omg omg omg help me out pls...

Discussion in 'NOD32 version 2 Forum' started by faenil, Oct 24, 2007.

Thread Status:
Not open for further replies.
  1. faenil

    faenil Registered Member

    Joined:
    Oct 25, 2006
    Posts:
    88
    Hey guys I was looking for a crack for a software...but there was a virus in it...
    It disabled my Nod32 Security Suite and deleted the ekrn.exe file...

    Now it doesn't start..I tried to unistall it...

    I CAN'T REINSTALL AND I CAN'T INSTALL ANTIVIR!!!

    always gives error while extracting the kernel protecion module, even with antivir....
    Pls admins...help me out...I've got important data there...
    help me out guys... :(

    Thx ;)
     
  2. prozabor

    prozabor Registered Member

    Joined:
    Oct 24, 2007
    Posts:
    38
    Maybe try to use online scanner like as Kaspersy online. It should help You.
     
  3. HURST

    HURST Registered Member

    Joined:
    Jul 20, 2007
    Posts:
    1,419
    submit the file to virustotal.com to what threat it is. With that info you can start a search for clean/removal instructions.
    That are the risks inherent to cracking apps....try to avoid it
     
  4. bigc73542

    bigc73542 Retired Moderator

    Joined:
    Sep 21, 2003
    Posts:
    23,898
    Location:
    SW. Oklahoma
    And it might help to stay away from the crack sites as there is some really nasty malware out there.
     
  5. faenil

    faenil Registered Member

    Joined:
    Oct 25, 2006
    Posts:
    88
    the virus is seen as bagle.km by Nod32...but it didn't catch it when it got installed...:S

    I'm trying to run a removal utility from eset but it's too slow...coz winlogon.exe uses up 99% cpu..

    any manual removal?
     
  6. DennisTh

    DennisTh Registered Member

    Joined:
    Oct 18, 2007
    Posts:
    9
    Try it in safe mode.
     
  7. Kosak

    Kosak Registered Member

    Joined:
    Jul 25, 2007
    Posts:
    711
    Location:
    Slovakia
    Hi,

    I suppose that Bagle created hidden files and was written into windows registry. You have to find and delete these issues. When I solved this problem, I used ComboFix.:thumb:
     
  8. DennisTh

    DennisTh Registered Member

    Joined:
    Oct 18, 2007
    Posts:
    9
    It helps to use an assortment of tools. Some are specific to a problem, IE Combofix, CWshredder, vundofix, etc. and some aren't, IE Adaware, Spybot S&D, SuperAntiSpyware, etc.

    Using the appropriate tools in safe mode usually will clean a system. Of course you should have a backup of all your important data as these tools can fix your system and sometimes the fix is fatal.
     
  9. ASpace

    ASpace Guest


    Well , there are some variant of Bagle with rootkit behaviour which can disabled NOD32 if it is uninstalled before the malware appears . But I know for NOD32 v2 . This doesn't apply for v3 products ,AFAIK.

    I would download fresh installation file from www.eset.eu/download/beta , run it and perform repair .

    Then , if still problem with installation , I would use Gmer to check if there is rootkit stuff on the machine and the install Eset Smart Security.
     
  10. DennisTh

    DennisTh Registered Member

    Joined:
    Oct 18, 2007
    Posts:
    9
    Microsoft's Rootkit Revealer may be a tool you will want to use.
     
  11. twl845

    twl845 Registered Member

    Joined:
    Apr 12, 2005
    Posts:
    4,186
    Location:
    USA
    Can you please tell me what a crack site is? Thanks :)
     
  12. DennisTh

    DennisTh Registered Member

    Joined:
    Oct 18, 2007
    Posts:
    9
    It's where you go to download software that is supposed to allow you to generate activation codes but often turns out to be a trojan/spyware.

    :blink:
     
  13. faenil

    faenil Registered Member

    Joined:
    Oct 25, 2006
    Posts:
    88
    I solved the problem guys...I made a script for The Avenger and destroyed the virus! :D

    ps Dennis: Beagle doesn't let u go into safe mode ;)
     
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.