Friendly request: why is NOD32 on my PC?

Discussion in 'ESET NOD32 Antivirus' started by hughdrbf, Nov 26, 2008.

Thread Status:
Not open for further replies.
  1. hughdrbf

    hughdrbf Registered Member

    Joined:
    Nov 26, 2008
    Posts:
    19
    Hi Forum folks. Please advise what is happening and how to correct:

    Frequently on my Vista system I will see a yellow balloon appear at the task bar telling me I need to update NOD32. It looks like an official MS Vista notifier.

    Also frequently when I close IE7 it crashes with the message "Error caused by NOD32 Antivirus Situation: No solution available".

    I have not installed NOD32 on my system and find no record of it in either my registry or Program Files folder.

    All comments welcome. Please help me understand what's happening and how to correct it.

    Thanks.
     
  2. Dark Shadow

    Dark Shadow Registered Member

    Joined:
    Oct 11, 2007
    Posts:
    4,553
    Location:
    USA
  3. Marcos

    Marcos Eset Staff Account

    Joined:
    Nov 22, 2002
    Posts:
    14,376
    Don't you have McAfee installled by chance? Recently Microsoft has incorrectly identified ESET as the cause of an issue instead of McAfee.
     
  4. hughdrbf

    hughdrbf Registered Member

    Joined:
    Nov 26, 2008
    Posts:
    19
    Thanks Marcos. I have never had McAfee installed on my system.
     
  5. proactivelover

    proactivelover Registered Member

    Joined:
    Apr 7, 2006
    Posts:
    840
    Location:
    Near Wilders Forums
    hello
    what Eset Antivirus you have install pls tell us build
     
  6. Joliet Jake

    Joliet Jake Registered Member

    Joined:
    Mar 1, 2005
    Posts:
    911
    Location:
    Scotland

    He said he's never installed NOD.
     
  7. hughdrbf

    hughdrbf Registered Member

    Joined:
    Nov 26, 2008
    Posts:
    19
    Thanks djohn. I installed and ran Malwarebytes and it came up wth zero issues.
     
  8. hughdrbf

    hughdrbf Registered Member

    Joined:
    Nov 26, 2008
    Posts:
    19
    That's correct. I've not ever installed NOD32.

    The yellow balloon message that comes up from the clock task bar area looks like the Win Vista updates balloon. So I'm wondering what piece of NOD32 might somehow have gotten on my system to initiate this periodic notice to update.

    The impact is that IE7 crashes very frequently when closing. The offending element in the subsequent dialog is that NOD32 caused the crash and that there's no solution found.

    Is there a way I can follow a guide of instructions for manually removing all elements of NOD32? I'm glad to pick through folders and the registry to find and remove whatever it may be.

    Thanks everyone.

    Hugh
     
  9. Big Apple

    Big Apple Frequent Poster

    Joined:
    Aug 22, 2006
    Posts:
    724
    You could try Regseeker and search for Nod32 and remove all hits.
    Or installing and removing a trial of Nod32 could do the trick.
     
  10. Dark Shadow

    Dark Shadow Registered Member

    Joined:
    Oct 11, 2007
    Posts:
    4,553
    Location:
    USA
    What does your security center say for protection? does it list nod32 in the center.?If you never installed nod there should not be registry entries temp file and the like.also in control panel open folder options click View and scroll to find show hiden files and folder.then check you program files program data and under user look in appdata local, roaming and so fourth to see of anything shows Eset which is nod
     
    Last edited: Nov 27, 2008
  11. hughdrbf

    hughdrbf Registered Member

    Joined:
    Nov 26, 2008
    Posts:
    19
    Thanks Dave. I have Avast as my A/V and the default Windows Defender running in Security Center. I've got hidden files and folder showing, and checked all trees for eset -- even did a full system scan -- and it doesn't show up as a find.

    Hugh
     
  12. Dark Shadow

    Dark Shadow Registered Member

    Joined:
    Oct 11, 2007
    Posts:
    4,553
    Location:
    USA
    Very weird indeed if you system is clean from any rogue or spyware/malware then I am at lose.As you No windows does some crazy stuff for no appearant reason at times.But seems rather suspicious especially the browser crashing.perhaps some one else here can further assisist on rather strange problem.sorry i could not be much more help.
     
  13. The Hammer

    The Hammer Registered Member

    Joined:
    May 12, 2005
    Posts:
    5,619
    Location:
    Toronto Canada
    Perhaps you should download and run SysInspector from Eset and post when you have the results.
     
  14. hughdrbf

    hughdrbf Registered Member

    Joined:
    Nov 26, 2008
    Posts:
    19
    Dave, very muich appreciate everything you offered.
     
  15. bryanjoe

    bryanjoe Registered Member

    Joined:
    Feb 23, 2006
    Posts:
    380
    i have that problem b4, but it is upon uninstalling NOD32 the previous day.....
    but yours is weird...

    Maybe u can try installing NOD32 and uninstall it...
     
  16. hughdrbf

    hughdrbf Registered Member

    Joined:
    Nov 26, 2008
    Posts:
    19
    Hmmm...tempting, but that'll be two Eset things I'll have on my system. I'd kind'a like to go the other way and get rid of the first one.

    I found 10 eset items in my Cookies folder. One of them is eset.js. I'm going to delete these and see how things go, keeping SysInspector in mind for later.

    Thanks everyone, much appreciated. I'll report back with findings.

    Hugh
     
  17. hughdrbf

    hughdrbf Registered Member

    Joined:
    Nov 26, 2008
    Posts:
    19

    Attached Files:

  18. ThunderZ

    ThunderZ Registered Member

    Joined:
    May 1, 2006
    Posts:
    2,459
    Location:
    North central Ohio, U.S.A.
    Sounds like you may have a trojan. GOOGLE. Note one of the Aliases according to Avira.
     
  19. Marcos

    Marcos Eset Staff Account

    Joined:
    Nov 22, 2002
    Posts:
    14,376
    It looks like a notificatoin from Vista. Could you post a screenshot of the screen that appears after clicking on the balloon?
     
  20. hughdrbf

    hughdrbf Registered Member

    Joined:
    Nov 26, 2008
    Posts:
    19
    Concur.

    I found the same reference to the alias Eset Trojan here:

    http://www.exterminate-it.com/malpedia/remove-js-trojandownloader-small

    After deleting the file I ran a boottime full disck scan with Avast. The system came back clean, so now I'll keep a look at the folder as I browse to see if the file returns.
     
  21. hughdrbf

    hughdrbf Registered Member

    Joined:
    Nov 26, 2008
    Posts:
    19
    Will do next time it happens.
     
  22. hughdrbf

    hughdrbf Registered Member

    Joined:
    Nov 26, 2008
    Posts:
    19
    As promised, here is a link to it:

    http://www.followthelegend-ledzeppelin.com/MCPSITF/Capture4.JPG

    And here is the detail from that crash:

    Product
    Internet Explorer

    Problem
    Stopped working

    Date
    11/27/2008 8:59 PM

    Status
    More information available

    Problem signature
    Problem Event Name: APPCRASH
    Application Name: iexplore.exe
    Application Version: 7.0.6001.18000
    Application Timestamp: 47918f11
    Fault Module Name: ntdll.dll
    Fault Module Version: 6.0.6001.18000
    Fault Module Timestamp: 4791a7a6
    Exception Code: c0000005
    Exception Offset: 00043387
    OS Version: 6.0.6001.2.1.0.256.1
    Locale ID: 1033
    Additional Information 1: fd00
    Additional Information 2: ea6f5fe8924aaa756324d57f87834160
    Additional Information 3: fd00
    Additional Information 4: ea6f5fe8924aaa756324d57f87834160

    Extra information about the problem
    Bucket ID: 630998817

    Thanks to all for trying to help me get this resolved.

    Hugh
     
    Last edited: Nov 28, 2008
  23. Dark Shadow

    Dark Shadow Registered Member

    Joined:
    Oct 11, 2007
    Posts:
    4,553
    Location:
    USA
    Just some other suggestions, If you have not done so.Run some other scanners with full system scan such as Drweb cureit,SuperAntispyware,Mcafee stinger maybe even a trial run of nod32 or Avira it is very possiable avast is missing they all do.also suggest shut down windows system restore before the scans. I noticed from a early screenie you have protection mode/UAC off.Unless your running a standard account, I would turn it back on it helps with some malware etc that require admin level to run and if you touch the web in a admin account is real risky IMO.
     
    Last edited: Nov 28, 2008
  24. hughdrbf

    hughdrbf Registered Member

    Joined:
    Nov 26, 2008
    Posts:
    19
    Concur on all points, Dave. I've already run AdAware and SpyBot in addition to the earleir suggested MalwareByte, adn CClean -- all came up clean. UAC is off b/c it's a nag I can't deal with throughout my day on the system.
     
  25. Dark Shadow

    Dark Shadow Registered Member

    Joined:
    Oct 11, 2007
    Posts:
    4,553
    Location:
    USA
Thread Status:
Not open for further replies.