TR.Crypt.FKM.Gen infection

Hi, we are looking your logs over and will get back to you as soon as we possibly can. Thanks for your patience.
Kes13!

 

Hi your logs are clean

Just this to do:

1) Run this Disable/Remove Windows Messenger to remove Windows Messenger. Do not confuse Windows Messenger with MSN Messenger because they are not the same. Windows Messenger is a frequent cause of popups.

Then..

If you are not having any other malware problems, it is time to do our final steps:

1. We recommed you keep SUPERAntiSpyware and Malwarebytes Anti-Malware for scanning/removal of malware. Unless you purchase them, they provide no protection. They do not use any significant amount of resources ( except a little disk space ) until you run a scan.
2. If we had you use ComboFix, uninstall ComboFix (This uninstall will only work as written if you installed ComboFix on your Desktop like we requested.)
   • Click START then RUN and enter the below into the run box and then click OK. Note the quotes are required
   • "%userprofile%\Desktop\combofix" /u
     • Notes: The space between the combofix" and the /u, it must be there.
     • This will uninstall ComboFix and also reset hidden files and folders settings back to Windows defaults.
   • Delete the C:\combofix folder from combofix (if it exists)
3. Any other miscellaneous tools we may have had you install or download can be uninstalled and deleted.
4. Go to add/remove programs and uninstall HijackThis.
5. You can delete the C:\MGtools folder and the C:\MGtools.exe file. You can also delete the C:\MGlogs.zip
6. If you are running Vista, Windows XP or Windows ME, do the below:
   • Refer to the cleaning steps in the READ ME for your Window version and see the steps to Disable System Restore which will flush your Restore Points.
   • Then reboot and Enable System Restore to create a new clean Restore Point.
7. After doing the above, you should work thru the below link:
   • How to Protect yourself from malware!

 

Based on your logs it would not seem that this is related to ComboFix or any of the other scans. None of them found or removed anything. We can see this from the logs for each scan. That is unless Spybot found and removed something. Attach the last log from Spybot which you should be able to find in the below folder.

C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Logs


Also please attach the below files:
C:\Qoobox\ComboFix2.txt
C:\Qoobox\ComboFix-quarantined-files.txt


The only possible work around that I can think of for this issue with Windows Installer and Wordperfect is to use System Restore to go back to a point in time before you ran ComboFix on 10-27-2008.

Didn't Dell give you a CD with your PC that contains this program and all other installed on the PC? If not, I guess they just foolishly expect that anytime someone has a problem that they will have to restore the PC to the way it was shipped which is not what anyone would want to do. By the way do you use Wordperfect?

As stated above, nothing was found based on the logs so I'm not sure what this message is really about.

 

Actually you did not get it attached.

You may be able to work this out in the Software Forum. It may be possible that something will show up in an Event Log on this. You could also check to see if the below application can help:

Windows Installer CleanUp Utility