Trojan virus/ spyware that can uninstall itself?

is there a Trojan virus/ spyware already written/ developed that can uninstall itself whenever the hacker decides to?
so it will definitely be not detected by any antivirus / antispyware once it senses that the victim is now installing an antivirus/ anti- spyware?

for example, the virus/ spyware is controlled remotely by a hacker and its intention is to spy over me and then the hacker uninstalled it remotely so that i will not discover what happened?

because I'm really worrying whether there was indeed a spyware that was used against me in the past
but i just can not detect it now with my antivirus/ anti spyware (Microsoft Security Essentials) because the hacker or the intruder uninstalled it before i had the antivirus/ anti spyware?
thank you very much.
I really hope that this question will be answered.

Discussion is locked

Reply to: Trojan virus/ spyware that can uninstall itself?
PLEASE NOTE: Do not post advertisements, offensive materials, profanity, or personal attacks. Please remember to be considerate of other members. If you are new to the CNET Forums, please read our CNET Forums FAQ. All submitted content is subject to our Terms of Use.
Reporting: Trojan virus/ spyware that can uninstall itself?
This post has been flagged and will be reviewed by our staff. Thank you for helping us maintain CNET's great community.
Sorry, there was a problem flagging this post. Please try again now or at a later time.
If you believe this post is offensive or violates the CNET Forums' Usage policies, you can report it below (this will not automatically remove the post). Once reported, our moderators will be notified and the post will be reviewed.
- Collapse -

Probably not a virus or trojan because they would have to be running for them to work.

But look up Rootkits, example explanation here;

Many anti-virus and anti-malware scanners can now find rootkits, but they change often and they are often difficult to find without special software, eg Sysinternals Rootkit Revealer.

Tell us what anti-virus you are running, and what other anti-malware scanners you are using.


- Collapse -
Im using Microsoft Security Essentials as Anti-virus/spyware

I'm using Microsoft Security Essentials as Anti-virus/spyware for now.

in the past, when I will probably get the trojan virus/ spyware, I'm using Avast.

so i also have an antivirus somehow running in my computer.

i'm just still worrying maybe it got past my antivirus that time which is Avast.

Btw, im not yet uninstalling my Avast and I'm running it now with Microsoft Security Essentials

i ran a full scan of Microsoft Security Essentials which took so long, more than 16 hours,

but it did not find any virus / spyware that will become an evidence of hacking that occurred

- Collapse -
What I see

is MSE and Avast. They are both anti-virus scanners with some anti-spyware scanning built in. But if you have both running in the background continuously then you may see some strange effects as they each fight for access to the same files to scan them.

The general, (but unwritten), rule is, use only one firewall and use only one anti-virus scanner as using two or more of each at the same time can cause conflict and performance issues.

However, in addition to the above, use two or more 'stand-alone' anti-malware scanners which do not run in the background but instead you run regular manual scans, say weekly or so, and the two that are often recommended in these forums are; the free versions of Malwarebytes Anti-malware and SUPERAntiSpyware

So, may be not a rootkit, but instead two AV's conflicting with each other.


- Collapse -
While Mark says it is UNWRITTEN ...

I will disagree and say that it is well documented to NOT use two Anti-Virus apps running in real mode and ESPECIALLY with Microsoft Security Essentials. This is what Microsoft advises:

Note where it says "Remove ALL real-time anti-malware products that were ever installed on your PC (Norton, McAfee, TM, AVG, Avast, Avira, ESET, etc.) Uninstall your previous real-time anti-malware. Then, use the removal/cleanup tools in this thread. Not only should you remove your current anti-malware product(s), you should also uninstall any free or trial anti-malware products that may have been installed on your PC when purchased, even if never activated. "

I would also recommend the Sophos Anti-Rootkitrather than the older Sysinternals utility as I have found it to be more efficient:

Before your "hacker" worries cause unhealthy high blood pressure could you maybe tell us WHY you think you were "hacked" and what virus or spyware you think was installed on your computer. Doing so might enable us to offer more specific suggestions or possibly even to alleviate your worries - most such turn out to be baseless and non-existent.

- Collapse -
I agree, but

what I meant, and failed to clarify sufficiently, was that for general users there is no easy advice about this. It isn't intuitive in the sense that Windows doesn't tell us not too install more than one AV, and while some anti-virus setup procedures might tell the user to uninstall any other version before continuing, it is all a bit hit and miss.


- Collapse -
Viruses that remove itself at the end of theri missions

It reminded me our informatics course down at the past, and yea it might happen to be programmed like that, so at the end it destroy itself... but it isn't an really virus but an malware. Anyway, you can test by your self and all you need is just "Notepad.exe" and just some information.
Type on page of Notepad:

@echo off
echo this is a virus /* or whatever you like */
del filename.txt /* a file name that you know that is there down on the location for delete */
del virus.bat /* at this moment the batch file virus destroy itself without let you out understand what happened */

Now on menu File > SaveAs name the file as virus.bat and put on same folder of the file for delete and click.

This way we used to destroy systems, but now it works the same for USB Drive - but it is sometime called autorun.inf or modified the file that some usb have for some reasons (let say for logo on load) have, but that is just the load and not the virus. Because 16bit applications mostly don't work normally on newer OS, the same idea is worked but with other applications rather than Notepad.exe and the "autorun.inf" just call the real virus.

If you create this batch file just for learning and scan with antivirus it seams to be ok and just a few Antivirus check the code inside. but if you change the period from .but to .exe or .com then the virus will work and the Antivirus is not going to check the code anymore because for it, this is a binary file and even for your OS.

Lastly, a virus can not inject itself and destroy itself, because the memory it would be full because of infinite process of self inject and self destroy. these are named and classified as malware and backdoor trojans are just a bridge to let you after inject your virus, file or whatever you want to pass to your enemy.

See U on Facebook

- Collapse -
Your comment

"This way we used to destroy systems".

Remind me never to contact you.

And by the way, thanks for the note about the notepad trick in your reply to me. I knew it already.

I don't use Facebook, and with you there, I'm pleased I don't.


- Collapse -
but can a spyware...

but can a spyware, the one that is actually made and used stealthily, be injected and/or remove unnoticeably?
or in other words, can it be remove while making it secret to the victim? or not leaving any signs?

if it was really exploited to the victim, will it have to leave any traces? will it be detected by my antivirus which is microsoft security essentials by detecting some malicious files that is a showing evidence?

or can it be remove entirely, including all possible trace of evidence, as if it seem to have never happened?

by runnning a full scan of microsoft security essentials and finding out no malicious files entirely, can we really say that there was no case of hacking or exploitation of spyware occurred?

because i am really worrying because i feel that there really is a hacking occurred. but i just could not find any evidence. i just feel it. it appears to my dream. Sad

- Collapse -

But to do that you will have to have let the "Hacker" in in the first place. Using a firewall will help protect against that, but no firewall will prevent you as the user clicking Yes to some scam or other, or downloading and installing some software app that lets the hacker in.

No anti-virus will catch everything, not MSE, nor an of the other recognised anti-virus scanners. That's why we also use manual scanners like Malwarebytes' Anti-malware and SUPERAntispyware to help find those malware things that AVs do not detect.

But again, at the end of the day, malware writers and hackers are powerless if we are on our guard. We are the first defense and the best defense.


- Collapse -
here it is...

here it is, it is because i have been worrying that my computer, which is a laptop, is hacked in the sense that it comes to the point that my built-in webcam is hacked.
it's really scary.
is this even possible?
if so, what can i do now?
i already ran a scan of microsoft security essentials and it found no related malicious files.
am i already safe? probably for now.
but, what about in the past?
what if i am being hacked in the past?
how do i know?
what if the hacker just stopped hacking because he sensed that my computer is getting protected by microsoft security essentials?
what if he just deleted the files that will be counted as an evidence of the compromising being done?
is this possible?
can he really spy on me and decide to stop spying after he discovered that he will probably be found out.
in the past, as i mentioned earlier, i used an antivirus which is avast.
i also do not let anyone other than me and my family touch my computer/laptop.
i also am not turning off my firewall which is windows built-in windows firewall, since the time i bought my laptop.
am i already safe at this point?
do i not have anything to worry about then now?
now, i am installing a free version of SUPERAntiSpyware, and will run a quick scan of it.
i wonder if it could find any malicious file related to a sinister action like webcam hacking.
i hope there will be no malicious files.

- Collapse -

But if you continue down this road you may end up being so paranoid that you remove all enjoyment of using these things.

There are ways to avoid all this such as running the OS from CD which is read only. Example at link.


CNET Forums

Forum Info