False positives in V3 Malware scanner [Merged Threads]

Hello ! Just want to ask for the opinions here if I should delete the threat that i’m getting whenever i do the CFP virus scan. STATUS > AplicUnsafe.Win32.HackAV.G LOCATION> C: Program Files \ ESET\Nod32.fix.reg CPU is performance is ok. In addition to CFP I have an anti-spyware > AD-Aware 2007 and an anti-virus NOD32 v2.7. Im using Windows XP, service Pack 2. Your responses will be highly appreciated. (:LGH)

That sounds like you have a hacked version of NOD32. Did you download a warez ■■■■■ so you can get NOD32 for free?

■■■■■, keygens and hack tools are often identified as malware, but are usually safe to use.
Since it’s a .reg-file, you can easiliy open it with NotePad and check what registry keys it add/removed/modifies. If there’s no suspicious keys affected, then it’s safe to keep.


Thanks for the replies. Sir Ragwing, I opened up the .reg-file using Notepad and me being not a techie and just a newbie can’t decipher what it says… REGEDIT4


Did it modified my registry keys? Is it safe to keep?

You never answered the question. Do you have a valid license for NOD32 or are you running a ■■■■■ or keygen? That file that Comodo found is a registry ■■■■■ for NOD32 license. That notepad reading are your NOD32 update servers. If you uninstall NOD32 then those files will be gone.

Vettetech, honestly, I have no idea whether the nod32 anti virus software installed on my PC is legit or not. A reformat was done on my CPU last November at the shop where I bought it 2 months earlier. I requested to a technician to put in place an anti virus program. He chosed two, a nod32 v2.7 and AVG v. 7.5. They worked well and without conflict at all. Since im no techie and just a noob , i started to browse online PC forums for tweaks and tips , like this one from Comodo. That’s when I learnt that having 2 AV’s isn’t advisable at all. Besides, i noticed that the AVG is popping up a window telling me that I had a pirated version whenever I do the definition updates. The nod32 on the other hand is doing its job, quietly and no pop-up’s or notices that my copy is illegal, so I assumed that it is a free authentic version. So then i decided to uninstall the AVG and instead have an AD-Aware 2007 anti-spyware and a Comodo firewall , both free downloads. Works great, no incompatibility issues between those three. I was just a bit perplexed on the virus scan result of Comodo which I posted above. Sir/s , How should i know if my nod32 is a genuine copy or not? The nod 32, the AD-aware 2007 and the AVG before were in fact not showing the threat on their scans .Should i uninstall the nod32? My PC s workin’ perfectly and showing no signs of virus infestation…Thanks for your help (R)

I think you should ask Eset, NOD32’s vendor about its validity.


Well in order to get NOD32 you need to pay for it. I know the cracks for NOD32 2.7 and thats one of them that you have. NOD32 is now changed to 3.0. If it shows no user name or password then its a cracked version. If the guy who worked on your pc never gave you a user name or password for NOD32 then he installed a cracked version of NOD32 2.7. You can ignore the warning Comodo give you but I am tell you its a ■■■■■. Its called NOD Fix 2.1. You can find it in a warez site. I cannot link you to a site cause its against policy but I am telling you the truth. You have an illegal copy of NOD32 with a registry fix so you can use the trial servers. Thats why it says EVAL. Those are trail servers and not the servers you get when you but NOD32. BTW I am a member of Wildersecurity and they do not like talk of warez.

If you open up NOD32 and click on the click on the NOD32 tab under threat protection modules that should bring up your scanner options. On the bottom right you should see a NOD32 label. Also if you do a complete scan for unwanted programs it will find it. Also look to see if the reg fix is in the scanner exclusions.

nah, just uninstall them and use freeware like Antivir or Avast. :■■■■
btw, is it OK to run 2 AVs? NOD32 & AVG ???

Why are you asking us now? Don’t you run 50+ different AV’s at all times ???

don’t make me add more >:( to my sig

One other clue should be if you look at your expiration date it should say something outrageous like 200000 days. If you remove the fix then NOD32 will stop working and say invalid user name and password. Just uninstall it and use Avast. Far better then AVG.

Thanks guys specially to Vettetech for your replies. I really appreciated it. As per your advice, I now uninstalled nod32 and downloaded Avast Home Edition Anti virus software in its place. So far so good. Seems my onboard security programs are working in sync. To : ganda I didn’t noticed any symptoms of incompatibility between AVG anti virus and Nod32 when they are both installed on my OS at the same time. Inspite of the fact now that its quite obvious that those two AV software loaded on my system were unfortunately cracked copies (:LGH)

If I were you I would quesion the guy who worked on your pc. Doesn’t seem like an honest person. Did he charge you for NOD32? Your welcome. BTW you can change the skin on Avast. There are tons to download on there site. You can also shut off the sounds so you dont here the voices when it updates. (CLY)

It’s ok, but it’s not recommend. Instead, use one for real-time, and the other one as an on-demand scanner.
They might conflict with eachother.



During Installation Comodo Firwall Pro Version I have been scanning my System.
Comodo showed me also 2 files:
Trojan.Win32.Patched.m(ID = 0x72d15) C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
Trojan.Win32.Patched.m(ID = 0x72d15) C:\WINDOWS\system32\winlogon.exe

But ein cannot believe that this 2 files are trojans?
To delete this files may cause a incorrect working system ist my opinion.

I uploaded this 2 files to an online Scanner. The result was " no Threat".

There are a number of false positives reported with this initial version of the cfp3 virus scanner. Should be upgraded as we go along. These should just be verified with a second anti-virus tool-which you would probably do anyway. I get two false positives also. :wink:

you may want to take a look at this: http://www.techsupportforum.com/security-center/hijackthis-log-help/152865-nhfenhf-dll-removal.html or you may not.


Thank you for your prompt reply.

Is there a chance to get the Firewall 3.0 in german language?