Wilders Security Forums  

Go Back   Wilders Security Forums > Official ESET Support Forum > ESET Home Users Products Forum > ESET NOD32 Antivirus
Reload this Page Update 3449 and Lenovo Access Connections
User Name
Password
Register FAQ Members List Calendar Search Today's Posts Mark Forums Read

 
 
Thread Tools Search this Thread
  #1  
Old September 17th, 2008, 09:32 PM
MorgothsBalrog MorgothsBalrog is offline
Infrequent Poster
  
Join Date: Sep 2008
Posts: 2
Default Update 3449 and Lenovo Access Connections
I believe update 3449 (20080917) has caused a conflict with Lenovo Access Connections 5.02 on Windows Vista Ultimate 64-bit. Upon boot, ekrn chews up at least 50% of the CPU and refuses to let Access Connections load. Disabling NOD32 resolves the problem, but obviously this is a poor solution. Any advice?
  #2  
Old September 18th, 2008, 06:45 AM
GAN GAN is offline
Frequent Poster
  
Join Date: Mar 2007
Posts: 355
Default Re: Update 3449 and Lenovo Access Connections
I had a similar issue with Nod32 2.7 and Access Connections because of a logfile that is created/changed by Windows when Access connections is started or a profile is applied. I had to make a change in Windows registry to disable the logging or exclude realtime scanning of that file to solve the problem. Using nod32 2.7 it's easier to find out since i could see what file that is being scanned. Using nod32 3.0 i don't think you can actually see what file is being scanned. I'm pretty sure the .log file is located under the Windows directory though.
The logfile is not created by AC. It's created by Windows and AC is probably using the Windows API to make some system calls which is the reason why Windows create this logfile.

Not sure if this is the same problem, but you could try to exclude the scanning of all *.log files under the Windows directoyr to see if there is any change. If that solve the problem i'm sure you have the same problem.
  #3  
Old September 18th, 2008, 12:51 PM
MorgothsBalrog MorgothsBalrog is offline
Infrequent Poster
  
Join Date: Sep 2008
Posts: 2
Default Re: Update 3449 and Lenovo Access Connections
I grabbed a copy of Sysinternals' Process Monitor and checked out what was causing the fight. Turns out it was a logfile in C:\Users\Public\Documents called AccConAdvanced.html

It looks like a fairly bog standard logfile, but for some reason NOD32 just decided there was something dodgy about it. I added it to my exclusions list for realtime scanning and all is well. It would still be nice to have a more definitive solution but such is life...

Here's a snippet of its contents:
Code:
LOG ENTRIES	=============Access Connections=======================
Environment :
OS : Microsoft Windows Vista Professional Service Pack 1 (Build 6001) 
AC : 5.02
Initialize Date And Time :[9/18/2008]12:37:52:908 
Active Profile Name : RIT Wired
Active Adapter : PCI\VEN_8086&DEV_10F5&SUBSYS_20EE17AA
=============================================================
	=============Device Information======================= 
Description : ThinkPad Modem Adapter
Type : Modem Device
DriverVersion : 7.73. 0. 0
PNPID : HDAUDIO\FUNC_02&VEN_14F1&DEV_5051&SUBSYS_17AA20FC

Description : Intel(R) 82567LM Gigabit Network Connection
Type : Wired LAN Adapter
DriverVersion : 9.52. 9. 0
PNPID : PCI\VEN_8086&DEV_10F5&SUBSYS_20EE17AA

Description : Intel(R) WiFi Link 5300 AGN
Type : Wireless LAN Adapter
DriverVersion : 12. 0. 0.82
PNPID : PCI\VEN_8086&DEV_4236&SUBSYS_10118086

Description : Microsoft Windows Mobile Remote Adapter
Type : Wired LAN Adapter
DriverVersion : 6. 1.53. 0
PNPID : USB\VID_0BB4&PID_0B04\

=============================================================
	Ok AcSvc( SYSTEM(Prvlg).2520.3656) [9/18]12:37:40:310 AcAdapter::DecreamentUsageCount(): Lock acquired for PCI\VEN_8086&DEV_4236&SUBSYS_10118086
	Ok ACGadgetWrapper( alex(Prvlg).3568.4444) [9/18]12:37:41:142 AcSvcGetProfileStatus: Entry
	Ok AcSvc( SYSTEM(Prvlg).2520.3656) [9/18]12:37:54:357 AcAdapter::DecreamentUsageCount(): Lock released for PCI\VEN_8086&DEV_4236&SUBSYS_10118086. The usage count has become =0
	Ok AcSvc( SYSTEM(Prvlg).2520.3656) [9/18]12:37:54:358 AcSvcIntf.GetRadioStatus: RadioState=2, Exit with code 0
	Ok AcSvc( SYSTEM(Prvlg).2520.5348) [9/18]12:37:54:358 GetProfileStatus: ENtry for profile RIT Wired
	Ok ACWLIcon( alex(Prvlg).3620.3624) [9/18]12:37:54:360 AcSvcGetRadioStatus: Exit
	Ok ACWLIcon( alex(Prvlg).3620.3624) [9/18]12:37:54:361 Get Radio Status returned - radio Off
	Ok ACWLIcon( alex(Prvlg).3620.3624) [9/18]12:37:54:361 Exiting CWLIcon::UpdateTrayIcon()
	Ok AcSvc( SYSTEM(Prvlg).2520.5348) [9/18]12:37:54:374 GetProfileStatus: Found valid adpt settings
	Ok AcSvc( SYSTEM(Prvlg).2520.5348) [9/18]12:37:54:374 GetProfileStatus: Getting adapter object for PCI\VEN_8086&DEV_10F5&SUBSYS_20EE17AA
	Ok AcSvc( SYSTEM(Prvlg).2520.5348) [9/18]12:37:54:392 AcAdapter::IncreamentUsageCount(): Lock acquired for PCI\VEN_8086&DEV_10F5&SUBSYS_20EE17AA
	Ok AcSvc( SYSTEM(Prvlg).2520.5348) [9/18]12:37:54:393 AcAdapter::IncreamentUsageCount(): Lock released for PCI\VEN_8086&DEV_10F5&SUBSYS_20EE17AA. The usage count has become =1
	Ok AcSvc( SYSTEM(Prvlg).2520.5348) [9/18]12:37:54:393 GetProfileStatus: After Getting adapter object for PCI\VEN_8086&DEV_10F5&SUBSYS_20EE17AA
	Ok AcSvc( SYSTEM(Prvlg).2520.5348) [9/18]12:37:54:394 GetProfileStatus: Getting Ip addressn for PCI\VEN_8086&DEV_10F5&SUBSYS_20EE17AA
	Ok AcSvc( SYSTEM(Prvlg).2520.5348) [9/18]12:37:54:396 CAcIPMgr::IsValidIp: Valid IP Address => 129.21.144.104 
	Ok AcSvc( SYSTEM(Prvlg).2520.5348) [9/18]12:37:54:397 CAcIPMgr::GetAdaptersInfo: Adapter information for GUID Intel(R) 82567LM Gigabit Network Connection found. Current IP state is AC_IP_ADDR_VALID
	Ok AcSvc( SYSTEM(Prvlg).2520.5348) [9/18]12:37:54:397 AcTcpIpServices::IsValidIP(CAcLanSettings LanSettings)) Entry 
	Ok AcSvc( SYSTEM(Prvlg).2520.5348) [9/18]12:37:54:399 AcTcpIpServices::IsValidIP IpAddress is Valid 
	Ok AcSvc( SYSTEM(Prvlg).2520.5348) [9/18]12:37:54:400 AcTcpIpServices::IsValidIP Exit 
	Ok AcSvc( SYSTEM(Prvlg).2520.5348) [9/18]12:37:54:400 GetProfileStatus: Got Ip addressn for PCI\VEN_8086&DEV_10F5&SUBSYS_20EE17AA
	Ok AcSvc( SYSTEM(Prvlg).2520.5348) [9/18]12:37:54:401 GetProfileStatus: Calling AcTcpIpServices::IsValidIP for PCI\VEN_8086&DEV_10F5&SUBSYS_20EE17AA
	Ok AcSvc( SYSTEM(Prvlg).2520.5348) [9/18]12:37:54:401 AcProfileStatus::AcSvcIsValidIP(CAcLanSettings LanSettings)) Entry 
	Ok AcSvc( SYSTEM(Prvlg).2520.5348) [9/18]12:37:54:402 AcProfileStatus::AcSvcIsValidIP IpAddress is Valid 
	Ok AcSvc( SYSTEM(Prvlg).2520.5348) [9/18]12:37:54:402 AcProfileStatus::AcSvcIsValidIP Exit 
	Ok AcSvc( SYSTEM(Prvlg).2520.5348) [9/18]12:37:54:403 GetProfileStatus: After calling AcTcpIpServices::IsValidIP for PCI\VEN_8086&DEV_10F5&SUBSYS_20EE17AA
	Ok AcSvc( SYSTEM(Prvlg).2520.5348) [9/18]12:37:54:403 ### Valid IP address is found 
	Ok AcSvc( SYSTEM(Prvlg).2520.5348) [9/18]12:37:54:404 AcAdapterCurrentProfile::ReadAcitveProfileName Entry 
	Ok AcSvc( SYSTEM(Prvlg).2520.5348) [9/18]12:37:54:404 AcAdapterCurrentProfile::ReadAcitveProfileName Active profile is [RIT Wired]
	Ok AcSvc( SYSTEM(Prvlg).2520.5348) [9/18]12:37:54:404 AcAdapterCurrentProfile::ReadAcitveProfileName Exit
	Ok AcSvc( SYSTEM(Prvlg).2520.5348) [9/18]12:37:54:405 AcAdapter::DecreamentUsageCount(): Lock acquired for PCI\VEN_8086&DEV_10F5&SUBSYS_20EE17AA
	Ok AcSvc( SYSTEM(Prvlg).2520.5348) [9/18]12:37:54:405 AcAdapter::DecreamentUsageCount(): Lock released for PCI\VEN_8086&DEV_10F5&SUBSYS_20EE17AA. The usage count has become =0
	Ok AcSvc( SYSTEM(Prvlg).2520.5348) [9/18]12:37:54:406 GetProfileStatus: Exit for profile RIT Wired. STatus is 1
	Ok ACGadgetWrapper( alex(Prvlg).3568.4444) [9/18]12:37:54:406 AcSvcGetProfileStatus: Exit
	Ok ACWLIcon( alex(Prvlg).3620.3624) [9/18]12:37:57:365 Inside CWLIcon::UpdateTrayIcon()
	Ok ACWLIcon( alex(Prvlg).3620.3624) [9/18]12:37:57:365 Calling AcSvcGetRadioStatus()
	Ok ACWLIcon( alex(Prvlg).3620.3624) [9/18]12:37:57:366 AcSvcGetRadioStatus: Entry
	Ok AcSvc( SYSTEM(Prvlg).2520.5348) [9/18]12:37:57:367 AcSvcIntf.GetRadioStatus: Entry
	Ok AcSvc( SYSTEM(Prvlg).2520.5348) [9/18]12:37:57:367 AcAdapter::IncreamentUsageCount(): Lock acquired for PCI\VEN_8086&DEV_4236&SUBSYS_10118086
	Ok AcSvc( SYSTEM(Prvlg).2520.5348) [9/18]12:37:57:368 AcAdapter::IncreamentUsageCount(): Lock released for PCI\VEN_8086&DEV_4236&SUBSYS_10118086. The usage count has become =1
	Ok AcSvc( SYSTEM(Prvlg).2520.5348) [9/18]12:37:57:368 AcVistaWlAutoconfig::GetRadioStateInDriver Entry
	Ok AcSvc( SYSTEM(Prvlg).2520.5348) [9/18]12:37:57:369 CAcVistaWlAutoconfig::GetRadiostateindriver Turned OFF for phy type:1
	Ok AcSvc( SYSTEM(Prvlg).2520.5348) [9/18]12:37:57:370 CAcVistaWlAutoconfig::GetRadiostateindriver Turned OFF for phy type:2
	Ok AcSvc( SYSTEM(Prvlg).2520.5348) [9/18]12:37:57:370 CAcVistaWlAutoconfig::GetRadiostateindriver Turned OFF for phy type:3
	Ok AcSvc( SYSTEM(Prvlg).2520.5348) [9/18]12:37:57:371 AcVistaWlAutoconfig::GetRadioStateInDriver Exit
	Ok AcSvc( SYSTEM(Prvlg).2520.5348) [9/18]12:37:57:371 AcAdapter::DecreamentUsageCount(): Lock acquired for PCI\VEN_8086&DEV_4236&SUBSYS_10118086
	Ok AcSvc( SYSTEM(Prvlg).2520.5348) [9/18]12:37:57:373 AcAdapter::DecreamentUsageCount(): Lock released for PCI\VEN_8086&DEV_4236&SUBSYS_10118086. The usage count has become =0
	Ok AcSvc( SYSTEM(Prvlg).2520.5348) [9/18]12:37:57:373 AcSvcIntf.GetRadioStatus: RadioState=2, Exit with code 0
	Ok ACWLIcon( alex(Prvlg).3620.3624) [9/18]12:37:57:374 AcSvcGetRadioStatus: Exit
	Ok ACWLIcon( alex(Prvlg).3620.3624) [9/18]12:37:57:375 Get Radio Status returned - radio Off
	Ok ACWLIcon( alex(Prvlg).3620.3624) [9/18]12:37:57:408 Exiting CWLIcon::UpdateTrayIcon()
	Ok ACWLIcon( alex(Prvlg).3620.3624) [9/18]12:38:00:406 Inside CWLIcon::UpdateTrayIcon()
	Ok ACWLIcon( alex(Prvlg).3620.3624) [9/18]12:38:00:406 Calling AcSvcGetRadioStatus()
	Ok ACWLIcon( alex(Prvlg).3620.3624) [9/18]12:38:00:407 AcSvcGetRadioStatus: Entry
	Ok AcSvc( SYSTEM(Prvlg).2520.5348) [9/18]12:38:00:408 AcSvcIntf.GetRadioStatus: Entry
	Ok AcSvc( SYSTEM(Prvlg).2520.5348) [9/18]12:38:00:408 AcAdapter::IncreamentUsageCount(): Lock acquired for PCI\VEN_8086&DEV_4236&SUBSYS_10118086
	Ok AcSvc( SYSTEM(Prvlg).2520.5348) [9/18]12:38:00:409 AcAdapter::IncreamentUsageCount(): Lock released for PCI\VEN_8086&DEV_4236&SUBSYS_10118086. The usage count has become =1
	Ok AcSvc( SYSTEM(Prvlg).2520.5348) [9/18]12:38:00:409 AcVistaWlAutoconfig::GetRadioStateInDriver Entry
	Ok AcSvc( SYSTEM(Prvlg).2520.5348) [9/18]12:38:00:410 CAcVistaWlAutoconfig::GetRadiostateindriver Turned OFF for phy type:1
	Ok AcSvc( SYSTEM(Prvlg).2520.5348) [9/18]12:38:00:410 CAcVistaWlAutoconfig::GetRadiostateindriver Turned OFF for phy type:2
	Ok AcSvc( SYSTEM(Prvlg).2520.5348) [9/18]12:38:00:411 CAcVistaWlAutoconfig::GetRadiostateindriver Turned OFF for phy type:3
	Ok AcSvc( SYSTEM(Prvlg).2520.5348) [9/18]12:38:00:411 AcVistaWlAutoconfig::GetRadioStateInDriver Exit
	Ok AcSvc( SYSTEM(Prvlg).2520.5348) [9/18]12:38:00:412 AcAdapter::DecreamentUsageCount(): Lock acquired for PCI\VEN_8086&DEV_4236&SUBSYS_10118086
	Ok AcSvc( SYSTEM(Prvlg).2520.5348) [9/18]12:38:00:413 AcAdapter::DecreamentUsageCount(): Lock released for PCI\VEN_8086&DEV_4236&SUBSYS_10118086. The usage count has become =0
	Ok AcSvc( SYSTEM(Prvlg).2520.5348) [9/18]12:38:00:413 AcSvcIntf.GetRadioStatus: RadioState=2, Exit with code 0
	Ok ACWLIcon( alex(Prvlg).3620.3624) [9/18]12:38:00:414 AcSvcGetRadioStatus: Exit
	Ok ACWLIcon( alex(Prvlg).3620.3624) [9/18]12:38:00:414 Get Radio Status returned - radio Off
	Ok ACWLIcon( alex(Prvlg).3620.3624) [9/18]12:38:00:414 Exiting CWLIcon::UpdateTrayIcon()
	Ok ACWLIcon( alex(Prvlg).3620.3624) [9/18]12:38:03:415 Inside CWLIcon::UpdateTrayIcon()
	Ok ACWLIcon( alex(Prvlg).3620.3624) [9/18]12:38:03:415 Calling AcSvcGetRadioStatus()
	Ok ACWLIcon( alex(Prvlg).3620.3624) [9/18]12:38:03:416 AcSvcGetRadioStatus: Entry
	Ok AcSvc( SYSTEM(Prvlg).2520.5348) [9/18]12:38:03:417 AcSvcIntf.GetRadioStatus: Entry
Last edited by MorgothsBalrog : September 18th, 2008 at 12:58 PM.
 

Wilders Security Forums > Official ESET Support Forum > ESET Home Users Products Forum > ESET NOD32 Antivirus « Previous Thread | Next Thread »

Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Settings
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
vB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Forum Jump


All times are GMT -4. The time now is 12:03 PM.

Contact Us - SSL - Wilders Security - Archive - TOS/Privacy - Top

Powered by vBulletin® Copyright ©2000 - 2013, Jelsoft Enterprises Ltd.
Copyright ©2002 - 2013, Wilders Security Forums