|
|
#1
October 28th, 2005, 10:39 AM
|
|||
|
|||
PE 2.1 and KAV 2006
I am currently using the KAV 2006 pre-beta has a Web Scanner in it. PE does not show either of the avp.exe (ie. KAV) processes while browsing the web, and also doesn't show the avp.exe processes when updating the definitions.
Something is surely wrong ? |
|
#2
November 2nd, 2005, 12:04 AM
|
||||
|
||||
|
Re: PE 2.1 and KAV 2006
Hi,
This KAV beta seems to present some issues, you should ask them to test it, the same results will be there in the free version or we can send them a key. The "web anti virus" seems to be firewall and script checker together. This means that most of what it does won't produce sockets anyway.. as far as I can see so far. The update sockets ARE shown, however they will show as SYSTEM (but with the correct PID). We will resolve this as soon as possible, the PE DLL is definitely getting them correctly, since if you look at logs or the log window it shows avp.exe  ID which matches the PID shown in the main window. |
|
#3
November 5th, 2005, 07:04 PM
|
|||
|
|||
|
Re: PE 2.1 and KAV 2006
Quote:
What issues are you referring to ? |
|
#4
November 6th, 2005, 10:55 PM
|
||||
|
||||
|
Re: PE 2.1 and KAV 2006
There is some socket (must be a KAV proxy socket) which keeps re-opening or appears to do so. It could be ok though, I believe its related to something else:
PE couldn't get the name of the avp.exe, but we've since found that this was only when self protection enabled (hides its own driver and prevents getting a handle to the EXE file). Without access to it, PE can't get the full filename or icon. This is not a huge problem though  |
|
#5
November 7th, 2005, 12:15 AM
|
||||
|
||||
|
Re: PE 2.1 and KAV 2006
Looks to be causing a crash in PG as well, with driver verifier enabled PG's driver now tries to access an invalid handle and BSOD. Uninstall KAV and it doesn't happen so definitely the cause.
They need to be very careful with "self protection".. |
|
#6
November 7th, 2005, 12:37 AM
|
|||
|
|||
|
Re: PE 2.1 and KAV 2006
Is this a problem with PG or KAV ?
Should I report this to Kaspersky staff (pointing them to this thread) and give them your e-mail address since you will be able to answer their questions in more detail than myself ? BTW, I am not getting any BSOD in PG 3.2 when starting as AUTOMATIC instead of SYSTEM. I also never got a BSOD in PG 3.15 when starting as AUTOMATIC, so sometrhing appears to have changed between 3.15 and 3.2 beta. |
|
#7
November 24th, 2005, 11:43 PM
|
||||
|
||||
|
Re: PE 2.1 and KAV 2006
PG 3.200 should be the same stability under the same setting - AUTOMATIC. This is what 3.150 was released as. With SYSTEM startup, 3.150 will fail under some setups. So in that case, its not that something has changed there.
The problem with PG and KAV is not a problem per se. KAV hides an object in kernel mode to secure itself, PG also has some self protection mechanisms. There is only a problem when verifying the drivers because the driver verifier is very picky about invalid handles to kernel objects. No surprise there. In a normal system without the verifier running, the attempt to access this handle simply fails.. no errors of course. It just means KAV are putting self protection in the right place I guess.. |
| « Previous Thread | Next Thread » |
| Thread Tools | Search this Thread |
|
|
