Welcome, Guest. Please login or register.
December 01, 2009, 09:10:38 AM

Login with username, password and session length

339043 Posts
37532 Topics
85141 Members

Latest Member: ric158

Search:     Advanced search | Tag Cloud
+  Welcome to the Comodo Forum
|-+  Archive Boards
| |-+  Comodo Firewall
| | |-+  Help for v3
| | | |-+  False positives in V3 Malware scanner [Merged Threads]
« previous next »
Pages: [1] 2 3 4 Go Down Print
Author Topic: False positives in V3 Malware scanner [Merged Threads]  (Read 19291 times)
pentium d
Newbie
*
Offline Offline

Posts: 7



« on: February 11, 2008, 09:08:20 AM »

Hello ! Just want to ask for the  opinions here if I should delete the threat that i'm getting whenever i do the  CFP virus scan.    STATUS > AplicUnsafe.Win32.HackAV.G       LOCATION>  C: Program Files \ ESET\Nod32.fix.reg                CPU is performance is  ok. In addition to CFP I have an anti-spyware  >  AD-Aware 2007          and an anti-virus   NOD32  v2.7.              Im using Windows XP, service Pack 2.   Your responses will be highly appreciated.    Laugh
Logged
Vettetech
Guest
« Reply #1 on: February 11, 2008, 09:54:06 AM »

That sounds like you have a hacked version of NOD32. Did you download a warez crack so you can get NOD32 for free?
Logged
Ragwing
Global Moderator
Comodo's Hero
*****
Offline Offline

Posts: 3451



« Reply #2 on: February 11, 2008, 12:37:20 PM »

Crack, keygens and hack tools are often identified as malware, but are usually safe to use.
Since it's a .reg-file, you can easiliy open it with NotePad and check what registry keys it add/removed/modifies. If there's no suspicious keys affected, then it's safe to keep.

Cheers,
Ragwing
Logged

pentium d
Newbie
*
Offline Offline

Posts: 7



« Reply #3 on: February 11, 2008, 08:08:07 PM »

Thanks for the replies.  Sir Ragwing,  I opened up the .reg-file using Notepad and me being not a techie and just a newbie can't decipher what it says...  REGEDIT4

[HKEY_LOCAL_MACHINE\SOFTWARE\Eset\Nod\CurrentVersion\Info]
"View_CLSID"=dword:00000000

[HKEY_LOCAL_MACHINE\SOFTWARE\Eset\Nod\CurrentVersion\Modules\Update\Settings]
"DefaultServerCount"=dword:0000000a
"DefaultServer0"="http://u20.eset.com/nod_eval/"
"DefaultServer1"="http://u21.eset.com/nod_eval/"
"DefaultServer2"="http://u22.eset.com/nod_eval/"
"DefaultServer3"="http://u23.eset.com/nod_eval/"
"DefaultServer4"="http://u24.eset.com/nod_eval/"
"DefaultServer5"="http://89.202.157.135/nod_eval/"
"DefaultServer6"="http://89.202.157.136/nod_eval/"
"DefaultServer7"="http://89.202.157.137/nod_eval/"
"DefaultServer8"="http://89.202.157.138/nod_eval/"
"DefaultServer9"="http://89.202.157.139/nod_eval/"
"DefaultServer10"="http://u29.eset.com/nod_eval/"
"DefaultServer11"="http://u28.eset.com/nod_eval/"
"DefaultServer12"="http://u29.eset.com/nod_eval/"
"DefaultServer13"="http://u27.eset.com/nod_eval/"
"DefaultServer14"="http://u28.eset.com/nod_eval/"
"DefaultServer15"="http://u29.eset.com/nod_eval/"
"DefaultServer16"="http://u29.eset.com/nod_eval/"
                  Did it modified my registry keys? Is it safe to keep?
Logged
Vettetech
Guest
« Reply #4 on: February 11, 2008, 09:12:32 PM »

You never answered the question. Do you have a valid license for NOD32 or are you running a crack or keygen? That file that Comodo found is a registry crack for NOD32 license. That notepad reading are your NOD32 update servers. If you uninstall NOD32 then those files will be gone.
Logged
pentium d
Newbie
*
Offline Offline

Posts: 7



« Reply #5 on: February 11, 2008, 10:24:57 PM »

Vettetech, honestly, I have no idea whether the nod32 anti virus software  installed on my PC is legit or not.  A reformat was done on my CPU last November at the shop where I bought it 2 months earlier. I requested to a  technician to put in place an anti virus program. He chosed two,  a nod32 v2.7   and AVG v. 7.5. They worked well and without conflict at all. Since im no techie and just a noob , i started to browse online PC forums for tweaks and tips , like this one from Comodo.  That's when I learnt that having 2 AV's isn't advisable at all.  Besides, i noticed that the AVG is popping up a window telling me that I had a pirated version whenever I do the definition updates. The nod32 on the other hand is doing its job, quietly and no pop-up's or notices that my copy is illegal, so I assumed that it is a free authentic version.   So then i decided to uninstall the AVG and instead have an AD-Aware 2007 anti-spyware and a Comodo firewall , both   free downloads. Works great, no incompatibility issues between those three. I was just a bit perplexed on the virus scan result of Comodo which I posted above. Sir/s , How should i know if my nod32 is a genuine copy or not?  The nod 32, the AD-aware 2007 and the AVG before were in fact not showing the threat on their scans .Should i uninstall the nod32?  My  PC s workin' perfectly and showing no signs of virus infestation...Thanks for your help (R)
Logged
Soyabeaner
Global Moderator
Comodo's Hero
*****
Offline Offline

Posts: 7655



« Reply #6 on: February 11, 2008, 10:35:06 PM »

I think you should ask Eset, NOD32's vendor about its validity.

http://www.eset.com/company/contact.php
http://www.wilderssecurity.com/forumdisplay.php?f=15
Logged
Vettetech
Guest
« Reply #7 on: February 11, 2008, 10:45:47 PM »

Well in order to get NOD32 you need to pay for it. I know the cracks for NOD32 2.7 and thats one of them that you have. NOD32 is now changed to 3.0. If it shows no user name or password then its a cracked version. If the guy who worked on your pc never gave you a user name or password for NOD32 then he installed a cracked version of NOD32 2.7. You can ignore the warning Comodo give you but I am tell you its a crack. Its called NOD Fix 2.1. You can find it in a warez site. I cannot link you to a site cause its against policy but I am telling you the truth. You have an illegal copy of NOD32 with a registry fix so you can use the trial servers. Thats why it says EVAL. Those are trail servers and not the servers you get when you but NOD32. BTW I am a member of Wildersecurity and they do not like talk of warez.

« Last Edit: February 11, 2008, 10:47:47 PM by Vettetech » Logged
Vettetech
Guest
« Reply #8 on: February 11, 2008, 10:56:53 PM »

If you open up NOD32 and click on the click on the NOD32 tab under threat protection modules that should bring up your scanner options. On the bottom right you should see a NOD32 label. Also if you do a complete scan for unwanted programs it will find it. Also look to see if the reg fix is in the scanner exclusions.
Logged
ganda
ninja
Global Moderator
Comodo's Hero
*****
Offline Offline

Posts: 5555


temporary avatar


« Reply #9 on: February 12, 2008, 12:04:29 AM »

I think you should ask Eset, NOD32's vendor about its validity.

http://www.eset.com/company/contact.php
http://www.wilderssecurity.com/forumdisplay.php?f=15
nah, just uninstall them and use freeware like Antivir or Avast.  Cheers
btw, is it OK to run 2 AVs? NOD32 & AVG Huh
Logged

word of wisdom: do not do to others what you would not like to be done to you unless you have a rocket launcher
Soyabeaner
Global Moderator
Comodo's Hero
*****
Offline Offline

Posts: 7655



« Reply #10 on: February 12, 2008, 12:30:24 AM »

nah, just uninstall them and use freeware like Antivir or Avast.  Cheers
btw, is it OK to run 2 AVs? NOD32 & AVG Huh

Why are you asking us now?  Don't you run 50+ different AV's at all times Huh
Logged
ganda
ninja
Global Moderator
Comodo's Hero
*****
Offline Offline

Posts: 5555


temporary avatar


« Reply #11 on: February 12, 2008, 01:51:03 AM »

Why are you asking us now?  Don't you run 50+ different AV's at all times Huh
don't make me add more  Angry to my sig
Logged

word of wisdom: do not do to others what you would not like to be done to you unless you have a rocket launcher
Vettetech
Guest
« Reply #12 on: February 12, 2008, 07:13:02 AM »

One other clue should be if you look at your expiration date it should say something outrageous like 200000 days. If you remove the fix then NOD32 will stop working and say invalid user name and password. Just uninstall it and use Avast. Far better then AVG.
Logged
pentium d
Newbie
*
Offline Offline

Posts: 7



« Reply #13 on: February 12, 2008, 09:00:45 AM »

Thanks guys specially to Vettetech for your replies. I really appreciated it. As per your advice, I now uninstalled nod32 and downloaded Avast Home Edition Anti virus software in its place. So far so good. Seems my onboard security programs are working in sync.          To : ganda       I didn't noticed any symptoms of incompatibility between AVG anti virus and Nod32 when they are both installed on my OS at the same time. Inspite of the fact  now that its quite obvious that those two AV software loaded  on my system were unfortunately  cracked copies  Laugh
Logged
Vettetech
Guest
« Reply #14 on: February 12, 2008, 09:34:03 AM »

If I were you I would quesion the guy who worked on your pc. Doesn't seem like an honest person. Did he charge you for NOD32? Your welcome. BTW you can change the skin on Avast. There are tons to download on there site. You can also shut off the sounds so you dont here the voices when it updates.  Comodo Loves You
Logged
Tags:
Pages: [1] 2 3 4 Go Up Print 
« previous next »
Jump to:  

SSL Certificate Free Virus Removal Firewall
Page created in 0.045 seconds with 18 queries.
Powered by SMF 1.1.10 | SMF © 2006, Simple Machines LLC
Seo4Smf v0.2 © Webmaster's Talks
Design by 7dana.com