Win32/Kryptik.X trojan

Discussion in 'ESET NOD32 Antivirus' started by maximx86, Oct 10, 2008.

Thread Status:
Not open for further replies.
  1. maximx86

    maximx86 Registered Member

    Joined:
    Jun 14, 2007
    Posts:
    11
    Hello,

    I cannot get rid of this file. The dll file is being used by winlogon.exe. I tried restarting the computer many times but the file still appears. I also tried googleing both files not not much luck...

    Scanned disks, folders and files: Operating memory
    C:\WINDOWS\system32\iifgGYop.dll - a variant of Win32/Kryptik.X trojan - cleaned by deleting (after the next restart) - quarantined [1,2]

    Thanks!
     
  2. Marcos

    Marcos Eset Staff Account

    Joined:
    Nov 22, 2002
    Posts:
    14,415
    I'd suggest that you download Undll, browse for the dll and eventually restart the computer.
     
  3. maximx86

    maximx86 Registered Member

    Joined:
    Jun 14, 2007
    Posts:
    11
    Marcos,

    I ran Ubuntu live and removed all the bad dlls. Nod32 recognised only iifgGYop.dll as a trojan but I found 4 more files (the had identical date/time).

    After I removed them (under Ubuntu) they appaeard in c:\.Ubuntu.trash and Nod32 found them all. But couldn't when the files were in %windir%\system32, wierd...

    Thanks for Undll app...
     
  4. Kosak

    Kosak Registered Member

    Joined:
    Jul 25, 2007
    Posts:
    711
    Location:
    Slovakia
    Could you please check if there was some driver, which caused undetection?
     
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.