Anti vir updates crashing computer.

It's not anything you're doing. The specvir_h.zip contains the wrong file for XP. I downloaded the version 7 installers for both XP and 98 and compared them. The avrep.dll in both versions has the same version number but they are different sizes. I finally found what I hope is the right file and download link. The avrep.dll file for XP is in a .gz archive. It's opened with WinZip or 7zip the same way.
Here's the link for avrep.dll for XP units.
http://dl4.avgate.net/upd/engine/nt/avrep.dll.gz
Let me know how this one works.
Rick

 

Thanks, Rick. But I still cant get the avrep.dll Ver. 7 to work on 98 SE. I am doing something very wrong!

Thanks,
Dave

 

Was the AntiVir guard (AVGCTRL.EXE) shut down when you unzipped specvir_h.zip? Did you update the scanning engine? If yes, which link did you use?

I'm running out of ideas what to look for. Is it possible that there's still remains of version 7 in the registry? I installed version 6 on a 98SE testbox and updated the files with those links. They worked fine.
I'm not familiar with this "fusebundle" you used to update AntiVir. Got a link for it? That's the only thing I can see we've done differently. Maybe there's something there that's a problem.
Rick

 

I am using SSM free when I tried to install Antivir rootkit componenet, I got a BSOD. I uninstalled Antivir, cleaned registry and did a clean install alongwith anti-rootkit componenet that went fine.

After that I started getting off and on BSODs( not sure if all of them happened while antivir tried to update its definitions or just off and on), so I decided to uninstall antirootkit component. It caused another BSOD, so I have to go into safe mode to uninstall RootKit component. It was few weeks ago, since then Avira classic and SM free are living happily. No more BSODs.

So there is a clear and srious conflict between SSM free and Avira antirootkit.
Are they aware of this issue? If not can anyone post in their forums?

Thanks

 

aigle,
See here

 

Thanks Rick, the avgctrl.exe wasn't in the package, but it is now.

I owe you.
Thanks,
Dave

@aigle
Each time AV 7 updates, it writes to your regitry. For this reason, many have had problems with AV 7 and SSM.

Dave

 

Thanks, so it,s fault of SSM, not Antivir. Anyway I don,t need antirootkit of Avira.
I have read before that SSM uses malware like techniques, RootKit UnHooker used to detect it as a parasite!

 

aigle, I've never understood why AV 7 writes to the registry during an update, and when I mentioned this on the Avira/AntVir forum, they didn't believe me! Someone else posted one of his update logs, and the registry hits were very large in number just for a antivir3.vdf update.

Dave

 

AVGcrtl.exe was missing? Wasn't expecting to hear that. Is everything working properly now?

Malware like techniques? Is that what they're calling it when an app is hooking at a kernel level? Could you provide a link to this? I'd be interested to see it.
Yes, SSM does set a lot of hooks, more than most security apps. That's what gives SSM the ability to intercept and control as much as it does. System and global hooks are not malicious in themselves, and are not used exclusively by malware. Rootkits themselves are not malicious. It's how they're used that matters. The term has been associated with malware because of the increasing amount of it using rootkit methods. If you search "kernel hooks" and "Linux", you'll find most of the results are not about malicious uses.

Malicious rootkits owe much of their effectivness to their ability to get deep into the operating system. Security apps need equal or superior depth to effectively combat malicious rootkits on Windows. If all else is equal, the process that's hooked in the deepest will be the one in control. If that too is equal, the one that's there first has control.

Regarding which is at fault for the SSM and AntiVir rootkit module conflict, this isn't a question of fault. This is what can happen when more than one security app functions at a kernel level. They interfere with each other at the deepest levels of your system, with BSODs being one possible result. If there's a fault here, it's windows. Windows wasn't designed to accomodate multiple security apps hooking at a kernel level. Apps like these wouldn't be necessary if windows had any real defenses of its own. This is an example of what I've tried to warn people about, when more than one app works at a kernel level, then one of them updates. One good security app functioning at a kernel level is all that should be on one operating system.
Rick

DW, if you still have it available, I'd like to see a link for that fusebundle.

 

I don,t have a link to that thread. It was actually said by EP_X0FF on these forums( if I remember well). U can ask him.

 

I did report the AntiVir/SSM conflict on the SSM forum. So far, no reply.
Rick

 

Thanks but after removing AntiRootKit I have no troubles.

 

Thanks. I'll check that out. I'm hoping tomorrow to get over to my clients home where SSM and AntiVir are on the same XP box. Until this incident with the rootkit module, they coexisted quite well, except that I had to give AntiVir permissions I'm not comfortable with to accomodate the auto-updating. This thread has me rethinking that decision to avoid future incidents like this one.

Same here.
Rick

 

I saw it. Very slow response on their forums now a days, esp in free version section reponse is near to zero.
Are they too busty with SSM or..?

 

They do seem slower to respond than they used to be. I'm only guessing as I'm not beta testing SSM pro. Nothing compatible to test it on, running 98. Best I can tell, the type of bug reports they get have changed. They're not as easy to fix, especially when a lot are conflicts with other security apps, trying to accomodate an app without weakening the overall level of protection.

I'd bet that Vista is giving them a headache as well, and consuming a lot of their time.

Rick

 

You may be quite right especially about Vista.