Is NOD32 blocking me from posting on Forums?

Discussion in 'ESET NOD32 Antivirus' started by matt8911, Apr 6, 2012.

Thread Status:
Not open for further replies.
  1. matt8911

    matt8911 Registered Member

    Joined:
    Oct 6, 2007
    Posts:
    19
    Location:
    Southern CA
    Hi everyone, as the title suggest I am having trouble posting on my regular forums. This started after I installed ESET NOD32 Antivirus trial and then bought the program. Later I started having trouble posting on the forums. The problem is where I try to enter text, it will turn grey and I cannot enter any text. I asked the moderator and he said to clear my IE8 history which helped. I cleared all history including cookies, which I do not want to do all time. On the last ocurrance I had to keep disabling NOD32 and clearing cache.

    I read the Sticky on reporting issues and here is the report.

    Win XP Home SP3 32 bit

    ESET NOD32 AV 5.0.95.0

    Problem occurs when I have NOD32 installed and fully operational (Default settings) I open IE8 (fully updated) and go to a forum to post, but cannot. As advised I disabled Self Defense in NOD32, I then came here to post my issue and it worked. I was also advised to uninstall the NOD32 and reinstall. I did some research on uninstalling and did as advised(used the NOD32 uninstaller)
    Thanks Guys Matt8911
     

    Attached Files:

    Last edited: Apr 6, 2012
  2. dwomack

    dwomack Eset Staff Account

    Joined:
    Mar 2, 2011
    Posts:
    588
    You mentioned disabling ESET and posting here worked but have you tried posting to your own forums with ESET disabled? If so, did this resolve the issue?

    Based on how you worded the post, I'm assuming clearing the browser cookies/cache/history helped resolve the issue temporarily. Is this the case and have you tried upgrading to IE9 or trying another browser?
     
  3. matt8911

    matt8911 Registered Member

    Joined:
    Oct 6, 2007
    Posts:
    19
    Location:
    Southern CA
    First reply: Was unsure how to disable NOD32 for games and stress testing, so I ended up disabling stuff in advanced setup. This left me vulnerable to viruses, (found that out later). A moderator or admin on another forum advised me to uninstall and reinstall with default settings, then just leave settings alone. He also advised me to delete temporary files in IE8, which helped. I kept having problems and needed to keep deleting temp files in IE 8. Thats when I came back over here to do as advised and post the recommended information and disable self defense. I also tried to disable the other setting but could not find it. ( ) Now that I have disabled self defense everything works fine but am I protected? What happened to my setting did it re-enable maybe? I have cleaning set to no cleaning due to my not wanting to lose sensitive OS files or DL programs identified as riskware. Most times i right click on the taskbar icon and select disable for games (about an hour). ESET tells me when its time to quit as I feel the game slow down(gamer mode keeps turning off-have to enable all time).
    Reply 2: No I have not tried another browser and IE( is in Windows 7 AFAIK.
    Hope this clears up the air of my problem.
    Matt8911
     
  4. siljaline

    siljaline Former Poster

    Joined:
    Jun 29, 2003
    Posts:
    6,619
    Run RIES, post back your findings - read disclaimers *before* running this tool.
     
  5. Marcos

    Marcos Eset Staff Account

    Joined:
    Nov 22, 2002
    Posts:
    14,374
    It's weird that disabling Self-defense resolves the issue so I assume there's 3rd party software that somehow intervenes in http communication and these attempts are blocked by ESET. Enable logging of blocked operations in the advanced HIPS setup, reproduce the problem and paste the relevant records from the HIPS log here.
     
  6. matt8911

    matt8911 Registered Member

    Joined:
    Oct 6, 2007
    Posts:
    19
    Location:
    Southern CA
    Enable logging in advanced setup -done
    Reproduce the problem -almost done
    note I recall the problem occured after I visited this website http:www.cobragaming.net and attempted to post a message.

    I started seeing the problem in other websites until I was advised to clear the IE8 cache by an admin on gigabyte forum. I did this and then was able to post then later, it happened again. I cleared the IE8 cache and was again able to post. Returned to your site to post about the problem and then disabled the self defense as advised. This seemed to cure the problem, however after returning to the cobra site(this eve) I saw it again, briefly. I logged on to the site and then found out I could not post due to my being banned. I simply got a message stating I was banned, and did not see the grey box. I went to the gigabyte site and then logged in and browsed around and then I saw it in the quick post area. I then went to another area (of same site) and then it was gone. I have a picture of the banned message.
    No events in the HIPS log sorry I think it may be a infected cookie? or a cookie with a banned message in it? I am not familiar with cookies as much but I have seen seen infected pictures in my past from a gaming server I think. Please advise further action Regards
     

    Attached Files:

    Last edited: Apr 20, 2012
  7. agoretsky

    agoretsky Eset Staff Account

    Joined:
    Apr 4, 2006
    Posts:
    4,032
    Location:
    California
    Hello,

    You mentioned that you recently installed ESET NOD32 Antivirus on your computer, so I am wondering if the issue could be related to a remnant of a previously-installed antivirus program still being resident on the system and interfering with ESET NOD32 Antivirus.

    What antivirus software was previously installed on the computer before ESET NOD32 Antivirus, and how was it removed?

    Regards,

    Aryeh Goretsky
     
  8. matt8911

    matt8911 Registered Member

    Joined:
    Oct 6, 2007
    Posts:
    19
    Location:
    Southern CA
    Here is the timeline of this install as I recall:
    Installed recently purchased Hard drive from ebay due to other drive problems. This drive is a WD6400AAKS-65A7B2 which was received with an open package. The seller stated the drive was new in package(sealed package was assumed). I formatted and installed windows XP then a trial version of ESET NOD32. Later, after purchase and having problems I uninstalled the NOD32 and reinstalled(NOD 32 fresh DL). The purpose of the reinstall was to ensure default settings for proper operation. So, there were no other AV packages other than NOD32.

    I was told about NOD32 by Leo Laporte on the radio.

    I do see some stuff in the log file now.

    Code:
    4/20/2012 6:08:34 PM	C:\WINDOWS\system32\services.exe	Delete from registry	HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_EPFWTDIR\0000\LogConf\OverrideConfig	blocked	SelfDefense: Registry with full protection	
    4/20/2012 6:08:34 PM	C:\WINDOWS\system32\services.exe	Delete from registry	HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_EPFWTDIR\0000\LogConf\FilteredConfig	blocked	SelfDefense: Registry with full protection	
    4/20/2012 6:08:34 PM	C:\WINDOWS\system32\services.exe	Delete from registry	HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_EPFWTDIR\0000\LogConf\BasicConfig	blocked	SelfDefense: Registry with full protection	
    4/20/2012 6:08:34 PM	C:\WINDOWS\system32\services.exe	Delete from registry	HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_EPFWTDIR\0000\LogConf\ForcedConfigVector	blocked	SelfDefense: Registry with full protection	
    4/20/2012 6:08:34 PM	C:\WINDOWS\system32\services.exe	Delete from registry	HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_EPFWTDIR\0000\LogConf\AllocConfigVector	blocked	SelfDefense: Registry with full protection	
    4/20/2012 6:08:34 PM	C:\WINDOWS\system32\services.exe	Delete from registry	HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_EPFWTDIR\0000\LogConf\BootConfigVector	blocked	SelfDefense: Registry with full protection	
    4/20/2012 6:08:34 PM	C:\WINDOWS\system32\services.exe	Delete from registry	HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_EPFWTDIR\0000\LogConf\OverrideConfig	blocked	SelfDefense: Registry with full protection	
    4/20/2012 6:08:34 PM	C:\WINDOWS\system32\services.exe	Delete from registry	HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_EPFWTDIR\0000\LogConf\FilteredConfig	blocked	SelfDefense: Registry with full protection	
    4/20/2012 6:08:34 PM	C:\WINDOWS\system32\services.exe	Delete from registry	HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_EPFWTDIR\0000\LogConf\BasicConfig	blocked	SelfDefense: Registry with full protection	
    4/20/2012 6:08:34 PM	C:\WINDOWS\system32\services.exe	Delete from registry	HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_EPFWTDIR\0000\LogConf\ForcedConfigVector	blocked	SelfDefense: Registry with full protection	
    4/20/2012 6:08:34 PM	C:\WINDOWS\system32\services.exe	Delete from registry	HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_EPFWTDIR\0000\LogConf\AllocConfigVector	blocked	SelfDefense: Registry with full protection	
    4/20/2012 6:08:34 PM	C:\WINDOWS\system32\services.exe	Delete from registry	HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_EPFWTDIR\0000\LogConf\BootConfigVector	blocked	SelfDefense: Registry with full protection	
    4/20/2012 6:08:20 PM	C:\WINDOWS\system32\services.exe	Delete from registry	HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_EPFWTDIR\0000\LogConf\OverrideConfig	blocked	SelfDefense: Registry with full protection	
    4/20/2012 6:08:20 PM	C:\WINDOWS\system32\services.exe	Delete from registry	HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_EPFWTDIR\0000\LogConf\FilteredConfig	blocked	SelfDefense: Registry with full protection	
    4/20/2012 6:08:20 PM	C:\WINDOWS\system32\services.exe	Delete from registry	HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_EPFWTDIR\0000\LogConf\BasicConfig	blocked	SelfDefense: Registry with full protection	
    4/20/2012 6:08:20 PM	C:\WINDOWS\system32\services.exe	Delete from registry	HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_EPFWTDIR\0000\LogConf\ForcedConfigVector	blocked	SelfDefense: Registry with full protection	
    4/20/2012 6:08:20 PM	C:\WINDOWS\system32\services.exe	Delete from registry	HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_EPFWTDIR\0000\LogConf\AllocConfigVector	blocked	SelfDefense: Registry with full protection	
    4/20/2012 6:08:20 PM	C:\WINDOWS\system32\services.exe	Delete from registry	HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_EPFWTDIR\0000\LogConf\BootConfigVector	blocked	SelfDefense: Registry with full protection	
    4/20/2012 6:08:20 PM	C:\WINDOWS\system32\services.exe	Delete from registry	HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_EPFWTDIR\0000\LogConf\OverrideConfig	blocked	SelfDefense: Registry with full protection	
    4/20/2012 6:08:20 PM	C:\WINDOWS\system32\services.exe	Delete from registry	HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_EPFWTDIR\0000\LogConf\FilteredConfig	blocked	SelfDefense: Registry with full protection	
    4/20/2012 6:08:20 PM	C:\WINDOWS\system32\services.exe	Delete from registry	HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_EPFWTDIR\0000\LogConf\BasicConfig	blocked	SelfDefense: Registry with full protection	
    4/20/2012 6:08:19 PM	C:\WINDOWS\system32\services.exe	Delete from registry	HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_EPFWTDIR\0000\LogConf\ForcedConfigVector	blocked	SelfDefense: Registry with full protection	
    4/20/2012 6:08:19 PM	C:\WINDOWS\system32\services.exe	Delete from registry	HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_EPFWTDIR\0000\LogConf\AllocConfigVector	blocked	SelfDefense: Registry with full protection	
    4/20/2012 6:08:19 PM	C:\WINDOWS\system32\services.exe	Delete from registry	HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_EPFWTDIR\0000\LogConf\BootConfigVector	blocked	SelfDefense: Registry with full protection	
    4/20/2012 6:07:31 PM	C:\WINDOWS\explorer.exe	Get access to file	C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe	some access blocked	SelfDefense: Protect ESET files	Write to file
    4/20/2012 6:07:20 PM	C:\WINDOWS\system32\svchost.exe	Modify state of another application	C:\WINDOWS\system32\winlogon.exe	blocked	SelfDefense: Do not allow modification of system processes	
    4/20/2012 6:53:05 AM	C:\WINDOWS\system32\svchost.exe	Modify state of another application	C:\WINDOWS\system32\winlogon.exe	blocked	SelfDefense: Do not allow modification of system processes	
    4/20/2012 6:49:20 AM	C:\WINDOWS\explorer.exe	Get access to file	C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe	some access blocked	SelfDefense: Protect ESET files	Write to file
    4/20/2012 6:49:20 AM	C:\WINDOWS\system32\svchost.exe	Modify state of another application	C:\WINDOWS\system32\winlogon.exe	blocked	SelfDefense: Do not allow modification of system processes
    Here are some events logs:
    Code:
    4/20/2012 6:07:59 PM	ESET Kernel	Virus signature database successfully updated to version 7073 (20120420).	
    4/19/2012 6:59:54 PM	ESET Kernel	Virus signature database successfully updated to version 7070 (20120419).	
    4/18/2012 10:09:20 PM	ESET Kernel	Virus signature database successfully updated to version 7067 (20120418).	
    4/18/2012 5:46:11 AM	ESET Kernel	Virus signature database successfully updated to version 7065 (20120418).	
    4/17/2012 7:55:51 PM	ESET Kernel	Virus signature database successfully updated to version 7063 (20120417).	
    4/16/2012 6:29:35 PM	ESET Kernel	Virus signature database successfully updated to version 7059 (20120416).	
    4/15/2012 10:46:04 AM	ESET Kernel	Virus signature database successfully updated to version 7056 (20120415).	
    4/15/2012 10:13:45 AM	HIPS	The user rules file contains invalid data.	
    4/15/2012 9:41:44 AM	HIPS	The user rules file contains invalid data.	
    4/15/2012 6:45:07 AM	HIPS	The user rules file contains invalid data.	
    4/14/2012 3:58:43 PM	ESET Kernel	Virus signature database successfully updated to version 7054 (20120414).	
    4/14/2012 7:47:19 AM	ESET Kernel	Virus signature database successfully updated to version 7053 (20120414).	
    4/14/2012 12:18:06 AM	ESET Kernel	Virus signature database successfully updated to version 7052 (20120413).	
    4/12/2012 8:47:01 PM	ESET Kernel	Virus signature database successfully updated to version 7049 (20120412).	
    4/11/2012 6:29:47 PM	ESET Kernel	Virus signature database successfully updated to version 7046 (20120411).	
    4/10/2012 6:41:54 PM	ESET Kernel	Virus signature database successfully updated to version 7043 (20120410).	
    4/9/2012 8:42:43 PM	ESET Kernel	Virus signature database successfully updated to version 7040 (20120409).	
    4/8/2012 9:12:00 AM	ESET Kernel	Virus signature database successfully updated to version 7037 (20120408).	
    4/7/2012 10:24:08 AM	ESET Kernel	Virus signature database successfully updated to version 7036 (20120407).	
    4/6/2012 8:46:58 PM	ESET Kernel	Virus signature database successfully updated to version 7034 (20120406).	
    4/6/2012 6:06:17 AM	ESET Kernel	Virus signature database successfully updated to version 7033 (20120406).	
    4/5/2012 6:41:02 PM	ESET Kernel	Virus signature database successfully updated to version 7031 (20120405).	
    4/4/2012 7:19:20 PM	ESET Kernel	Virus signature database successfully updated to version 7029 (20120404).	
    4/4/2012 6:41:05 AM	ESET Kernel	Virus signature database successfully updated to version 7027 (20120404).	
    4/3/2012 11:39:27 PM	ESET Kernel	Virus signature database successfully updated to version 7025 (20120404).	
    4/3/2012 10:24:01 PM	ESET Kernel	Virus signature database successfully updated to version 7024 (20120403).	
    4/3/2012 5:51:47 AM	ESET Kernel	Virus signature database successfully updated to version 7022 (20120403).	
    4/2/2012 7:31:06 PM	ESET Kernel	Virus signature database successfully updated to version 7021 (20120402).	
    4/2/2012 6:09:30 AM	ESET Kernel	Virus signature database successfully updated to version 7020 (20120402).	
    4/2/2012 5:05:32 AM	ESET Kernel	Virus signature database successfully updated to version 7019 (20120402).	
    4/1/2012 9:33:31 AM	ESET Kernel	Virus signature database successfully updated to version 7018 (20120401).	
    4/1/2012 7:32:41 AM	ESET Kernel	Virus signature database successfully updated to version 7017 (20120401).	
    3/31/2012 4:50:42 PM	ESET Kernel	Virus signature database successfully updated to version 7016 (20120331).	
    Scans only detected riskware which I know is safe 2 items. I do not know how to show which items they are only log file which tells nothing IMAO.

    Code:
    4/5/2012 7:06:13 PM	F:\Boot sector;F:\	180231	0	0	Completed
    3/31/2012 5:30:01 PM	Operating memory;C:\Boot sector;E:\Boot sector;F:\Boot sector;C:\;E:\;F:\	362412	2	0	Completed
    Well I figured out how to show the questionable files(riskware) its by running a scan
    Code:
    Scan Log
    Version of virus signature database: 7073 (20120420)
    Date: 4/20/2012  Time: 7:18:07 PM
    Scanned disks, folders and files: Operating memory;C:\Boot sector;C:\
    C:\pagefile.sys - error opening [4]
    C:\Documents and Settings\Matt\Desktop\UD3BACK090611\UD3Install1b\hpsetup\ud3lr2011.iso » ISO » USERPR~1.MHT » MIME - is OK (internal scanning not performed)
    C:\Documents and Settings\Matt\Desktop\UD3BACK090611\UD3Install1b\hpsetup\ud3lr2011.iso » ISO » 1.MBS » MBOX - is OK (internal scanning not performed)
    C:\Documents and Settings\Matt\Desktop\UD3BACK090611\UD3Install1b\hpsetup\ud3lr2011.iso » ISO » 2.MBS » MBOX - is OK (internal scanning not performed)
    C:\Documents and Settings\Matt\Desktop\UD3BACK090611\UD3Install1b\hpsetup\ud3lr2011.iso » ISO » 3.MBS » MBOX - is OK (internal scanning not performed)
    C:\Documents and Settings\Matt\Desktop\UD3BACK090611\UD3Install1b\hpsetup\ud3lr2011.iso » ISO » 4.MBS » MBOX - is OK (internal scanning not performed)
    C:\Documents and Settings\Matt\Desktop\UD3BACK090611\UD3Install1b\hpsetup\ud3lr2011.iso » ISO » TESTDISK.7Z » 7ZIP »  - Incorrect file checksum (CRC); the file is probably password protected.
    C:\Documents and Settings\Matt\Desktop\UD3BACK090611\UD3Install1b\hpsetup\ud3lr2011.iso » ISO » FABSAU~1.MHT » MIME - is OK (internal scanning not performed)
    C:\Documents and Settings\Matt\Desktop\UD3BACK090611\UD3Install1b\hpsetup\ud3lr2011.iso » ISO » GUJIN.MHT » MIME - is OK (internal scanning not performed)
    C:\Documents and Settings\Matt\Desktop\UD3BACK090611\UD3Install1b\hpsetup\ud3lr2011.iso » ISO » OFFLINE.MHT » MIME - is OK (internal scanning not performed)
    C:\Documents and Settings\Matt\Desktop\UD3BACK090611\UD3Install1b\hpsetup\ud3lr2011.iso » ISO » IPSCAN~1.7Z » 7ZIP »  - Incorrect file checksum (CRC); the file is probably password protected.
    C:\Documents and Settings\Matt\Desktop\UD3BACK090611\UD3Install1b\hpsetup\ud3lr2011.iso » ISO » NDIS_I~1.MHT » MIME - is OK (internal scanning not performed)
    C:\Documents and Settings\Matt\Desktop\UD3BACK090611\UD3Install1b\hpsetup\ud3lr2011.iso » ISO » NETCAT.7Z » 7ZIP »  - Incorrect file checksum (CRC); the file is probably password protected.
    C:\Documents and Settings\Matt\Desktop\UD3BACK090611\UD3Install1b\hpsetup\ud3lr2011.iso » ISO » PASSPRO.7Z » 7ZIP »  - Incorrect file checksum (CRC); the file is probably password protected.
    C:\Documents and Settings\Matt\Desktop\UD3BACK090611\UD3Install1b\hpsetup\ud3lr2011.iso » ISO » KEYFIN~1.7Z » 7ZIP » keyfinder/faq.txt - Incorrect file checksum (CRC); the file is probably password protected.
    C:\Documents and Settings\Matt\Desktop\UD3BACK090611\UD3Install1b\hpsetup\ud3lr2011.iso » ISO » KEYFIN~1.7Z » 7ZIP » keyfinder/history.txt - Incorrect file checksum (CRC); the file is probably password protected.
    C:\Documents and Settings\Matt\Desktop\UD3BACK090611\UD3Install1b\hpsetup\ud3lr2011.iso » ISO » KEYFIN~1.7Z » 7ZIP » keyfinder/license.txt - Incorrect file checksum (CRC); the file is probably password protected.
    C:\Documents and Settings\Matt\Desktop\UD3BACK090611\UD3Install1b\hpsetup\ud3lr2011.iso » ISO » KEYFIN~1.7Z » 7ZIP » keyfinder/readme.txt - Incorrect file checksum (CRC); the file is probably password protected.
    C:\Documents and Settings\Matt\Desktop\UD3BACK090611\UD3Install1b\hpsetup\ud3lr2011.iso » ISO » KEYFIN~1.7Z » 7ZIP » keyfinder/keyfinder.cfg - Incorrect file checksum (CRC); the file is probably password protected.
    C:\Documents and Settings\Matt\Desktop\UD3BACK090611\UD3Install1b\hpsetup\ud3lr2011.iso » ISO » KEYFIN~1.7Z » 7ZIP » keyfinder/keyfinder.exe - Incorrect file checksum (CRC); the file is probably password protected.
    C:\Documents and Settings\Matt\Desktop\UD3BACK090611\UD3Install1b\hpsetup\ud3lr2011.iso » ISO » SYSINFO.7Z » 7ZIP »  - Incorrect file checksum (CRC); the file is probably password protected.
    C:\Documents and Settings\Matt\Desktop\UD3BACK090611\UD3Install1b\hpsetup\ud3lr2011.iso » ISO » LWS200.EXE » NSIS » puninstc.exe » NSIS » uninstall.exe » NSIS - archive damaged
    C:\Documents and Settings\Matt\Desktop\UD3BACK090611\UD3Install1b\hpsetup\ud3lr2011.iso » ISO » LWS200.EXE » NSIS » puninstt.exe » NSIS » uninstall.exe » NSIS - archive damaged
    C:\Documents and Settings\Matt\Desktop\UD3BACK090611\UD3Install1b\hpsetup\ud3lr2011.iso » ISO » ZASETU~1.EXE » WISE » Windows6.0-KB929547-v2-x64.msu » CAB » WSUSSCAN.cab - archive damaged - the file could not be extracted.
    C:\Documents and Settings\Matt\Desktop\UD3BACK090611\UD3Install1b\hpsetup\ud3lr2011.iso » ISO » ZASETU~1.EXE » WISE » Windows6.0-KB929547-v2-x64.msu » CAB » Windows6.0-KB929547-v2-x64.cab - archive damaged - the file could not be extracted.
    C:\Documents and Settings\Matt\Desktop\UD3BACK090611\UD3Install1b\hpsetup\ud3lr2011.iso » ISO » ZASETU~1.EXE » WISE » Windows6.0-KB929547-v2-x64.msu » CAB » Windows6.0-KB929547-v2-x64-pkgProperties.txt - archive damaged - the file could not be extracted.
    C:\Documents and Settings\Matt\Desktop\UD3BACK090611\UD3Install1b\hpsetup\ud3lr2011.iso » ISO » ZASETU~1.EXE » WISE » Windows6.0-KB929547-v2-x64.msu » CAB » Windows6.0-KB929547-v2-x64.xml - archive damaged - the file could not be extracted.
    C:\Documents and Settings\Matt\Desktop\UD3BACK090611\UD3Install1b\Peripherals\PSB210_231.exe » 7ZIP » Optional/CouponPrinter.exe » INDIGOROSE - unsupported option
    C:\Documents and Settings\Matt\Desktop\UD3BACK090611\UD3SW2a\VIDEO APPS\FLVPlayerSetup.exe » INDIGOROSE - unsupported option
    C:\Documents and Settings\Matt\Local Settings\Application Data\Identities\{EC202A8F-BE7C-43B4-BDD9-305EC761EE6A}\Microsoft\Outlook Express\Inbox.dbx » DBX - is OK (internal scanning not performed)
    C:\Documents and Settings\Matt\Local Settings\Temporary Internet Files\Content.IE5\JZ4DMO0T\0c9a9620-1452-4786-808c-ca09d5ed99cc[1].swf » CWS » file.swf - archive damaged - the file could not be extracted.
    C:\Program Files\EA GAMES\Battlefield 2 Demo\pylib-2.3.4.zip » ZIP » test/testtar.tar » TAR »  - archive damaged
    C:\Program Files\FinalBurner\StarBurn_SuperVideoCD.iso » ISO » AVSEQ01.MPG - archive damaged
    C:\Program Files\FinalBurner\StarBurn_VideoCD.iso » ISO » AVSEQ01.DAT - archive damaged
    Number of scanned objects: 191928
    Number of threats found: 0
    Time of completion: 7:32:57 PM  Total scanning time: 890 sec (00:14:50)
    
    Notes:
    [4] Object cannot be opened. It may be in use by another application or operating system.
     
    Last edited: Apr 20, 2012
  9. agoretsky

    agoretsky Eset Staff Account

    Joined:
    Apr 4, 2006
    Posts:
    4,032
    Location:
    California
    Hello,

    There might be another program installed on their which is conflicting with ESET NOD32 Antivirus, then. I would suggest contacting the closest ESET Office and asking to speak to the technical support department. They can then work with you to identify the incompatible software, attempt to find a workaround and escalate to engineering, as needed.

    Regards,

    Aryeh Goretsky
     
  10. matt8911

    matt8911 Registered Member

    Joined:
    Oct 6, 2007
    Posts:
    19
    Location:
    Southern CA
    OK contacted ESET support as you requested and am in the process of diagnosing the problem. First they asked me to dl a scanner and return a log file which I did do. Then they asked me to do a online scan which I completed. One problem I had with the scan was it identified programs as bad and tryed to remove or quarentine them. I identified these programs as genuine and OK so I restored them. The programs are Cinebench and Diskcopy from Easeus. As far as the problem ocurring now it is not, so what to do now. Is there anyway I can try to reproduce this error. I recall after I visited a certain website I started having the problems. Do I revisit the website??
    Matt
     

    Attached Files:

  11. Marcos

    Marcos Eset Staff Account

    Joined:
    Nov 22, 2002
    Posts:
    14,374
    Please let me know if any of the following resolves the issue:
    1, installation of EAV 5.2.9 announced here
    2, disabling web access protection
    3, disabling HTTP checking in the advanced setup
    4, disabling automatic real-time protection start (+ computer restart)
    5, disabling HIPS (+ computer restart)
     
  12. matt8911

    matt8911 Registered Member

    Joined:
    Oct 6, 2007
    Posts:
    19
    Location:
    Southern CA
    With the version that I have disabling self defense is what stopped the problem temprarily. I still see the grey text areas from time to time, but if I refresh the page they go away.

    HIPS does give me worries as well, does it change or prevent changes to the registry? If it does I worry about the possibility of a BSOD.

    I have contacted ESET support and received a few emails and send a few files to them. I think the resolution of the problem is not finished, as I still see the problem intermittently.

    If I uninstall this version then I will not find the problem. If I install another version the probllem may be fixed I dont know.

    Safest route would be to just uninstall and reinstall NOD32 I guess.
    Matt
     
  13. jst3751

    jst3751 Registered Member

    Joined:
    Dec 11, 2009
    Posts:
    21
    Location:
    USA
    Stop, flag on play.

    Since you are using a hard disk you recently received that was not in factory sealed packaging, that immediantly flags the hard disk itself as suspect. That disk should have been throughly tested and wiped before you used it. It is quite possible that the hard disk came to you with some sort of malware already installed. Format itself is not enough to "clean" a drive.
     
  14. matt8911

    matt8911 Registered Member

    Joined:
    Oct 6, 2007
    Posts:
    19
    Location:
    Southern CA
    As far as formatting a drive and cleaning data I have heard that there is still a hidden partition that is not damaged by formatting. However I did use DBAN on a CD I believe but only to do a regular format. I will consider this point when I do any work on my system this weekend.
    Thanks
    Matt8911
     
Thread Status:
Not open for further replies.