Running in Safe Mode

Discussion in 'ESET NOD32 Antivirus' started by WebbDawg, Jul 29, 2012.

Thread Status:
Not open for further replies.
  1. WebbDawg

    WebbDawg Registered Member

    Joined:
    Jul 29, 2012
    Posts:
    2
    Location:
    USA
    I tried to run my AV in Safe mode but it seems to be stuck after 2 files. I did an update before going to safe mode so i should have everything current.

    I ran in safe mode because my system seems to hang often and I read that the CSRSS.exe could be a trojan. I tried to look at the properties window from the Task Manager Processes but could not. I could look at other process properties though.

    If I cannot figure this out I will wipe and do a clean install.

    Here is the info in the
    Attached are 2 gif files that show the About Eset Smart Security Window and the Safe Mode command line Run Screen.

    Below are the installed modules.
    Virus signature database: 7338 (20120729)
    Update module: 1040 (20120313)
    Antivirus and antispyware scanner module: 1365 (20120724)
    Advanced heuristics module: 1121 (2011120:cool:
    Archive support module: 1147 (20120620)
    Cleaner module: 1057 (20120626)
    Anti-Stealth support module: 1031 (20120613)
    Personal firewall module: 1082 (20120515)
    Antispam module: 1022 (20120601)
    ESET SysInspector module: 1225 (20120629)
    Self-defense support module: 1018 (20100812)
    Real-time file system protection module: 1006 (20110921)
    Translation support module: 1074 (20120601)
    HIPS support module: 1052 (20120613)
    Internet protection module: 1042 (20120709)
    Web content filter module: 1017P (20120307)
    Advanced antispam module: 1049 (20120729)
    Database module: 1022 (20120709)

    Thanks in advance.
    Dave
     

    Attached Files:

  2. Cudni

    Cudni Global Moderator

    Joined:
    May 24, 2009
    Posts:
    6,956
    Location:
    Somethingshire
    When you scan in normal mode does your AV detect any threats? Check your event viewer logs for errors and warnings in case it offers a clue on the machine hanging.
     
  3. Marcos

    Marcos Eset Staff Account

    Joined:
    Nov 22, 2002
    Posts:
    14,374
    For how long did you wait for the scan to complete? Remember that it may take even hours if you have a lot of large archives on the disk.
     
  4. WebbDawg

    WebbDawg Registered Member

    Joined:
    Jul 29, 2012
    Posts:
    2
    Location:
    USA
    Cudni, I have seen not threats in normal mode scanning.
    I looked at the event log and read it abit but I am not sure what it is telling me. Below is a list of Application events from boot time this morning. I did restart a few times.

    Marcos
    After a few minutes nothing was happening so I restarted again and same thing.
    I'll try it again later when I leave the house and let it run.

    Code:
    Information	7/29/2012 10:18:04 AM	Security-SPP	903	None
    Information	7/29/2012 10:12:22 AM	Security-SPP	902	None
    Information	7/29/2012 10:12:22 AM	Security-SPP	1003	None
    Information	7/29/2012 10:12:22 AM	Security-SPP	1066	None
    Information	7/29/2012 10:12:21 AM	Security-SPP	900	None
    Information	7/29/2012 9:30:19 AM	Desktop Window Manager	9010	None
    Information	7/29/2012 9:16:14 AM	Security-SPP	903	None
    Information	7/29/2012 9:11:57 AM	Desktop Window Manager	9019	None
    Information	7/29/2012 9:11:57 AM	Winlogon	6000	None
    Information	7/29/2012 9:11:57 AM	Winlogon	4101	None
    Information	7/29/2012 9:11:15 AM	SecurityCenter	1	None
    Information	7/29/2012 9:11:14 AM	Security-SPP	902	None
    Information	7/29/2012 9:11:14 AM	Security-SPP	1003	None
    Information	7/29/2012 9:11:14 AM	Security-SPP	1066	None
    Information	7/29/2012 9:11:09 AM	UNS	2000	UNS
    Information	7/29/2012 9:11:08 AM	Security-SPP	900	None
    Information	7/29/2012 9:10:54 AM	SkypeUpdate	101	Service Events
    Information	7/29/2012 9:10:53 AM	SkypeUpdate	103	Service Events
    Information	7/29/2012 9:09:05 AM	Search	1003	Search service
    Information	7/29/2012 9:08:59 AM	ESENT	302	Logging/Recovery
    Information	7/29/2012 9:08:58 AM	WMI	5617	None
    Information	7/29/2012 9:08:58 AM	ESENT	301	Logging/Recovery
    Information	7/29/2012 9:08:58 AM	ESENT	300	Logging/Recovery
    Information	7/29/2012 9:08:58 AM	EvtEng	0	None
    Information	7/29/2012 9:08:58 AM	ESENT	102	General
    Information	7/29/2012 9:08:55 AM	SignInAssistant	0	None
    Information	7/29/2012 9:08:55 AM	SignInAssistant	0	None
    Information	7/29/2012 9:08:55 AM	SignInAssistant	0	None
    Information	7/29/2012 9:08:55 AM	WMI	5615	None
    Information	7/29/2012 9:08:53 AM	SkypeUpdate	100	Service Events
    Information	7/29/2012 9:08:53 AM	RegSrvc	0	None
    Warning	7/29/2012 9:08:53 AM	LMS	1	None
    Information	7/29/2012 9:08:53 AM	LMS	0	None
    Information	7/29/2012 9:08:52 AM	AdobeARMservice	0	None
    Information	7/29/2012 9:08:50 AM	User Profile Service	1531	None
    Information	7/29/2012 9:08:50 AM	EventSystem	4625	None
    Information	7/29/2012 9:08:17 AM	User Profile Service	1532	None
    Information	7/29/2012 9:08:16 AM	Winlogon	6000	None
    Warning	7/29/2012 9:08:16 AM	Winlogon	6000	None
    Information	7/29/2012 9:08:16 AM	Winlogon	6000	None
    Information	7/29/2012 9:08:16 AM	Winlogon	6000	None
    Warning	7/29/2012 9:08:15 AM	Winlogon	6000	None
    Information	7/29/2012 9:04:38 AM	Winlogon	6000	None
    Warning	7/29/2012 9:04:38 AM	Winlogon	6000	None
    Information	7/29/2012 9:04:38 AM	Winlogon	6000	None
    Information	7/29/2012 9:04:23 AM	Winlogon	6000	None
    Warning	7/29/2012 9:04:22 AM	Winlogon	6000	None
    Information	7/29/2012 9:04:22 AM	Winlogon	6000	None
    Information	7/29/2012 9:04:22 AM	Winlogon	6000	None
    Warning	7/29/2012 9:04:21 AM	Winlogon	6000	None
    Information	7/29/2012 9:03:47 AM	HHCTRL	1904	None
    Information	7/29/2012 9:03:42 AM	HHCTRL	1904	None
    Information	7/29/2012 9:00:51 AM	Winlogon	6000	None
    Warning	7/29/2012 9:00:51 AM	Winlogon	6000	None
    Information	7/29/2012 9:00:51 AM	Winlogon	6000	None
    Information	7/29/2012 9:00:36 AM	WMI	5617	None
    Information	7/29/2012 9:00:35 AM	VSS	8211	None
    Information	7/29/2012 9:00:34 AM	User Profile Service	1531	None
    Information	7/29/2012 9:00:34 AM	WMI	5615	None
    Information	7/29/2012 8:58:55 AM	User Profile Service	1532	None
    Information	7/29/2012 8:58:53 AM	Search	1003	Search service
    Information	7/29/2012 8:58:51 AM	ESENT	302	Logging/Recovery
    Information	7/29/2012 8:58:47 AM	WMI	5617	None
    Information	7/29/2012 8:58:47 AM	ESENT	301	Logging/Recovery
    Information	7/29/2012 8:58:47 AM	ESENT	300	Logging/Recovery
    Information	7/29/2012 8:58:46 AM	EvtEng	0	None
    Information	7/29/2012 8:58:46 AM	ESENT	102	General
    Information	7/29/2012 8:58:44 AM	SignInAssistant	0	None
    Information	7/29/2012 8:58:44 AM	SignInAssistant	0	None
    Information	7/29/2012 8:58:44 AM	SignInAssistant	0	None
    Information	7/29/2012 8:58:43 AM	WMI	5615	None
    Information	7/29/2012 8:58:42 AM	SkypeUpdate	100	Service Events
    Information	7/29/2012 8:58:41 AM	RegSrvc	0	None
    Warning	7/29/2012 8:58:41 AM	LMS	1	None
    Information	7/29/2012 8:58:41 AM	LMS	0	None
    Information	7/29/2012 8:58:40 AM	AdobeARMservice	0	None
    Information	7/29/2012 8:58:37 AM	User Profile Service	1531	None
    Information	7/29/2012 8:58:37 AM	EventSystem	4625	None
    Information	7/29/2012 8:57:50 AM	User Profile Service	1532	None
    Warning	7/29/2012 8:57:46 AM	User Profile Service	1530	None
    Information	7/29/2012 8:57:46 AM	Winlogon	6000	None
    Information	7/29/2012 8:57:46 AM	Desktop Window Manager	9009	None
    Information	7/29/2012 8:51:10 AM	Windows Error Reporting	1001	None
    Information	7/29/2012 8:51:02 AM	Windows Error Reporting	1001	None
    Error	7/29/2012 8:50:57 AM	Application Error	1000	(100)
    Information	7/29/2012 8:50:55 AM	Windows Error Reporting	1001	None
    Information	7/29/2012 8:42:35 AM	Security-SPP	903	None
    Information	7/29/2012 8:38:49 AM	Desktop Window Manager	9019	None
    Information	7/29/2012 8:38:49 AM	Winlogon	6000	None
    Information	7/29/2012 8:38:49 AM	Winlogon	4101	None
    Information	7/29/2012 8:37:40 AM	Security-SPP	902	None
    Information	7/29/2012 8:37:40 AM	Security-SPP	1003	None
    Information	7/29/2012 8:37:40 AM	Security-SPP	1066	None
    Information	7/29/2012 8:37:39 AM	SecurityCenter	1	None
    Information	7/29/2012 8:37:35 AM	UNS	2000	UNS
    Information	7/29/2012 8:37:18 AM	Security-SPP	900	None
    Information	7/29/2012 8:36:28 AM	SkypeUpdate	101	Service Events
    Information	7/29/2012 8:36:27 AM	SkypeUpdate	103	Service Events
    Information	7/29/2012 8:35:24 AM	Windows Error Reporting	1001	None
    Information	7/29/2012 8:35:21 AM	Windows Error Reporting	1001	None
    Information	7/29/2012 8:35:13 AM	Windows Error Reporting	1001	None
    Information	7/29/2012 8:35:07 AM	Windows Error Reporting	1001	None
    Information	7/29/2012 8:34:40 AM	Search	1003	Search service
    Information	7/29/2012 8:34:37 AM	ESENT	302	Logging/Recovery
    Information	7/29/2012 8:34:32 AM	WMI	5617	None
    Information	7/29/2012 8:34:32 AM	ESENT	301	Logging/Recovery
    Information	7/29/2012 8:34:32 AM	ESENT	300	Logging/Recovery
    Information	7/29/2012 8:34:31 AM	EvtEng	0	None
    Information	7/29/2012 8:34:31 AM	ESENT	102	General
    Information	7/29/2012 8:34:29 AM	SignInAssistant	0	None
    Information	7/29/2012 8:34:29 AM	SignInAssistant	0	None
    Information	7/29/2012 8:34:29 AM	SignInAssistant	0	None
    Information	7/29/2012 8:34:29 AM	WMI	5615	None
    Information	7/29/2012 8:34:27 AM	SkypeUpdate	100	Service Events
    Information	7/29/2012 8:34:27 AM	RegSrvc	0	None
    Warning	7/29/2012 8:34:26 AM	LMS	1	None
    Information	7/29/2012 8:34:26 AM	LMS	0	None
    Information	7/29/2012 8:34:26 AM	AdobeARMservice	0	None
    Information	7/29/2012 8:34:23 AM	User Profile Service	1531	None
    Information	7/29/2012 8:34:23 AM	EventSystem	4625	None
    
     
  5. Marcos

    Marcos Eset Staff Account

    Joined:
    Nov 22, 2002
    Posts:
    14,374
    When running a scan with ecls, you can use the /log-all switch to enable logging of all scanned objects.
     
Thread Status:
Not open for further replies.