Trojan Gen-Krpytik - please check my logs

Discussion in 'Malware Help (A Specialist Will Reply)' started by MayBee, Apr 30, 2010.

  1. MayBee

    MayBee Private E-2

    Hello,

    I have just finished running the Malware Removal steps and would be grateful if someone could take a look at my logs. SAS found two problems in the first 7 minutes and quarantined them. MBAM reported a clean scan and the rest I have no idea. After scanning for an hour, RootRepeal stopped on an Error and 15 mins later the error window was still blank, so I cancelled and restarted. Same thing, unfortunately, so there is no log for RootRepeal.

    My initial problem was with Realtek Audio Manager and I posted a thread under Software (I won't repeat the details here). Basically on accessing the Audio Devices tab, Recording, the system crashed. I just bought a Behringer C-1U Studio Condenser Microphone with USB connection and, although at first it worked fine, it's the only clue I have to the audio problems. The volume was too low and in adjusting it, my problems started. This crash I was able to reproduce at will whether or not the new mike was plugged in.

    This morning I rolled back my system to a week ago and found that Audio Manager worked, at least when I tried to reproduce the crash, it DIDN'T happen! At about the same time I discovered that someone has been charging stuff to my credit card. That prompted me to run the Malware Removal Guide steps and now I would like to know if my system is clean. I'll attach the first two logs.
     

    Attached Files:

    MayBee, Apr 30, 2010
    #1
  2. MayBee

    MayBee Private E-2

    And here are two more. Many thanks in advance!
     

    Attached Files:

    MayBee, Apr 30, 2010
    #2
  3. dr.moriarty

    dr.moriarty Malware Super Sleuth Staff Member

    Hello, MayBee.

    *The very first thing you should do is notify your credit card company and then cancel that credit card number.

    I am currently reviewing your logs and will get back to you with a set of instructions as soon as possible. Our queue is working the oldest threads first.

    Thanks for your patience.
    dr.m
     
    dr.moriarty, May 1, 2010
    #3
  4. dr.moriarty

    dr.moriarty Malware Super Sleuth Staff Member

    Hello, MayBee

    The scanners took care of the malware - your logs are clean, however there are a few things I would like to mention:

    1. You should increase your installed RAM to 2GB for running Vista without experiencing system lags.

    Installed Physical Memory (RAM) --- 1.00 GB
    Total Physical Memory ----------------- 0.99 GB
    Available Physical Memory ------------- 418 MB

    2. Consider updating your outdated Mozilla Firefox (3.0.5) to the more secure Mozilla Firefox 3 3.6.3 Final

    If you are not having any other malware problems, it is time to do our final steps:
    1. We recommend you keep SUPERAntiSpyware and Malwarebytes Anti-Malware for scanning/removal of malware. Unless you purchase them, they provide no protection. They do not use any significant amount of resources ( except a little disk space ) until you run a scan.
    2. If we had you use ComboFix, uninstall ComboFix (This uninstall will only work as written if you installed ComboFix on your Desktop like we requested.)
      • Click START then RUN and enter the below into the run box and then click OK. Note the quotes are required
      • "%userprofile%\Desktop\combofix" /uninstall
        • Notes: The space between the combofix" and the /uninstall, it must be there.
        • This will uninstall ComboFix and also reset hidden files and folders settings back to Windows defaults.
    3. Any other miscellaneous tools we may have had you install or download can be uninstalled and deleted.
    4. If we had you download any registry patches like fixme.reg or fixWLK.reg (or any others), you can delete these files now.
    5. If running Vista, it is time to make sure you have reenabled UAC by double clicking on the C:\MGtools\enableUAC.reg file and allowing it to be added to the registry.
    6. Go to add/remove programs and uninstall HijackThis.
    7. Goto the C:\MGtools folder and find the MGclean.bat file. Double-click on this file to run this cleanup program that will remove files and folders related to MGtools and some other items from our cleaning procedures.
    8. If you are running Vista, Windows XP or Windows ME, do the below:
      • Refer to the cleaning procedures in step 3 the READ ME for your Window version and see the instructions to Disable System Restore which will flush your Restore Points.
      • Then reboot and Enable System Restore to create a new clean Restore Point.
    9. After doing the above, you should work through the below link:


    Safe surfing! http://i268.photobucket.com/albums/jj5/drmoriarty/Emoticons/char145.gif
     
    dr.moriarty, May 4, 2010
    #4
  5. MayBee

    MayBee Private E-2

    Hello Dr. Moriarty and thanks for the great news! :cool Yes, I have been busy cancelling cards and changing passwords, as you can imagine. I take great care with my private info, but obviously not enough. I have downloaded Spyware Blaster and Everest but have not installed them, pending your instructions.

    I think FireFox was not up-to-date because of the roll-back. I will check all my apps to make sure they are updated. As for the memory, I agree that my system could use more! :(

    I think I need to install new drivers for Realtek as my new microphone was causing problems. Do you have any suggestions? I'm a bit foggy when it comes to drivers.

    Many many thanks again for your time and invaluable assistance. You guys are incredible! Cheers. :wave
     
    MayBee, May 4, 2010
    #5
  6. MayBee

    MayBee Private E-2

    With regard to FireFox, I see the version in my Programs list, but I just checked the browser version and it says 3.6.3. Do I still need to uninstall and reinstall FireFox?
     
    MayBee, May 4, 2010
    #6
  7. dr.moriarty

    dr.moriarty Malware Super Sleuth Staff Member

    :)

    You're very welcome, MayBee!

    Our Drivers Forum would be the correct forum to get help with the Realtek issue.

    In addition to the How to Protect yourself from malware! thread, the folks in the Software Forum can offer more suggestions for better securing your browsers with plugins like the ones shown here.

    EDIT: In reply to your last question, I think you're good to go.

    See you around the forums!
    dr.m
     
    Last edited: May 4, 2010
    dr.moriarty, May 4, 2010
    #7
  8. MayBee

    MayBee Private E-2

    Very good recommendations, dr. m. I have been using WOT, NoScript and AdBlockPlus for a while but the others look very interesting, too. Thanks again for all your help! :)
     
    MayBee, May 4, 2010
    #8

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds