Sorry if I posted this in the wrong place. I was just checking my email quick before I left for work and my NOD32 popped up a virus warning (first time). I wanted to get something posted before I left the house.

NOD32 2.7 has detected and offers to delete:
c:\windows\system32\dllhost.exe - a variant of Win32/Kryptik.JX trojan
c:\windows\system32\msdtc.exe - a variant of Win32/Kryptik.JX trojan

I tried researching this on the internet and couldn't find any good info. Everything on my computer seems to be working fine. I am concerned I would be deleting legitimate Widows files.

From what I read quick about msdtc.exe is it is a Microsoft app to tie together different types of data flow. I am wondering if this popped up because I was using Windows Media extender to connect to my XBOX 360 to view pictures earlier today.

I can not find any info on the Kryptik.JX trojan.

Any advice or direction would be great. Again, sorry if I posted this in the wrong place.

Thanks,
Nick

Just noticed the last 2 post before mine are having the same issue. Maybe a software issue?

It appears to be a false positive. see

http://www.wilderssecurity.com/showthread.php?t=235509

I've had the same thing happening. NOD32 has started wiping out Windows system files, including Disk Manager and others. I've disabled NOD32 for now, but this isn't the first time NOD32 has caused chaos after an update.

Funny, I'm only 3 days from needing to get a new NOD32 license... I don't know if I want to stay with NOD32 anymore.

I started getting this too!

I've actually got my computer unplugged from the Internet and was preparing to reinstall Windows and change all my passwords etc.--glad I checked here first!

I just restored those so called effected files from Quarantine so here's hopping that the PC boots OK tomorrow..

Holy!
Got this suddenly on several workstations, server, laptop... all behind redundant firewall hardware and figured that something did not seem right. So, my online query lead me to this thread. I am hoping this is a false positive and will hold off on deleting these files. I hope Eset jump on this quick - I know they will hate this to last into the Monday workday.

http://www.wilderssecurity.com/showpost.php?p=1419988&postcount=6

I know that the false positive is fixed, but, my question is just a little different.

What exactly is the Kryptik.JX trojan itself? Kryptik as in encryption? So Kryptik is a trojan that encrypts files maybe or is itself encrypted? JX is the version of the variant, of course.

Just wondering what the real one actually does.