Привіт!👋🏻 Чим ми можемо допомогти?

Це поле може містити лише літери та пробіли.

Notification: "Suspicious files in the app directory."

28 грудня 2021 р. 13:04

Kryptex has a built-in antivirus to fight cryptocurrency thieves. Attackers hide viruses in folders added to antivirus exceptions so that the antivirus does not detect them. Kryptex scans its own folders and finds the virus even if the folders are in antivirus exclusions.

Do not add folders to antivirus exclusions. Add only separate files!

More information in our article 👈

If Kryptex detects suspicious files that have nothing to do with miners and Kryptex, it will warn you about the threat immediately:

Kryptex detected suspicious files in the app directory! These executables do not belong to Kryptex. Please, do not open these files. If you didn't place these files yourself, there is a very high chance your system is compromised!

What to do if Kryptex detects suspicious files?

First, we need to find the file. Go to the directory and find the file indicated by Kryptex. Enter the path to the file from the alert into the address bar of your explorer: %appdata%\kryptex\miners

Example of a virus in a folder with miners

Go to the VirusTotal site and drag the suspicious file to the page. Or click on "Choose File" and select the file in the window that opens.

Uploading the file to VirusTotal

If the file is marked as "PUA" or "CoinMiner" - this is ok, and there is no reason to worry. Kryptex may have worked as a false positive due to the way miners and antiviruses work. You are not in any danger.

Safe file scan result

If VirusTotal detects the program as "Trojan," "Virus" or "Backdoor," and most antivirus detect the malicious activity and lit up red, then it's a virus!

What are the threats from such viruses?

Some viruses can create a "Backdoor" on your system. That means it can get full remote access to your computer in background. You may not even notice it! In this case, two-factor authorization and complex passwords will be useless. An intruder will be able to control your computer and take actions "on your behalf."

It's dangerous! The detected files might be viruses hiding in Kryptex's exclusion folder. While your computer is infected, an intruder can hack into any of your accounts!

What to do after detection?

Change passwords from a safe device:

  1. Do not log in to email, Kryptex, cryptocurrency wallets, and financial services on the infected computer.
  2. Change your email password from another device. It's best to do this from your phone or tablet - other computers on your network may be infected, too. Without access to email, your money is safe.
  3. Change your password in Kryptex, too. Don't use the same password as in the mail! You can request to change your password here: https://www.kryptex.com/site/profile.

Clean your computer from viruses:

  1. If possible, it is advisable to reinstall Windows completely, using an original copy from Microsoft's site. Torrented assemblies and pirate "activators" are always stuffed with malware.
  2. If you cannot reinstall Windows, go to "Protection against viruses and threats" in Windows settings and remove all folders from antivirus exceptions. Only individual files should be in exceptions!
  3. Go to "Virus & threat protection" and start "Full scan." If you use another antivirus, run a full scan there.
  4. After that, start "Microsoft Defender Offline scan" there. The computer will reboot and scan the entire system in offline mode - this is the most reliable scan.

How can I improve my security?

Read more useful tips in our article 👈

Ця стаття доступна іншими мовами:

Share:

Dead-PC

Kryptex — програма для комп'ютера. Завантажте програму на свій ПК після реєстрації.

Зареєструватися