New NOD32 v4.2 Trojan In Registry!

Discussion in 'ESET NOD32 Antivirus' started by nosferatupc, Mar 16, 2010.

Thread Status:
Not open for further replies.
  1. nosferatupc

    nosferatupc Registered Member

    Joined:
    Mar 16, 2010
    Posts:
    4
    After install nod32 antivirus v4.2 downloaded from www.eset.eu, malwarebytes antimalware and spyware doctor also found trojan in windows registry keys.Is this fake or real?I dont know,please help!Old version nod32 v4.0 has been clean.

    Malwarebytes' Anti-Malware 1.44
    Database version: 3510
    Windows 6.1.7600
    Internet Explorer 8.0.7600.16385

    Registry Keys Infected:
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\egui.exe (Security.Hijack)HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ekrn.exe (Security.Hijack)
     
    Last edited: Mar 16, 2010
  2. Thankful

    Thankful Savings Monitor

    Joined:
    Feb 28, 2005
    Posts:
    3,736
    Location:
    New York City
  3. nosferatupc

    nosferatupc Registered Member

    Joined:
    Mar 16, 2010
    Posts:
    4
    Thanks for fast reply!This is first time in v4.2 that found this.Before installation I checked whole HD and computer has been clean from spyware trojan etc.After setup I scan again and trojan found.Seems this is false positive alert between nod antivirus and anti spyware software.Im not sure?!
     
  4. Marcos

    Marcos Eset Staff Account

    Joined:
    Nov 22, 2002
    Posts:
    14,374
    Unless the "Debugger" value under that key is not flagged, you can consider it FP. The references to qgui.exe and ekrn.exe in the aforementioned registry key are indeed created by ESET.
     
  5. nosferatupc

    nosferatupc Registered Member

    Joined:
    Mar 16, 2010
    Posts:
    4
    I deleted this registry keys but I want to know is this two keys important for nod32 software functioning?For which purpose is this?Is it better leave or remove?
     
    Last edited: Mar 16, 2010
  6. Thankful

    Thankful Savings Monitor

    Joined:
    Feb 28, 2005
    Posts:
    3,736
    Location:
    New York City
Thread Status:
Not open for further replies.