Friendly request: why is NOD32 on my PC?

The message comes from Vista and it advises you there may be issues with some of the software installed on your PC. For example I've seen this on some PCs with older versions of Adobe Reader installed but that have no noticeable problem. It's essentially MS saying "We see you have program X installed, however there may be some issues. If you have an issue, click here and we'll list the issues we know about and the fixes we have for those issues." If you click on it you should get a list of Vista / NOD32 related issues and fixes.

Have you ever installed (and even then uninstalled) anything from Eset or McAfee on the PC? Even the Online Scanners?

Check through the Internet Explorer Add-Ons (Tools, Internet Options, Programs, Manage AddOns) and see if any are listed as from a publisher such as ESET. Try disabling them, restart IE and see if the problem stops.

Finally submit a SysInspector log to ESET as per the request above.

 

probably obvious questions but is the PC 2nd user or are you the original user/owner?do any others users of the PC have admin rights??could they have installed Nod without you knowing?

 

Is it possible that somebody has either used or attempted to use the ESET Online Scanner?
http://www.eset.com/onlinescan/

Cheers

 

Thanks Paul. Here are links to the two screen shots re: "Vista / NOD32 related issues and fixes" that show up - clearly a Vista generated message as if NOD32 were installed:

http://www.followthelegend-ledzeppelin.com/MCPSITF/problem reports.JPG

http://www.followthelegend-ledzeppelin.com/MCPSITF/NOD32 item detail.JPG

Never installed anything from Eset or McAffee, nor runany online scanners. I am the sole owner adn user of the PC. It's never been used by anyone but me. I built the Vista image myself by first reformatting the disk.

There's nothing in IE add-ons from Eset in any of the four areas of Manage Add ons.

 

Not likely as the system has been in my possession and use 100%.

 

Yeah. Exactly what i expected to see. Almost certainly some sort of false alarm or mis-information by MS. Marcos seems to think the problem could be a mis-identification by MS, but as i don't know how this system works in depth i can't comment. I'd just ignore it for now and hope it gets fixed. Nothing to worry about I'll bet.

 

Here's the log from SysInspector:

http://www.followthelegend-ledzeppelin.com/MCPSITF/SysInspector-PC-081129-1802.zip

Thanks again for taking time and everyone's help.

Hugh

 

Vista with UAC turned off is about as vulnerable to various Web-based exploits and vulnerabilities as XP is. Protected mode in IE7, for instance, doesn't function with UAC turned off. Frankly, I think you should reconsider. It may be too late to do anything with that installation now. If it were mine, I'd consider it compromised and perform a clean installation. And the next time around, I'd leave UAC active and use a standard account.

Yes, I know this would mean that you'd have to type in a password when an activity that you (or a link you've clicked on) tries to do something that requires privilege escalation. That's the point of it. Vista with UAC turned on, and used from within a standard user account, is pretty safe from "drive-by" installations and the like. It sounds as though something has been installed on your system without your being aware of it. If UAC were active, and you were paying attention, that wouldn't have happened. For instance, if you click on a link to another Web page and get a prompt from UAC, you know something is up. You DON'T type in the password. You deny the process that's trying to run. That's the idea of it, anyway.

You compalin about UAC being a nag. Are you modifying system settings and / or working on locations in the file system that require privilege escalation that much? Or is some of your software not working properly with Vista, and thereby causing you to be inundated with UAC prompts. Once a system is fully configured with all software installed the only times you should be seeing these prompts is when you are changing basic system settings or installing something new.

I've used Vista extensively and have found it to be pretty solid. I run Linux on my own systems. Many of those systems (like Ubuntu) have the user get a prompt when s/he's doing something that's potentially risky, very much the way UAC prompts in Vista. In fact, on Ubuntu systems, I edit sudoers to force it to prompt every time. (The standard setting in ubuntu is to prompt at first, and then not prompt for any further actions by the user for a given number of minutes.)

 

Thanks Snarkers, much appreciated. All points well taken.

 

I appreciate everyone's help and suggestions. I'd like to swing back around to what the vendor is doing and how to stop it.

This forum is the official NOD32 A/V forum - how is it possible that vendor tech support hasn't weighed in to say something like, "...yep, we do that (i.e., Vista bubble notice that you see periodically)...and if a), b), or c) conditions exist it'll crash IE7 on exit - so go find this in your system registry and delete it"?

In brief, I've done nothing to introduce NOD32 onto my system, yet on closure IE7 crashes, and Vista is being triggered periodically with ESET NOD32-specific message text (see earlier post and screen shots of the bubble message and underlying detail screens).

The people who build and maintain the NOD32 code created the elements that are driving these issues. I'd really like them to help by sharing guidance about how to undo them.

Make sense?

 

I guess it's still not clear. The error code you get from IE7 was mistakenly attributed to NOD32 issues by Microsoft. So, when you get this specific error (which is triggered by something definitely not produced by NOD32/ESET as you've already noticed) you'll get a stupid misleading explanation provided by Vista from their issue DB.

For this issue symptom to get fixed, you first of all need to rant @ MS and tell them their advice is a piece of crap... For the real issue to get fixed (IE7 crashing) you need to start looking somewhere else, not at technical support of a product you've never had installed.

 

Thanks doktornotor, concur with what you suggest as a likely possibility. How, though, can we say that with all the exact text referencing to ESET NOD32 that it's MS Vista that is mistaking one for another?

 

I'll leave the thread to the Experts on NOD32 here, though RIES on IE7 does do the trick, no issues here running NOD32 v3.0.672.0 on IE7.

 

Thanks LowWaterMark. I tend to agree with you both that this is a likely scenario. Given there's credibility to this, and we already know about the similar issue relative to McAfee, where to look?

 

Do you have anti virus on your Blackberry? What is it?

 

It wouldn't hurt and could even be good PR if someone from Eset were to take a look at the OP's SysInspector log.

 

I've got a copy of the nod32 removal tool,not sure if it works with latest versions but you're welcome to a copy,PM me if you want to give it a whirl

 

I have an office full of vista PCs with NAV 10 installed. One of these systems experiences frequent IE7 crashes and in the last month has started blaming them on nod32. I am trialing nod32 on about 5 systems but this is not one of them. All NAV components are still installed and there is no nod32 component installed. We have never used McAfee. I have completely scanned the system and it is clean. I concur with the theory that it is a MS problem.

 

Where did u get it?

 

Probably HERE

 

Can the link below be of some help:
http://theclevergeek.com/security/antivirus/nod32-uninstall-batch-script.html

 

Well, certainly not for the people who have never had NOD32 or any other ESET product installed. Contacting MS to fix their erroneous error messages would a whole lot more useful to prevent such confusion in future.

 

I get the exact same message from Windows Solutions:

Download updates for NOD32 Antivirus System

This problem was caused by NOD32 Antivirus System, which was created by Eset.

Problem signature
Problem Event Name: APPCRASH
Application Name: iexplore.exe
Application Version: 7.0.6001.18000
Application Timestamp: 47918f11
Fault Module Name: ntdll.dll
Fault Module Version: 6.0.6001.18000
Fault Module Timestamp: 4791a7a6
Exception Code: c0000005
Exception Offset: 00043387
OS Version: 6.0.6001.2.1.0.768.3
Locale ID: 1033
Additional Information 1: fd00
Additional Information 2: ea6f5fe8924aaa756324d57f87834160
Additional Information 3: fd00
Additional Information 4: ea6f5fe8924aaa756324d57f87834160

Extra information about the problem
Bucket ID: 630998817

This is a new computer and I started with these messages from the first day I used the computer. I run Mcafee Internet Security Suite, with Vista Home Premium sp1.

 

Hello,

Are you still experiencing this issue?

Regards,

Aryeh Goretsky