The Nod32 was running great until I noticed that email scanning (IMON ?) was off.

After turning it on and rebooting, it takes approx 6-10 min to boot up. I can see the desktop background and the mouse pointer. There is some disk activity too.

Sometimes I have to manually reset the PC because it will not load the explorer and other software.

Any ideas ?

Thank you.

BIOSTAR IDEQ200N SFF case
Biostar M7NBA nVIDIA nForce2 IGP + MCP-T
AMD Athlon XP 2600 Barton
1 GB DDRAM3200 GEIL
ATI Radeon 9600XT 128 MB
Seagate 160 GB
Cendyne DWD+-RW
Windows XP PRO

I can see the desktop background and the mouse pointer, but once I'm able to hit ctrl-alt-del the CPU isn't maxed out, actually there is NO activity ??

The system is idle...

It takes just over 10 minutes to load the explorer and everything runs smooth after that.

It's been over 48 hours now and still no response from ESET tech support...

I wish I had used my credit card so I could dispute the charges.

Try "Repair Now" found in Control Centre> IMON> Setup

There is also a newer version of IMON in the following thread:

http://www.wilderssecurity.com/showthread.php?t=35206

If that doesn't work can you download and run Hijack This, found in the following thread:

http://www.wilderssecurity.com/showthread.php?t=15913

and post the results here, if the problem is related to something within the HJT log then this post will be moved to the appropriate forum...

Hope this helps...

Cheers ;D

That file didn't help :(

Also the Repair Now button didn't help.

Still no response from ESET.

Here is my log

(I wanted to remove the bolded items, but I'll wait)



Logfile of HijackThis v1.97.7
Scan saved at 1:39:58 PM, on 6/16/2004
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Sygate\SPF\smc.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\SYSTEM32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\APC\APC PowerChute Personal Edition\mainserv.exe
C:\Program Files\Executive Software\Diskeeper\DkService.exe
C:\Program Files\Norton GoBack\GBPoll.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Eset\nod32krn.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\DU Meter\DUMeter.exe
C:\Program Files\Messenger Plus! 3\MsgPlus.exe
C:\Program Files\Eset\nod32kui.exe
C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
C:\Program Files\Messenger\MSMSGS.EXE
C:\Program Files\Norton GoBack\GBTray.exe
C:\Documents and Settings\user\Desktop\HJT\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = C:\Program Files\Copernic Agent\Web\SearchBar.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = c:\Program Files\Common Files\Microsoft Shared\Stationery\Blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {4A3A071E-F913-4eee-AE15-AEFFA16FB6BC} - C:\WINDOWS\PopUpWasher21.dll
O2 - BHO: Zero Popup - {EB23F789-F17F-4bcc-988B-6B70A3A67E9C} - C:\PROGRA~1\Zero Popup\Zero-Popup.dll
O3 - Toolbar: Net Snippets - {67970B26-F57D-4455-8262-81C3AE3B8B5E} - C:\PROGRA~1\NETSNI~1\NetSnip.dll
O3 - Toolbar: Copernic Agent - {F2E259E8-0FC8-438C-A6E0-342DD80FA53E} - C:\Program Files\Copernic Agent\CopernicAgentExt.dll
O4 - HKLM\..\Run: [SmcService] C:\PROGRA~1\Sygate\SPF\smc.exe -startgui
O4 - HKLM\..\Run: [DU Meter] C:\Program Files\DU Meter\DUMeter.exe
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\Messenger Plus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKCU\..\Run: [SpySweeper] "C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe" /0
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\MSMSGS.EXE" /background
O4 - Global Startup: Norton GoBack.lnk = C:\Program Files\Norton GoBack\GBTray.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: Add To Net Snippets - C:\PROGRA~1\NETSNI~1\Res\Clipper.htm
O8 - Extra context menu item: Search Using Copernic Agent - C:\Program Files\Copernic Agent\Web\SearchExt.htm
O9 - Extra 'Tools' menuitem: Sun Java Console (HKLM)
O9 - Extra button: Spy (HKLM)
O9 - Extra 'Tools' menuitem: MSIE &Spy (HKLM)
O9 - Extra 'Tools' menuitem: Launch Copernic Agent (HKLM)
O9 - Extra button: Copernic Agent (HKLM)
O9 - Extra button: Snippets (HKLM)
O9 - Extra button: Messenger (HKLM)
O9 - Extra 'Tools' menuitem: Messenger (HKLM)
O10 - Broken Internet access because of LSP provider 'imon.dll' missing
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) - http://download.macromedia.com/pub/shockwave/cabs/director/swdir.cab
O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} (FilePlanet Download Control Class) - http://www.fileplanet.com/fpdlmgr/cabs/FPDC_1_0_0_42.cab
O16 - DPF: {3E68E405-C6DE-49FF-83AE-41EE9F4C36CE} (Office Update Installation Engine) - http://office.microsoft.com/officeupdate/content/opuc.cab
O16 - DPF: {814EA0DA-E0D9-4AA4-833C-A1A6D38E79E9} (DASWebDownload Class) - http://das.microsoft.com/activate/cab/x86/i486/NTANSI/retail/DASAct.cab
O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) - http://v4.windowsupdate.microsoft.com/CAB/x86/unicode/iuctl.CAB?38048.3607060185
O16 - DPF: {B9191F79-5613-4C76-AA2A-398534BB8999} - http://us.dl1.yimg.com/download.yahoo.com/dl/installs/suite/autocomplete.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab


Thank you for your help :)

Did you actually send the request to support@nod32.com or to a local distributor? I suggest you send a log created by the npe utility (http:\\eset.zftp.com/npe.exe) to the aforementioned email address along with a description of the problem and the information about installed NOD32 from your Control Center.

Ok guys this is weird :)

I moved the slider (compatibility setup) from Maximum efficiency to Maximum Compatibility and rebooted. It worked just fine. After that I moved the slider back to Maximum Efficiency and rebooted.

It works! :)

Don't know why but it works great :D my boot time is normal, no slowdown whatsoever.

Thank you guys for your help.


PS Marcos All I did was fill out that form in Support section on their site, thanks for the email address.

Glad to see that everything is working now.

With regards to your HJT log, leave 010, and ask further about 016 in the forum I linked to: http://www.wilderssecurity.com/forumdisplay.php?f=26 I think it should go. Everything else looks ok...

Cheers ;D