Friendly request: why is NOD32 on my PC?

Discussion in 'ESET NOD32 Antivirus' started by hughdrbf, Nov 26, 2008.

Thread Status:
Not open for further replies.
  1. PaulB2005

    PaulB2005 Registered Member

    Joined:
    Apr 19, 2005
    Posts:
    525
    The message comes from Vista and it advises you there may be issues with some of the software installed on your PC. For example I've seen this on some PCs with older versions of Adobe Reader installed but that have no noticeable problem. It's essentially MS saying "We see you have program X installed, however there may be some issues. If you have an issue, click here and we'll list the issues we know about and the fixes we have for those issues." If you click on it you should get a list of Vista / NOD32 related issues and fixes.

    Have you ever installed (and even then uninstalled) anything from Eset or McAfee on the PC? Even the Online Scanners?

    Check through the Internet Explorer Add-Ons (Tools, Internet Options, Programs, Manage AddOns) and see if any are listed as from a publisher such as ESET. Try disabling them, restart IE and see if the problem stops.

    Finally submit a SysInspector log to ESET as per the request above.
     
  2. steve1955

    steve1955 Registered Member

    Joined:
    Feb 7, 2004
    Posts:
    1,384
    Location:
    Sunny(in my dreams)Manchester,England
    probably obvious questions but is the PC 2nd user or are you the original user/owner?do any others users of the PC have admin rights??could they have installed Nod without you knowing?
     
  3. NOD32 user

    NOD32 user Registered Member

    Joined:
    Jan 23, 2005
    Posts:
    1,766
    Location:
    Australia
  4. hughdrbf

    hughdrbf Registered Member

    Joined:
    Nov 26, 2008
    Posts:
    19
    Thanks Paul. Here are links to the two screen shots re: "Vista / NOD32 related issues and fixes" that show up - clearly a Vista generated message as if NOD32 were installed:

    http://www.followthelegend-ledzeppelin.com/MCPSITF/problem reports.JPG

    http://www.followthelegend-ledzeppelin.com/MCPSITF/NOD32 item detail.JPG

    Never installed anything from Eset or McAffee, nor runany online scanners. I am the sole owner adn user of the PC. It's never been used by anyone but me. I built the Vista image myself by first reformatting the disk.

    There's nothing in IE add-ons from Eset in any of the four areas of Manage Add ons.
     
  5. hughdrbf

    hughdrbf Registered Member

    Joined:
    Nov 26, 2008
    Posts:
    19
    Not likely as the system has been in my possession and use 100%.
     
  6. PaulB2005

    PaulB2005 Registered Member

    Joined:
    Apr 19, 2005
    Posts:
    525
    Yeah. Exactly what i expected to see. Almost certainly some sort of false alarm or mis-information by MS. Marcos seems to think the problem could be a mis-identification by MS, but as i don't know how this system works in depth i can't comment. I'd just ignore it for now and hope it gets fixed. Nothing to worry about I'll bet.
     
  7. hughdrbf

    hughdrbf Registered Member

    Joined:
    Nov 26, 2008
    Posts:
    19
  8. Snarkers

    Snarkers Registered Member

    Joined:
    Aug 27, 2008
    Posts:
    7
    Vista with UAC turned off is about as vulnerable to various Web-based exploits and vulnerabilities as XP is. Protected mode in IE7, for instance, doesn't function with UAC turned off. Frankly, I think you should reconsider. It may be too late to do anything with that installation now. If it were mine, I'd consider it compromised and perform a clean installation. And the next time around, I'd leave UAC active and use a standard account.

    Yes, I know this would mean that you'd have to type in a password when an activity that you (or a link you've clicked on) tries to do something that requires privilege escalation. That's the point of it. Vista with UAC turned on, and used from within a standard user account, is pretty safe from "drive-by" installations and the like. It sounds as though something has been installed on your system without your being aware of it. If UAC were active, and you were paying attention, that wouldn't have happened. For instance, if you click on a link to another Web page and get a prompt from UAC, you know something is up. You DON'T type in the password. You deny the process that's trying to run. That's the idea of it, anyway.

    You compalin about UAC being a nag. Are you modifying system settings and / or working on locations in the file system that require privilege escalation that much? Or is some of your software not working properly with Vista, and thereby causing you to be inundated with UAC prompts. Once a system is fully configured with all software installed the only times you should be seeing these prompts is when you are changing basic system settings or installing something new.

    I've used Vista extensively and have found it to be pretty solid. I run Linux on my own systems. Many of those systems (like Ubuntu) have the user get a prompt when s/he's doing something that's potentially risky, very much the way UAC prompts in Vista. In fact, on Ubuntu systems, I edit sudoers to force it to prompt every time. (The standard setting in ubuntu is to prompt at first, and then not prompt for any further actions by the user for a given number of minutes.)
     
    Last edited: Nov 30, 2008
  9. hughdrbf

    hughdrbf Registered Member

    Joined:
    Nov 26, 2008
    Posts:
    19
    Thanks Snarkers, much appreciated. All points well taken.
     
  10. hughdrbf

    hughdrbf Registered Member

    Joined:
    Nov 26, 2008
    Posts:
    19
    I appreciate everyone's help and suggestions. I'd like to swing back around to what the vendor is doing and how to stop it.

    This forum is the official NOD32 A/V forum - how is it possible that vendor tech support hasn't weighed in to say something like, "...yep, we do that (i.e., Vista bubble notice that you see periodically)...and if a), b), or c) conditions exist it'll crash IE7 on exit - so go find this in your system registry and delete it"?

    In brief, I've done nothing to introduce NOD32 onto my system, yet on closure IE7 crashes, and Vista is being triggered periodically with ESET NOD32-specific message text (see earlier post and screen shots of the bubble message and underlying detail screens).

    The people who build and maintain the NOD32 code created the elements that are driving these issues. I'd really like them to help by sharing guidance about how to undo them.

    Make sense?
     
  11. doktornotor

    doktornotor Registered Member

    Joined:
    Jul 19, 2008
    Posts:
    2,047
    I guess it's still not clear. The error code you get from IE7 was mistakenly attributed to NOD32 issues by Microsoft. So, when you get this specific error (which is triggered by something definitely not produced by NOD32/ESET as you've already noticed) you'll get a stupid misleading explanation provided by Vista from their issue DB.

    For this issue symptom to get fixed, you first of all need to rant @ MS and tell them their advice is a piece of crap... For the real issue to get fixed (IE7 crashing) you need to start looking somewhere else, not at technical support of a product you've never had installed.
     
  12. hughdrbf

    hughdrbf Registered Member

    Joined:
    Nov 26, 2008
    Posts:
    19
    Thanks doktornotor, concur with what you suggest as a likely possibility. How, though, can we say that with all the exact text referencing to ESET NOD32 that it's MS Vista that is mistaking one for another?
     
  13. siljaline

    siljaline Registered Member

    Joined:
    Jun 29, 2003
    Posts:
    6,618
    I'll leave the thread to the Experts on NOD32 here, though RIES on IE7 does do the trick, no issues here running NOD32 v3.0.672.0 on IE7.

    :thumb:
     
  14. LowWaterMark

    LowWaterMark Administrator

    Joined:
    Aug 10, 2002
    Posts:
    18,246
    Location:
    New England
    The Vista UAC discussion posts have been split to their own thread.


    hughdrbf - I agree with doktornotor. You've checked your system and you don't have NOD32 installed. You've never even installed it and there is no automatic installation of NOD32 anywhere.

    It's more likely that either it's a mistaken identification by Vista (since there is no NOD32 there), or perhaps it's some rogue software or malware that is sending fake alerts through Vista or IE.

    __________________
    Cross link to likely related thread, where another person who doesn't have NOD32 got similar messages, involving Vista and IE7.
     
  15. hughdrbf

    hughdrbf Registered Member

    Joined:
    Nov 26, 2008
    Posts:
    19
    Thanks LowWaterMark. I tend to agree with you both that this is a likely scenario. Given there's credibility to this, and we already know about the similar issue relative to McAfee, where to look?
     
  16. Joliet Jake

    Joliet Jake Registered Member

    Joined:
    Mar 1, 2005
    Posts:
    911
    Location:
    Scotland
    Do you have anti virus on your Blackberry? What is it?
     
  17. The Hammer

    The Hammer Registered Member

    Joined:
    May 12, 2005
    Posts:
    5,737
    Location:
    Toronto Canada
    It wouldn't hurt and could even be good PR if someone from Eset were to take a look at the OP's SysInspector log.
     
  18. steve1955

    steve1955 Registered Member

    Joined:
    Feb 7, 2004
    Posts:
    1,384
    Location:
    Sunny(in my dreams)Manchester,England
    I've got a copy of the nod32 removal tool,not sure if it works with latest versions but you're welcome to a copy,PM me if you want to give it a whirl
     
  19. mcmary

    mcmary Registered Member

    Joined:
    Nov 24, 2008
    Posts:
    3
    I have an office full of vista PCs with NAV 10 installed. One of these systems experiences frequent IE7 crashes and in the last month has started blaming them on nod32. I am trialing nod32 on about 5 systems but this is not one of them. All NAV components are still installed and there is no nod32 component installed. We have never used McAfee. I have completely scanned the system and it is clean. I concur with the theory that it is a MS problem.
     
  20. CivilTaz

    CivilTaz Registered Member

    Joined:
    Nov 19, 2008
    Posts:
    146
    Where did u get it?
     
  21. ThunderZ

    ThunderZ Registered Member

    Joined:
    May 1, 2006
    Posts:
    2,459
    Location:
    North central Ohio, U.S.A.

    Probably HERE
     
  22. BJStone

    BJStone Registered Member

    Joined:
    Oct 31, 2005
    Posts:
    139
  23. doktornotor

    doktornotor Registered Member

    Joined:
    Jul 19, 2008
    Posts:
    2,047
  24. Ellwood970

    Ellwood970 Registered Member

    Joined:
    Dec 14, 2008
    Posts:
    1
    I get the exact same message from Windows Solutions:

    Download updates for NOD32 Antivirus System

    This problem was caused by NOD32 Antivirus System, which was created by Eset.

    Problem signature
    Problem Event Name: APPCRASH
    Application Name: iexplore.exe
    Application Version: 7.0.6001.18000
    Application Timestamp: 47918f11
    Fault Module Name: ntdll.dll
    Fault Module Version: 6.0.6001.18000
    Fault Module Timestamp: 4791a7a6
    Exception Code: c0000005
    Exception Offset: 00043387
    OS Version: 6.0.6001.2.1.0.768.3
    Locale ID: 1033
    Additional Information 1: fd00
    Additional Information 2: ea6f5fe8924aaa756324d57f87834160
    Additional Information 3: fd00
    Additional Information 4: ea6f5fe8924aaa756324d57f87834160

    Extra information about the problem
    Bucket ID: 630998817

    This is a new computer and I started with these messages from the first day I used the computer. I run Mcafee Internet Security Suite, with Vista Home Premium sp1.
     
  25. agoretsky

    agoretsky Eset Staff Account

    Joined:
    Apr 4, 2006
    Posts:
    4,034
    Location:
    California
    Hello,

    Are you still experiencing this issue?

    Regards,

    Aryeh Goretsky
     
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.