Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 285
  • Last Modified:

Program infected by Trojan.Win32.RegKill.e .

I have compiled a program for installation and someone reverted that it is being infected by Trojan.Win32.RegKill.e .

I have scanned through my all the folder in my machine using trendmicro and spyhunter. Nothing was found.

So ,I went into the registry and lookout for files such as execute.exe, pif.tif and freakme.txt .

I have removed them from my machine and recompile the installation files, however they are still being infected by the virus.

Can anyone pls advise.
1 Solution
Give hijackthis a go
Download it
Put it in it's own folder
run it
paste the log at the site
fix the suggested nasty changes.

Also do a virusscan.

Get either of those free ones.

Now when scanning for spyware/virii remember the following
scan in safemode (too)
when scanning disconnect from the internet / any network
Reboot twice and scan again
When scanning end task on explorer.exe

See if that sorts it.
If not maybe you would like to try any of these:
CWshredder http://www.majorgeeks.com/download4086.html
Spybot : http://www.download.com/3000-8022-10122137.html
adaware : http://www.lavasoftusa.com/
STINGER : http://vil.nai.com/vil/stinger/ 
http://housecall.trendmicro.com/ online scan for trojans
http://www.spychecker.com/program/coolwebshredder.html CWshredder
http://www.spychecker.com/program/hijackthis.html download
http://www.hijackthis.de/index.php?langselect=english check the log
Well if you compiled a program with sourcecode you can trust it's highly unlikely that it is a virus.

Maybe if it's a rather common application, you might check google with "ApplicationName" + Trojan.Win32.RegKill

If there is is no evidence, it's a false alarm.

Especially if no other file on your HD is infected with this "virus".

I would excludde that file from scanning in your virus scanner and send it for further inspcetion to the antivirus  manufacturer.

If the trojan is getting into your app it might have infected one of the obj files.
Make sure you delete all intermediate files before recompiling.
Get rid of any obj and pch and any other intermediate files that your compiler creates..
Some compilers won't recreate these files if they don't have to. If one of them is infected it will keep showing up in your final  binary.
 does your app have any dependencies on other files.
maybe one of them is infected.
If there is no other evidence of the trojan then it might be possible that the identifying signature of the trojan is very similar that of your app giving a false positive from the anti-virus software. Although this is very rare.

Featured Post

The Lifecycle Approach to Managing Security Policy

Managing application connectivity and security policies can be achieved more effectively when following a framework that automates repeatable processes and ensures that the right activities are performed in the right order.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now