Kryptik.JX trojan question

Discussion in 'ESET NOD32 Antivirus' started by nrbocke, Mar 9, 2009.

Thread Status:
Not open for further replies.
  1. nrbocke

    nrbocke Registered Member

    Joined:
    Mar 9, 2009
    Posts:
    2
    Sorry if I posted this in the wrong place. I was just checking my email quick before I left for work and my NOD32 popped up a virus warning (first time). I wanted to get something posted before I left the house.

    NOD32 2.7 has detected and offers to delete:
    c:\windows\system32\dllhost.exe - a variant of Win32/Kryptik.JX trojan
    c:\windows\system32\msdtc.exe - a variant of Win32/Kryptik.JX trojan

    I tried researching this on the internet and couldn't find any good info. Everything on my computer seems to be working fine. I am concerned I would be deleting legitimate Widows files.

    From what I read quick about msdtc.exe is it is a Microsoft app to tie together different types of data flow. I am wondering if this popped up because I was using Windows Media extender to connect to my XBOX 360 to view pictures earlier today.

    I can not find any info on the Kryptik.JX trojan.

    Any advice or direction would be great. Again, sorry if I posted this in the wrong place.

    Thanks,
    Nick
     
  2. nrbocke

    nrbocke Registered Member

    Joined:
    Mar 9, 2009
    Posts:
    2
    Just noticed the last 2 post before mine are having the same issue. Maybe a software issue?
     
  3. BeanCounter

    BeanCounter Registered Member

    Joined:
    Apr 8, 2006
    Posts:
    66
    Location:
    Melbourne, Australia
  4. tsmith35

    tsmith35 Registered Member

    Joined:
    Jan 26, 2008
    Posts:
    7
    I've had the same thing happening. NOD32 has started wiping out Windows system files, including Disk Manager and others. I've disabled NOD32 for now, but this isn't the first time NOD32 has caused chaos after an update.

    Funny, I'm only 3 days from needing to get a new NOD32 license... I don't know if I want to stay with NOD32 anymore.
     
  5. mister squishy

    mister squishy Registered Member

    Joined:
    Mar 9, 2009
    Posts:
    1
    I started getting this too!

    I've actually got my computer unplugged from the Internet and was preparing to reinstall Windows and change all my passwords etc.--glad I checked here first!
     
  6. paulw1

    paulw1 Registered Member

    Joined:
    Aug 13, 2008
    Posts:
    12
    I just restored those so called effected files from Quarantine so here's hopping that the PC boots OK tomorrow..
     
  7. Pokinpo

    Pokinpo Registered Member

    Joined:
    Feb 5, 2003
    Posts:
    1
    Holy!
    Got this suddenly on several workstations, server, laptop... all behind redundant firewall hardware and figured that something did not seem right. So, my online query lead me to this thread. I am hoping this is a false positive and will hold off on deleting these files. I hope Eset jump on this quick - I know they will hate this to last into the Monday workday.
     
  8. Marcos

    Marcos Eset Staff Account

    Joined:
    Nov 22, 2002
    Posts:
    14,376
  9. woodworker3

    woodworker3 Registered Member

    Joined:
    Mar 9, 2009
    Posts:
    2
    I know that the false positive is fixed, but, my question is just a little different.

    What exactly is the Kryptik.JX trojan itself? Kryptik as in encryption? So Kryptik is a trojan that encrypts files maybe or is itself encrypted? JX is the version of the variant, of course.

    Just wondering what the real one actually does.
     
Thread Status:
Not open for further replies.