Hi all,
I have McAfee and spy bot guarding my system but something seems to have gotten through the net. Initially mcafee jumped into action on "nod64" I think it was, it was only there for a second. And I denied requests with spybot when nod 32 was asking to change the registry.
Mcafee, spybot and adaware all scan clean but malwarebytes shows this...
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices\Nod32 Service (Backdoor.Bot) -> Quarantined and deleted successfully
But this entry reappears instantly, even when deleted by hand
It was originally linked to cmd.exe, so I've edited the reg value (just incase that helps
)
I've tried many things to try and resolve this
cwshredder, fxagentB, smitfraud and many scans (all of which were in safe mode)
I even had a look with autoruns and killed everything except antivirus processes and still it persists.
I've searched all over the net but the only info I can find is that nod32 service is a bad thing, not how to sort it out. So if you could please offer some advice it would be greatly appreciated.
Thanks in advance
S
I have McAfee and spy bot guarding my system but something seems to have gotten through the net. Initially mcafee jumped into action on "nod64" I think it was, it was only there for a second. And I denied requests with spybot when nod 32 was asking to change the registry.
Mcafee, spybot and adaware all scan clean but malwarebytes shows this...
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices\Nod32 Service (Backdoor.Bot) -> Quarantined and deleted successfully
But this entry reappears instantly, even when deleted by hand
It was originally linked to cmd.exe, so I've edited the reg value (just incase that helps
)I've tried many things to try and resolve this
cwshredder, fxagentB, smitfraud and many scans (all of which were in safe mode)
I even had a look with autoruns and killed everything except antivirus processes and still it persists.
I've searched all over the net but the only info I can find is that nod32 service is a bad thing, not how to sort it out. So if you could please offer some advice it would be greatly appreciated.
Thanks in advance
S
