Quarantined and deleted successfully.

Forum Information

Currently it is Wednesday, May 22, 2013 8:39 PM (GMT +3)
There are a total of 59,522 posts in 13,140 threads.
In the last 3 days there were 2 new threads and 5 reply posts. View Active Threads

Who's Online

This forum has 34616 registered members. Please welcome our newest member, Tyra Simpson.
27 Guest(s), 0 Registered Member(s) are currently online. Details

5 Latest Threads

Empty tmp folders (41)	5/22/2013 2:49:43 PM (Eddy Vl)
Cannot clean/ delete the internet cache/ temp folder from Chrome (0)	5/22/2013 12:19:30 PM (stanleywan)
BullGuard Firewall and Windows Firewall (4)	5/21/2013 5:24:46 AM (aadi95)
The NovaShield behavior analysis techniques (2)	5/21/2013 12:28:32 AM (Robert Mateescu)
Bullguard online drive back up URL for Syncovery? (2)	5/20/2013 10:11:29 AM (LogoLogics)

Need Support? Write to:

| Forum Help Manual

Download free trial version of Bullguard Internet Security