Combofix conflic with uninstalled AV

January 28, 2012 at 05:48:18
Specs: Windows 7, 3.0 Ghz
It's been months and months ago I had a trial of eset nod32 av. I uninstalled it long long ago. Was using MSE AV. I have been getting redirects science about October maybe longer. I was very badly infected back about October also. But maleware bytes cleaned it but I was still getting the redirects just been dealing with it. I was tired of it so lastnight I decided to try combofix AGAIN. Well it did something. I deleted some things (I have logs if requested I will post) It seems it reset IE because I was asked the things IE ask when it's new or whatever. But anyway I think the redirects may be gone now. My concerne is when I run combofix I got a message about eset/nod32 running. I was just concerned because I removed it months ago.
Any suggestions? Maybe it is still in the registery or a service? I looked but did not see but something seems hidden. Maybe if I get it gone maleware bytesd may find more infections?
BTW My PC spects at top are for my desktop. The problem is with my Laptop Inspiron 1545 3 GB Ram Windows 7 Ultimate x64 2.00 Ghz

Just because the OP does not come back in 3 or 4 days to reply, does not mean he will not come back and reply.


See More: Combofix conflic with uninstalled AV

Report •


#1
January 29, 2012 at 06:15:16
use revo uninstaller in hunter mode to find eset and remove it

Some HELP in posting on Computing.net plus free progs and instructions 7 Medals


Report •

#2
January 29, 2012 at 09:47:48
Ive used the 30 day trial already.

Just because the OP does not come back in 3 or 4 days to reply, does not mean he will not come back and reply.


Report •

#3
January 31, 2012 at 14:17:44
Sure, but presumably you would still like to remove it.


Report •

Related Solutions

#4
January 31, 2012 at 15:09:52

Report •

#5
February 9, 2012 at 17:09:37
The nod32/eset uninstall tool does not help. And I have used the trial of reveo uninstaller.

Just because the OP does not come back in 3 or 4 days to reply, does not mean he will not come back and reply.


Report •

#6
February 9, 2012 at 17:40:46
This any help?:
http://techie-buzz.com/how-to/unins...

With both AV's and Firewalls these issues usually come about because the products were not disabled before trying to remove them. Unfortunately the need to do this does not seem to be widely known.

If it comes to the crunch you might have to re-install the trial, disable it from starting then do the uninstall again. Bits of programs staying behind, such as files and registry entries, has been going on since at least W95. Infuriating but a sad fact of computer life.


Always pop back and let us know the outcome - thanks


Report •

#7
February 12, 2012 at 09:44:45
Ok things I have tried.

eset uninstall tool
revo uninstaller (got it to work)
eset uninstaller in safe mode
I have searched the eset website.

combofix still says it's running and needs to be closed. ESET is removed with revo and revo forced the normal uninstaller from windows to run. I was prompted to reboot. I knew I needed to scan for left over traces so I chose to reboot later. Scanned for the traces then rebooted and BTW no traces were left over. I personally think revo is a waste of money because it's going to force the windows uninstaller to run. So now I am stuck and I really need more help ASAP before this thread gets too old to reply. I may not be back for a few days but I will be back and check for replies.

Thanks

<edit>

Derek I reinstalled the trial also several times when using the reveo and the uninstall tool.

Just because the OP does not come back in 3 or 4 days to reply, does not mean he will not come back and reply.


Report •

#8
February 12, 2012 at 10:27:25
Anything in msconfig? If so it should give the Run registry location too.

There is a freebie call "Process Explorer" which gives a fair amount of info. There is another much more ambitious freebie called "Autoruns for Windows". Although these don't permanently remove anything they might give you more information on the issue. They are both able to stop things running tho (just by unticking), which might aid uninstall too.

Posts remain active for months these days - the problem is that folk tend not to go back to old ones, so as time goes by you are less likely to get new helpers with fresh ideas.

Always pop back and let us know the outcome - thanks


Report •

#9
February 12, 2012 at 11:32:58
Can you try run EsetUninstaller in SafeMode?
Or try use command line
EsetUninstaller.exe /nosafemode

Please let me known about result.

Treatment of viruses in the On-line mode.
Write to HERE


Report •

#10
February 12, 2012 at 14:03:57
"ChristopherTGarrett
And I have used the trial of reveo uninstaller."

You should be using Revo & it is FREE.

Revo Uninstaller
http://www.softpedia.com/get/Tweak/...
http://www.softpedia.com/progScreen...
http://www.revouninstaller.com/


Report •

#11
February 12, 2012 at 16:08:21
johnw.....see response #1

Some HELP in posting on Computing.net plus free progs and instructions 7 Medals


Report •

#12
February 12, 2012 at 16:37:20
XpUser4Real read my post again.

Report •

#13
February 12, 2012 at 16:46:13
All I know is the revo uninstaller I had was the 30 day trial. I used it used the 30 days up. I found a way to patch it and use it longer just to try removing eset with it. Did not work and it diod not find any traces left over. Nothing in msconfig.

"maksimog February 12, 2012 at 11:32:58

Can you try run EsetUninstaller in SafeMode?
Or try use command line
EsetUninstaller.exe /nosafemode
Please let me known about result."


Read ALL my replies I used it in safemode. The eset uninstaller does not work. And the reveo or revo wjhatever it is I used it and it does not really work all it's doing is bringing up the normal uninstall menue of the program. And as I said the revo when I tried the first time it was suggested I opened the program snd it said my trial was up and was asking for a license. Are we talking about the same program?

Just because the OP does not come back in 3 or 4 days to reply, does not mean he will not come back and reply.


Report •

#14
February 12, 2012 at 16:53:47
johnw
I did....You should be using Revo & it is FREE.

Some HELP in posting on Computing.net plus free progs and instructions 7 Medals


Report •

#15
February 12, 2012 at 16:53:54
For later, when you've done Revo (again??):

As Nod isn't a virus it should not be hidden in any big way. If the remnants are what is bothering you then they can only be due to one or more of the following:

Files
Registry entries
A service

Last first - I don't know whether Nod invokes a service, although it is unlikley. However it should not be too hard to find one if it is there. After all, you seem to have dabbled with computers for years.

Files must be somewhere and an appropriate search should find them, ie Eset and then Nod. These are best removed before tackling the registry.

Registry entries, well if you want to be safe then use CCleaners Registry feature. I don't usually advocate registry cleaners but CCleaners is as safe as any. Just let it remove only those entries which are clearly due to Eset Nod - untick all the rest.

Always pop back and let us know the outcome - thanks


Report •

#16
February 12, 2012 at 17:11:21
"I did....You should be using Revo & it is FREE"
XpUser4Real, wrong again, read the line above.

Report •

#17
February 12, 2012 at 17:36:41
ChristopherTGarrett

The free version normally works and that is what we generally advocate around here, rather than the trial. What you want is at the first link in post #10 (freeware).

After that, if still necessary, see my #15.

Remnants of programs being left behind has been true from at least W95. Like you, I like getting shot of junk but unless Nod is jumping up in your face then the issue is really only of academic interest. I doubt that Nod is "really" running. You could simply stop using Combofix, which is intended for viruses, tojans and the like.

EDIT:
Most of the above is now negated as the system started giving redirects again later.
Clearly some sort of virus activity.

Always pop back and let us know the outcome - thanks


Report •

#18
February 12, 2012 at 18:08:20
OK the pro version was the trial. If the pro version trial did not find it then I dought the free version will. Is it worth it to reinstall the eset trial again just to uninstall with revo free? I dought it. I am about to just give up I cannot come up with a soloution. I am getting redirects and nothing seems to find them either. I just don't know what to do at this point.

Just because the OP does not come back in 3 or 4 days to reply, does not mean he will not come back and reply.


Report •

#19
February 12, 2012 at 18:49:12
You certainly are infected, uninstall Combofix & download a new version.

How to uninstall combofix
http://www.myantispyware.com/2008/0...

ComboFix
http://download.bleepingcomputer.co...
http://www.techsupportforum.com/sec...
http://www.forospyware.com/sUBs/Com...

You need to take some preventative measures so that there are no conflicts with other programs when running ComboFix. At this point you should do the following:
* Close all open Windows including this one.
* Close or disable all running Antivirus, Antispyware, and Firewall programs as they may interfere with the proper running of ComboFix. Instructions on disabling these type of programs can be found in this topic.
http://www.bleepingcomputer.com/for...


Report •

#20
February 12, 2012 at 19:58:51
Can't Install an Antivirus - Windows Security Center still detects previous AV
http://www.experts-exchange.com/Vir...

Report •

#21
February 13, 2012 at 13:50:35
OK Thanks for all the help. I came home today and more adware/infections. The laptop did stay on I forgot to put it on standby. But anyway I am just going to format the drive and reinstall. I already got all important info backed up. First I am going to install the Windows 8 develeper version just for fun because I am formatting anyway.

Just because the OP does not come back in 3 or 4 days to reply, does not mean he will not come back and reply.


Report •

#22
February 13, 2012 at 14:00:53
"First I am going to install the Windows 8 develeper version just for fun because I am formatting anyway"

Most important you delete all partitions & then you format.


Report •

#23
February 13, 2012 at 14:36:37
Sounds like a good plan to reformat - the redirects happening again obviously point to a virus. Are you aware that you can get your own stuff off using a Linux CD? I use Puppy Linux for this but any Live CD should be able to do it. You just drag your files onto a flash drive.

You would need to burn the image (ISO) onto the CD using another computer, not just put the download onto it. Most burning software has a facility to do this and there are also several freebies around which can also do it. On the bad computer you just have to set the CD ahead of the HD in BIOS so that it will boot to Linux when you power on with the CD in the drive. Windows will not be affected but in this instance that is not particularly important as you are reformatting anyway.

Always pop back and let us know the outcome - thanks


Report •

#24
February 13, 2012 at 17:48:54
I am aware of Linux because a friend of mine laptop had a virus a few weeks ago that hid everything. I used linux to get all the important things off. I am good at most thing on the computer but the problems Ive had the past few months have been more than I can handel. It needs a reformat anyway.

Just because the OP does not come back in 3 or 4 days to reply, does not mean he will not come back and reply.


Report •

#25
February 13, 2012 at 18:30:40
I thought you might already know about that Linux trick. Good luck whatever, hope all goes well.

Always pop back and let us know the outcome - thanks


Report •


Ask Question