TechSpot

Antivirus suddenly gone

By Anarchro
Feb 13, 2008
  1. Hi
    A week ago I noticed that my electronic agenda (Unforgiven Organizer) had dissapeared. The .exe was gone. I wasn't troubled, as it is quite old "sisterware". Then some time later I noticed my NOD32 Control Centre was gone too, including the .exe - now I was alarmed.
    I tried to do a systemrestore, which failed. Then I ran NOD32. (the control centre was gone, but I could still use the scan.)
    It came up with these infections:
    Win32 / Genetik Trojan
    in:
    ahead/lib/nerocheck.exe
    ati.ace/cli.exe
    distillr/acrotray.exe
    nod32kui.exe
    mouseelf.exe
    jac\va/jre1.6.0.03/bin/jusched.exe
    ftd watchdog
    ahead/lib/nmbgmonitor.exe


    After that I performed the actions as written at topic58138.

    I'm not absolutely certain, but I think that panda antirootkit didn't find anything. I wrote down everything that was found, and I didn't write anything when I used Panda. But if you want me to run it again, please say so.

    I runned Trend Micro antivirus (free version) as NOD seemed to be infected too, and it found some vulnerabilitiies and these:
    BKDR-Generic
    TROJ-Generic
    Hackingtools_hidewin
    HKTL_Hidewin.AA


    The last one was in cmdow.exe. I know cmdow is sometimes seen as a virus while it isn't. To be sure I deleted it and downloaded a new one.

    After running AVG antispyware I got the message that CLI.Implementation or one of its dependencies was not found. I got this message just once.

    I attached the results of the scans.
    Should I still be worried?
    Thanks a lot for helping out!!!

    There
    After running
     
  2. Route44

    Route44 TechSpot Ambassador Posts: 12,172   +37

    Anarcho, I run NOD32 as well. I don't have a definitive answer for you but I would certainly post this over at the Widers Security Forum at www.wilderssecurity.com which is the official ESET NOD32 forums. They are very good at helping with what you are experiencing. This information is vital to them.

    That being said, if you haven't already, I would also read the stickys provided here at TechSpot about how to clean your system up. Its good stuff.

    Let us know how it goes.
     
  3. Anarchro

    Anarchro TS Rookie Topic Starter

    Hi Route44, thanks for responding so fast.
    Actually I already used the (great!) tips in the sticky topic58138. Sorry, as I'm new to the board, I can't post links yet.
    I'll check out the forums at NOD.

    Could somebody here please tell if I'm safe now, looking at the attachements above?
    I'm not experienced enough to see at the Hijacklog what might still be a trojan, and what is normal behaviour for a program.
    Thanks!
     
  4. Anarchro

    Anarchro TS Rookie Topic Starter

    Hi peeps. Could somebody please take a look at the attachements above and tell me if I'm safe now, or if I still have trojans? Thanks!
     
Topic Status:
Not open for further replies.


Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...


Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.