Win32/Krypitik

[Dump Kids 0]

hello, can anyone help me? on one of my windows server, I get Win32 / Krypitik virus and always display notifications from eset like this

I might include a log from the PC :

log collector : https://www.dropbox.com/s/ctbzduwtt10qkgj/efsw_logs.zip?dl=0

Process Monitor : https://www.dropbox.com/s/1avpmd885jsplgt/Logfile.PML?dl=0

Report from ERA : https://www.dropbox.com/s/wjnsceyit4u8m50/Detailed quarantined objects Server ESET.pdf?dl=0

Thanks before,

Kings Regards

[Marcos 5,074]

Is the malware being detected after a system restart? Even if you disconnect the computer from network?

The Process Monitor log you've created is not from a boot. Please generate a boot log as per the instructions at https://support.eset.com/kb6308 , section Gather boot log files.

 

[Dump Kids 0]

1 hour ago, Marcos said:

The Process Monitor log you've created is not from a boot. Please generate a boot log as per the instructions at https://support.eset.com/kb6308 , section Gather boot log files.

 

Hi Marcos,

This Proces monitor from a boot : https://www.dropbox.com/s/qcvb3nhwyssvbwf/1 1 - Logfile.PML?dl=0

1 hour ago, Marcos said:

Is the malware being detected after a system restart? Even if you disconnect the computer from network?

malware can still detect it again and he kills the explorer.exe process when eset issues a notification.
I don't have try to disable the network, and some PCs on the network are also infected with the trojan.

[Dump Kids 0]

Hellow, 

My problem has been resolved, by updating my windows.

Thanks before