• Announcements

    • Marcos

      Filecoder.Crysis updated to decode .dharma files   03/01/2017

      We are happy to announce you that we have updated the Filecoder.Crysis decoder to support decryption of files with the .wallet and .onion extensions. The decoder is downloadable from https://download.eset.com/com/eset/tools/decryptors/crysis/latest/esetcrysisdecryptor.exe.
Sign in to follow this  

Fasle Positive W32/Kryptik.BIV trojan

Recommended Posts


I got a notification from eset of a malware problem, I feel its false positive can anyone confirm I have attached the log details below.


Time;Scanner;Object type;Object;Threat;Action;User;Information;Hash;First seen here
15-02-2017 22:07:40;Real-time file system protection;file;C:\ProgramData\NVIDIA Corporation\Downloader\5b7887f28c7dfb735ce37bd449dcdcf6\GeForce_Experience_Patch_v1.0.exe;a variant of Win32/Kryptik.BIV trojan;cleaned by deleting (after the next restart);AVINESH\Avinesh;Event occurred on a file modified by the application: C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe (3BEC3FD517731A410682E28373E0FFA1290E8B72).;4B99ABE5FC521FDB2CA170D681B19253A929636A;15-02-2017 22:07:17


Share this post

Link to post
Share on other sites

This is a very old Kryptik detection triggered on an incomplete Nvidia file. Ie. the file cannot be executed and is corrupted. We'll see what we can do about it. You can temporarily exclude C:\ProgramData\NVIDIA Corporation\Downloader from scanning.

Share this post

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

Sign in to follow this  

  • Recently Browsing   0 members

    No registered users viewing this page.