Win32/Kryptik.X trojan

Discussion in 'ESET NOD32 Antivirus' started by maximx86, Oct 10, 2008.

Thread Status:
Not open for further replies.
  1. maximx86

    maximx86 Registered Member

    Joined:
    Jun 14, 2007
    Posts:
    11
    Hello,

    I cannot get rid of this file. The dll file is being used by winlogon.exe. I tried restarting the computer many times but the file still appears. I also tried googleing both files not not much luck...

    Scanned disks, folders and files: Operating memory
    C:\WINDOWS\system32\iifgGYop.dll - a variant of Win32/Kryptik.X trojan - cleaned by deleting (after the next restart) - quarantined [1,2]

    Thanks!
     
  2. Marcos

    Marcos Eset Staff Account

    Joined:
    Nov 22, 2002
    Posts:
    14,374
    I'd suggest that you download Undll, browse for the dll and eventually restart the computer.
     
  3. maximx86

    maximx86 Registered Member

    Joined:
    Jun 14, 2007
    Posts:
    11
    Marcos,

    I ran Ubuntu live and removed all the bad dlls. Nod32 recognised only iifgGYop.dll as a trojan but I found 4 more files (the had identical date/time).

    After I removed them (under Ubuntu) they appaeard in c:\.Ubuntu.trash and Nod32 found them all. But couldn't when the files were in %windir%\system32, wierd...

    Thanks for Undll app...
     
  4. Kosak

    Kosak Registered Member

    Joined:
    Jul 25, 2007
    Posts:
    711
    Location:
    Slovakia
    Could you please check if there was some driver, which caused undetection?
     
Thread Status:
Not open for further replies.