Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Used ComboFix to repair kryptik trojan variant, now what


  • This topic is locked This topic is locked
1 reply to this topic

#1 helpless in OH

helpless in OH

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:01:42 AM

Posted 23 September 2009 - 12:49 PM

Hi,

I am running Vista Home Premium Edition, Service Pack 1. For Antivirus, I have ESET NOD 32 3.0.672.0. Yesterday, the log file said:

9/22/2009 7:15:39 PM Real-time file system protection file C:\Windows\system32\cngaudit.dll a variant of Win32/Kryptik.YQ trojan unable to clean NT AUTHORITY\SYSTEM Event occurred on a new file created by the application: C:\Users\my name\AppData\Local\Temp\s.exe.


I ran the ComboFix per a suggestion of my cousin and now I have the log file. Most things seem okay but I cannot log into my company's secure database. One of the people in the main office can log in using my login and password so I think there is still something wrong. Can someone please look at the ComboFix log and tell me if there is something wrong? I have attached the log.

Thank you!

Attached Files



BC AdBot (Login to Remove)

 


#2 rigel

rigel

    FD-BC


  • BC Advisor
  • 12,944 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:South Carolina - USA
  • Local time:01:42 AM

Posted 23 September 2009 - 01:03 PM

Hello helpless in OH,

ComboFix can only be discussed inside the HijackThis forums and then only when requested by a HJT Team member. It is an extremely powerful tool which should only be used when instructed to do so by someone who has been properly trained. ComboFix is intended by its creator to be "used under the guidance and supervision of an expert", NOT for private use. Please read Combofix's Disclaimer. Using this tool incorrectly could lead to disastrous problems with your operating system such as preventing it from ever starting again.

The best way to deal with this problem will be to start a new topic in the HJT/Malware forum. Please create a new topic following this guide from step (6). Post a DDS log to the HJT forum and a Team member will be along to help you as soon as possible.

This topic is now closed. If you have any questions, please PM me or another Moderator.
The BC Staff

"In a world where you can be anything, be yourself." ~ unknown

"Fall in love with someone who deserves your heart. Not someone who plays with it. Will Smith





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users