Scan and hidden program problem

Discussion in 'ESET Smart Security' started by gberns, Jul 24, 2009.

Thread Status:
Not open for further replies.
  1. gberns

    gberns Registered Member

    Joined:
    May 2, 2004
    Posts:
    131
    The other day when I plugged in my external USB disk to do a backup I found a program had been installed on the disk. I had no idea what it did or how it got there. Was unable to use it using usual tools as program did not show up on the list. I therefore did a brute removal. Today all my computer wants to do is run this program and keeps reporting it can't find it (which is no surprise.) Ran a full scan and ESS 4 found only one problem which it said "might" be a variation of a trojan. However I have had that file for five years and know it's okay. Went to quarantine to try and return it to its proper location and found three files which had all be removed at same time and assigned different names.

    Question #1 How do I return this file to its original form and location.

    Question #2: How do I fine the program which is trying to run so I may delete whatever needs to be deleted. Have searched for it and run CC Cleaner's registry app with no results.

    Many thanks.

    Gary Berns
     
  2. Cudni

    Cudni Global Moderator

    Joined:
    May 24, 2009
    Posts:
    6,956
    Location:
    Somethingshire
    what file does it want to run? what file was found as possible trojan did you let Eset know about it, in case it is false positive as you think? using CC go to tools/startup and see what is running there
     
  3. gberns

    gberns Registered Member

    Joined:
    May 2, 2004
    Posts:
    131
    I can not figure out what it is trying to run. Event viewer is no help and my startup programs are correct.
     
  4. ronjor

    ronjor Global Moderator

    Joined:
    Jul 21, 2003
    Posts:
    57,764
    Location:
    Texas
    Use SysInspector within ESS and Autoruns to see what is running on your computer.
     
  5. gberns

    gberns Registered Member

    Joined:
    May 2, 2004
    Posts:
    131
    I was mistaken when I said the problem was on the external drive. It turned out to be on the flash drive I use for ready boost under vista. I looked at it again and found autorun inf file. I have now removed it and the problem may be gone. What probably happened was that every time ready boost was used the autorun file was triggered.


    Incidentally, I still have no idea how Gaviri Search got on there.
     
Thread Status:
Not open for further replies.