Help, a friend installed nod32 crack and I'm not sure it is completely removed

Discussion in 'malware problems & news' started by Monkey_Feces, Aug 24, 2006.

Thread Status:
Not open for further replies.
  1. Monkey_Feces

    Monkey_Feces Registered Member

    Joined:
    Aug 24, 2006
    Posts:
    52
    A friend who is more computer saavy than I, but not as security conscious as me recommended I try nod32. When I was reluctant to ditch avira's antivir personal for it, my friend finally became exasperated and installed the trial version and crack. At the time, I thought nod32 was a freeware software solution, but when doing my occassional add/remove software tab check, I found an interesting Nod32FiX 1.7. I threw the file at virustotal and it returned with one virus named w32/nsane!p2p. I immediately removed every shread of nod32 I could find on my system. My main question is, what is the possibility that this cracked nod32 contained a rootkit or something that not even virus total picked up? Would I have to reformat my system? I had been using the cracked nod32 for about a week before I uninstalled it from my system. What are the chances my personal information could have been stolen by an unknown keylogger? If I scanned my system with a squared free, trend micro online, symnatec online, avira anti vir, ewido free, adaware, spybot, and hijack this and nothing turned up, what are the chances that I still have any malicious software on my system? Note: I really wouldn't want to reformat because it will be extremely inconvenient. Please do not recommend I reformat unless it is positively necessary.
     
  2. webyourbusiness

    webyourbusiness Registered Member

    Joined:
    Nov 16, 2004
    Posts:
    2,640
    Location:
    Throughout the USA and Canada
    with all the scans you said you did, I'd assume the machine is clean... of course, you could always buy a copy of NOD32 and scan the machine thoroughly... ;)
     
  3. Chubb

    Chubb Registered Member

    Joined:
    Aug 9, 2005
    Posts:
    1,967
    Surprised to see people using cracked NOD32 and attempting to get support in this official NOD32 forum!!! No offense, but you are using cracked software at your own risk!!! I don't think you will get support here for using cracked NOD32 in the official NOD32 forum...
     
  4. NOD32 user

    NOD32 user Registered Member

    Joined:
    Jan 23, 2005
    Posts:
    1,766
    Location:
    Australia
    Hi Monkey_Feces,

    Please make sure that your C:\Program Files\ESET folder is deleted after you have un-installed the NOD32 and associated things your friend installed for you.
    Download the proper trial version which is for 30 days only, you can find it here then install and configure it as Blackspear has described here.
    Make sure you run the full system scan and clean when you get to post #79, and if unsure then also repeat this scan in safe mode after it has completed.

    If you're concerned about the possibility of a rootkit and would like a second opinion you may like to try RootkitRevealer which is freeware. It is documented and available for download from here.

    Also, it would be good if you can provide the details of your friend to legal @ eset.com and include a link to this thread. Also describe as best as you can what this friend did to your PC.

    Cheers :)
     
  5. WSFuser

    WSFuser Registered Member

    Joined:
    Oct 7, 2004
    Posts:
    10,632
    afaik, nod32fix is just a crack and nothing more. some AV may detect it as a tool or riskware but thats all it is.

    just remove the crack and all should be well. use the legitimate trial version of nod32. and if u decide u like it, then buy it.
     
  6. Monkey_Feces

    Monkey_Feces Registered Member

    Joined:
    Aug 24, 2006
    Posts:
    52
    I think I will just stick with Avira's antivir. I don't really want to turn in my friend because I'm sure he was only trying to help me. I already talked to him about illegal software downloads and how they could contain nasty undetectable stuff, but I have yet to figure out if he has heeded me.
     
  7. NOD32 user

    NOD32 user Registered Member

    Joined:
    Jan 23, 2005
    Posts:
    1,766
    Location:
    Australia
    No worries - we'll be here if you decide to try NOD32 properly.

    Cheers :)
     
  8. agoretsky

    agoretsky Eset Staff Account

    Joined:
    Apr 4, 2006
    Posts:
    4,032
    Location:
    California
    Hello,

    It is unfortunate your friend did you this disservice by installing what may have been a damaging program on your computer.

    While it is very likely your system has not be compromised, there is no practical way to be sure of this. Right now, all you can be assured of is that none of the programs you have run or services you have used to check your computer for malicious software found anything.

    If you have any data on your computer which is valuable or otherwise precious to you (e.g. unique), I would strongly suggest making at least one backup copy of it and then testing one of the backup sets by restoring it, preferably on a different computer. The key thing here is that you should only backup data files, not program files which can be executed by the operating system or applications on it. You can then erase the hard disk drive, reinstall your operating system and applications from the manufacturer's original discs and, finally, re-load your data from its backup set.

    I know this is a lengthy and time-consuming process, but this is also the best thing to do in terms of ensuring the privacy of your computing environment and integrity of your data.

    Regards,

    Aryeh Goretsky
     
Loading...
Thread Status:
Not open for further replies.