Notification: "Suspicious files in the app directory."
Kryptex has a built-in antivirus to fight cryptocurrency thieves. Attackers hide viruses in folders added to antivirus exceptions so that the antivirus does not detect them. Kryptex scans its own folders and finds the virus even if the folders are in antivirus exclusions.
Do not add folders to antivirus exclusions. Add only separate files!
More information in our article 👈
If Kryptex detects suspicious files that have nothing to do with miners and Kryptex, it will warn you about the threat immediately:
What to do if Kryptex detects suspicious files?
First, we need to find the file. Go to the directory and find the file indicated by Kryptex. Enter the path to the file from the alert into the address bar of your explorer: %appdata%\kryptex\miners
Go to the VirusTotal site and drag the suspicious file to the page. Or click on "Choose File" and select the file in the window that opens.
If the file is marked as "PUA" or "CoinMiner" - this is ok, and there is no reason to worry. Kryptex may have worked as a false positive due to the way miners and antiviruses work. You are not in any danger.
If VirusTotal detects the program as "Trojan," "Virus" or "Backdoor," and most antivirus detect the malicious activity and lit up red, then it's a virus!
What are the threats from such viruses?
Some viruses can create a "Backdoor" on your system. That means it can get full remote access to your computer in background. You may not even notice it! In this case, two-factor authorization and complex passwords will be useless. An intruder will be able to control your computer and take actions "on your behalf."
It's dangerous! The detected files might be viruses hiding in Kryptex's exclusion folder. While your computer is infected, an intruder can hack into any of your accounts!
What to do after detection?
Change passwords from a safe device:
- Do not log in to email, Kryptex, cryptocurrency wallets, and financial services on the infected computer.
- Change your email password from another device. It's best to do this from your phone or tablet - other computers on your network may be infected, too. Without access to email, your money is safe.
- Change your password in Kryptex, too. Don't use the same password as in the mail! You can request to change your password here: https://www.kryptex.com/site/profile.
Clean your computer from viruses:
- If possible, it is advisable to reinstall Windows completely, using an original copy from Microsoft's site. Torrented assemblies and pirate "activators" are always stuffed with malware.
- If you cannot reinstall Windows, go to "Protection against viruses and threats" in Windows settings and remove all folders from antivirus exceptions. Only individual files should be in exceptions!
- Go to "Virus & threat protection" and start "Full scan." If you use another antivirus, run a full scan there.
- After that, start "Microsoft Defender Offline scan" there. The computer will reboot and scan the entire system in offline mode - this is the most reliable scan.
How can I improve my security?
Read more useful tips in our article 👈