Niwus.exe is a virus or spyware?

krazymate · 15 Feb 2010

lol sorry guys just giving him some advice !
but ye you should ask a more required helper
cheers :) !

Jacee · 15 Feb 2010

Type regedit in the start seach box. Click on the icon .... now look for (by expanding each selection)
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN
Delete niwus if found.

Damarwulan · 18 Feb 2010

many thanks for your all reply...
and here the following analysis of the virus total that I have uploaded a few days ago:

File niwus.exe received on 2010.02.13 09:19:24 (UTC)
Current status: finished
Result: 19/41 (46.34%)

Antivirus Version Last Update Result
a-squared 4.5.0.50 2010.02.13 Trojan-Dropper.Agent!IK
AhnLab-V3 5.0.0.2 2010.02.12 -
AntiVir 7.9.1.160 2010.02.12 TR/Dropper.Gen
Antiy-AVL 2.0.3.7 2010.02.13 -
Authentium 5.2.0.5 2010.02.13 -
Avast 4.8.1351.0 2010.02.12 Win32:Malware-gen
AVG 9.0.0.730 2010.02.12 -
BitDefender 7.2 2010.02.13 -
CAT-QuickHeal 10.00 2010.02.13 -
ClamAV 0.96.0.0-git 2010.02.13 -
Comodo 3920 2010.02.13 TrojWare.Win32.TrojanDropper.Agent.bkhq
DrWeb 5.0.1.12222 2010.02.13 -
eSafe 7.0.17.0 2010.02.11 Win32.TRDropper
eTrust-Vet 35.2.7300 2010.02.12 -
F-Prot 4.5.1.85 2010.02.12 -
F-Secure 9.0.15370.0 2010.02.13 -
Fortinet 4.0.14.0 2010.02.13 W32/Agent.BKHQ!tr
GData 19 2010.02.13 Win32:Malware-gen
Ikarus T3.1.1.80.0 2010.02.13 Trojan-Dropper.Agent
Jiangmin 13.0.900 2010.02.08 TrojanDropper.Agent.aiqr
K7AntiVirus 7.10.972 2010.02.12 Trojan-Dropper.Win32.Agent.bkhq
Kaspersky 7.0.0.125 2010.02.13 Trojan-Dropper.Win32.Agent.bkhq
McAfee 5890 2010.02.12 -
McAfee+Artemis 5890 2010.02.12 Artemis!A3F4085D7B0E
McAfee-GW-Edition 6.8.5 2010.02.13 Trojan.Dropper.Gen
Microsoft 1.5406 2010.02.13 -
NOD32 4862 2010.02.12 -
Norman 6.04.08 2010.02.12 -
nProtect 2009.1.8.0 2010.02.13 Trojan-Dropper/W32.Agent.1675205
Panda 10.0.2.2 2010.02.12 Trj/Downloader.MDW
PCTools 7.0.3.5 2010.02.13 Trojan.Generic
Prevx 3.0 2010.02.13 -
Rising 22.34.01.03 2010.02.11 Dropper.Win32.DotNet.a
Sophos 4.50.0 2010.02.13 -
Sunbelt 5675 2010.02.13 -
Symantec 20091.2.0.41 2010.02.13 Trojan Horse
TheHacker 6.5.1.4.191 2010.02.13 -
TrendMicro 9.120.0.1004 2010.02.13 -
VBA32 3.12.12.2 2010.02.12 Trojan-Dropper.Win32.Agent.bkhq
ViRobot 2010.2.13.2186 2010.02.13 -
VirusBuster 5.0.21.0 2010.02.12 -

Additional information File size: 1675205 bytes MD5 : a3f4085d7b0ef568417f77aab1c419d4 SHA1 : 4bae0206f964af933ba64312ef8e2a740cff027f SHA256: 787fac9a7a1e4c2e40596e8455cf548c5a0b1577e48c22bb6feff3329769e565 PEInfo: PE Structure information

( base data )
entrypointaddress.: 0x3213E
timedatestamp.....: 0x4B27F03C (Tue Dec 15 21:23:24 2009)
machinetype.......: 0x14C (Intel I386)

( 4 sections )
name viradd virsiz rawdsiz ntrpy md5
.text 0x2000 0x30144 0x30200 7.98 680bc6b61da4bcfbf189fbf06a25af62
.sdata 0x34000 0x6E 0x200 1.63 83ffd7587ae4141748d42dc788d4ee59
.rsrc 0x36000 0xA3C 0xC00 4.42 5389ec9df06e82fc816dfcdcf987a755
.reloc 0x38000 0xC 0x200 0.10 f69b4c42ddbfebb4afb585957632447e

( 1 imports )

> mscoree.dll: _CorExeMain

( 0 exports )
TrID : File type identification
Generic CIL Executable (.NET, Mono, etc.) (72.5%)
Windows Screen Saver (12.9%)
Win32 Executable Generic (8.4%)
Win16/32 Executable Delphi generic (2.0%)
Generic Win/DOS Executable (1.9%) ssdeep: 12288:jvQG/UIHmNLsdXcXovVVZIIs+KjNf+VQ52L:ktIG58EAV0+8Nf+AY sigcheck: publisher....: Microsoft
copyright....: Copyright (c) Microsoft
product......: n/a
description..:
original name: stub.exe
internal name: stub.exe
file version.: 1.0.0.0
comments.....: n/a
signers......: -
signing date.: -
verified.....: Unsigned
PEiD : - RDS : NSRL Reference Data Set
-

but I wonder why my AVG did not detect anything?, do I have to change the anti-virus?
once again ...., what is the best antivirus?

Corrine · 18 Feb 2010

but I wonder why my AVG did not detect anything?, do I have to change the anti-virus?
once again ...., what is the best antivirus?

Not every antivirus software or anti-malware software has the identical detections. If they did, why would there be multiple products?

As to asking which A/V is the best product, you could receive as many recommendations as people who respond to your question because it seems everyone has a favorite. :) The best A/V product is the licensed or free A/V that works well on your computer and has the features you are comfortable with.

A/V is not the only line of defense. A good anti-malware software with real-time protection as well as keeping your software up to date with all security updates. This does not mean just Microsoft security updates but also products by Adobe and Oracle SunJava.

Now that the "lecture" is over

, have you run Malwarebytes as previously suggested?

krazymate · 19 Feb 2010

Definatly you need a new anti virus Avg is no good for you
im not a big fan of it myself it runs extra programs in the task manager which helps slow your pc down
it wont be any good for you
Yes there is free antivirus software out there BETTER than Avg
such as
Avast - it gives you a online scanner to so if any sites you may come across which leaks a bug through your pc it will pick it up straight away i like to say its like NOD 32 it does exact same job i have it myself.
Malwarebytes - this is a great ! scanning program but if its thhe free version you wont be able to run it full time unless you have a serial key but its great for detecting spyware trojans etc...
NOD32 - this i would certainly recomend no no its not free i know
but put it this way
it will do everything you want it to do it will pick up your socks and put them in your draw !
im sure you can get it off siites i cant say because its windows 7 forum i goot a warning already lol
but have a look round anyway but certainly
ii would recomend get a new antiivirus !
Good Luck !