BleepingComputer.com: Used ComboFix to repair kryptik trojan variant, now what

Jump to content

Page 1 of 1
  • You cannot start a new topic
  • This topic is locked

Used ComboFix to repair kryptik trojan variant, now what

#1 User is offline   helpless in OH 

  • New Member
  • Pip
  • Find Topics
  • Group: Members
  • Posts: 2
  • Joined: 23-September 09

Posted 23 September 2009 - 12:49 PM

Hi,

I am running Vista Home Premium Edition, Service Pack 1. For Antivirus, I have ESET NOD 32 3.0.672.0. Yesterday, the log file said:

Quote

9/22/2009 7:15:39 PM Real-time file system protection file C:\Windows\system32\cngaudit.dll a variant of Win32/Kryptik.YQ trojan unable to clean NT AUTHORITY\SYSTEM Event occurred on a new file created by the application: C:\Users\my name\AppData\Local\Temp\s.exe.


I ran the ComboFix per a suggestion of my cousin and now I have the log file. Most things seem okay but I cannot log into my company's secure database. One of the people in the main office can log in using my login and password so I think there is still something wrong. Can someone please look at the ComboFix log and tell me if there is something wrong? I have attached the log.

Thank you!

Attached File(s)


#2 User is offline   rigel 

  • FD-BC
  • PipPipPipPipPipPip
  • Find Topics
  • Group: Global Moderator
  • Posts: 12,749
  • Joined: 21-October 04
  • Gender:Male
  • Location:South Carolina - USA

Posted 23 September 2009 - 01:03 PM

Hello helpless in OH,

ComboFix can only be discussed inside the HijackThis forums and then only when requested by a HJT Team member. It is an extremely powerful tool which should only be used when instructed to do so by someone who has been properly trained. ComboFix is intended by its creator to be "used under the guidance and supervision of an expert", NOT for private use. Please read Combofix's Disclaimer. Using this tool incorrectly could lead to disastrous problems with your operating system such as preventing it from ever starting again.

The best way to deal with this problem will be to start a new topic in the HJT/Malware forum. Please create a new topic following this guide from step (6). Post a DDS log to the HJT forum and a Team member will be along to help you as soon as possible.

This topic is now closed. If you have any questions, please PM me or another Moderator.
The BC Staff
"In a world where you can be anything, be yourself." ~ unknown
"Fall in love with someone who deserves your heart. Not someone who plays with it. – Will Smith

Share this topic:


Page 1 of 1
  • You cannot start a new topic
  • This topic is locked

1 User(s) are reading this topic
0 members, 1 guests, 0 anonymous users