Update 3449 and Lenovo Access Connections

Discussion in 'ESET NOD32 Antivirus' started by MorgothsBalrog, Sep 17, 2008.

Thread Status:
Not open for further replies.
  1. MorgothsBalrog

    MorgothsBalrog Registered Member

    Joined:
    Sep 17, 2008
    Posts:
    2
    I believe update 3449 (20080917) has caused a conflict with Lenovo Access Connections 5.02 on Windows Vista Ultimate 64-bit. Upon boot, ekrn chews up at least 50% of the CPU and refuses to let Access Connections load. Disabling NOD32 resolves the problem, but obviously this is a poor solution. Any advice?
     
  2. GAN

    GAN Registered Member

    Joined:
    Mar 3, 2007
    Posts:
    355
    I had a similar issue with Nod32 2.7 and Access Connections because of a logfile that is created/changed by Windows when Access connections is started or a profile is applied. I had to make a change in Windows registry to disable the logging or exclude realtime scanning of that file to solve the problem. Using nod32 2.7 it's easier to find out since i could see what file that is being scanned. Using nod32 3.0 i don't think you can actually see what file is being scanned. I'm pretty sure the .log file is located under the Windows directory though.
    The logfile is not created by AC. It's created by Windows and AC is probably using the Windows API to make some system calls which is the reason why Windows create this logfile.

    Not sure if this is the same problem, but you could try to exclude the scanning of all *.log files under the Windows directoyr to see if there is any change. If that solve the problem i'm sure you have the same problem.
     
  3. MorgothsBalrog

    MorgothsBalrog Registered Member

    Joined:
    Sep 17, 2008
    Posts:
    2
    I grabbed a copy of Sysinternals' Process Monitor and checked out what was causing the fight. Turns out it was a logfile in C:\Users\Public\Documents called AccConAdvanced.html

    It looks like a fairly bog standard logfile, but for some reason NOD32 just decided there was something dodgy about it. I added it to my exclusions list for realtime scanning and all is well. It would still be nice to have a more definitive solution but such is life...

    Here's a snippet of its contents:
    Code:
    LOG ENTRIES	=============Access Connections=======================
    Environment :
    OS : Microsoft Windows Vista Professional Service Pack 1 (Build 6001) 
    AC : 5.02
    Initialize Date And Time :[9/18/2008]12:37:52:908 
    Active Profile Name : RIT Wired
    Active Adapter : PCI\VEN_8086&DEV_10F5&SUBSYS_20EE17AA
    =============================================================
    	=============Device Information======================= 
    Description : ThinkPad Modem Adapter
    Type : Modem Device
    DriverVersion : 7.73. 0. 0
    PNPID : HDAUDIO\FUNC_02&VEN_14F1&DEV_5051&SUBSYS_17AA20FC
    
    Description : Intel(R) 82567LM Gigabit Network Connection
    Type : Wired LAN Adapter
    DriverVersion : 9.52. 9. 0
    PNPID : PCI\VEN_8086&DEV_10F5&SUBSYS_20EE17AA
    
    Description : Intel(R) WiFi Link 5300 AGN
    Type : Wireless LAN Adapter
    DriverVersion : 12. 0. 0.82
    PNPID : PCI\VEN_8086&DEV_4236&SUBSYS_10118086
    
    Description : Microsoft Windows Mobile Remote Adapter
    Type : Wired LAN Adapter
    DriverVersion : 6. 1.53. 0
    PNPID : USB\VID_0BB4&PID_0B04\
    
    =============================================================
    	Ok AcSvc( SYSTEM(Prvlg).2520.3656) [9/18]12:37:40:310 AcAdapter::DecreamentUsageCount(): Lock acquired for PCI\VEN_8086&DEV_4236&SUBSYS_10118086
    	Ok ACGadgetWrapper( alex(Prvlg).3568.4444) [9/18]12:37:41:142 AcSvcGetProfileStatus: Entry
    	Ok AcSvc( SYSTEM(Prvlg).2520.3656) [9/18]12:37:54:357 AcAdapter::DecreamentUsageCount(): Lock released for PCI\VEN_8086&DEV_4236&SUBSYS_10118086. The usage count has become =0
    	Ok AcSvc( SYSTEM(Prvlg).2520.3656) [9/18]12:37:54:358 AcSvcIntf.GetRadioStatus: RadioState=2, Exit with code 0
    	Ok AcSvc( SYSTEM(Prvlg).2520.5348) [9/18]12:37:54:358 GetProfileStatus: ENtry for profile RIT Wired
    	Ok ACWLIcon( alex(Prvlg).3620.3624) [9/18]12:37:54:360 AcSvcGetRadioStatus: Exit
    	Ok ACWLIcon( alex(Prvlg).3620.3624) [9/18]12:37:54:361 Get Radio Status returned - radio Off
    	Ok ACWLIcon( alex(Prvlg).3620.3624) [9/18]12:37:54:361 Exiting CWLIcon::UpdateTrayIcon()
    	Ok AcSvc( SYSTEM(Prvlg).2520.5348) [9/18]12:37:54:374 GetProfileStatus: Found valid adpt settings
    	Ok AcSvc( SYSTEM(Prvlg).2520.5348) [9/18]12:37:54:374 GetProfileStatus: Getting adapter object for PCI\VEN_8086&DEV_10F5&SUBSYS_20EE17AA
    	Ok AcSvc( SYSTEM(Prvlg).2520.5348) [9/18]12:37:54:392 AcAdapter::IncreamentUsageCount(): Lock acquired for PCI\VEN_8086&DEV_10F5&SUBSYS_20EE17AA
    	Ok AcSvc( SYSTEM(Prvlg).2520.5348) [9/18]12:37:54:393 AcAdapter::IncreamentUsageCount(): Lock released for PCI\VEN_8086&DEV_10F5&SUBSYS_20EE17AA. The usage count has become =1
    	Ok AcSvc( SYSTEM(Prvlg).2520.5348) [9/18]12:37:54:393 GetProfileStatus: After Getting adapter object for PCI\VEN_8086&DEV_10F5&SUBSYS_20EE17AA
    	Ok AcSvc( SYSTEM(Prvlg).2520.5348) [9/18]12:37:54:394 GetProfileStatus: Getting Ip addressn for PCI\VEN_8086&DEV_10F5&SUBSYS_20EE17AA
    	Ok AcSvc( SYSTEM(Prvlg).2520.5348) [9/18]12:37:54:396 CAcIPMgr::IsValidIp: Valid IP Address => 129.21.144.104 
    	Ok AcSvc( SYSTEM(Prvlg).2520.5348) [9/18]12:37:54:397 CAcIPMgr::GetAdaptersInfo: Adapter information for GUID Intel(R) 82567LM Gigabit Network Connection found. Current IP state is AC_IP_ADDR_VALID
    	Ok AcSvc( SYSTEM(Prvlg).2520.5348) [9/18]12:37:54:397 AcTcpIpServices::IsValidIP(CAcLanSettings LanSettings)) Entry 
    	Ok AcSvc( SYSTEM(Prvlg).2520.5348) [9/18]12:37:54:399 AcTcpIpServices::IsValidIP IpAddress is Valid 
    	Ok AcSvc( SYSTEM(Prvlg).2520.5348) [9/18]12:37:54:400 AcTcpIpServices::IsValidIP Exit 
    	Ok AcSvc( SYSTEM(Prvlg).2520.5348) [9/18]12:37:54:400 GetProfileStatus: Got Ip addressn for PCI\VEN_8086&DEV_10F5&SUBSYS_20EE17AA
    	Ok AcSvc( SYSTEM(Prvlg).2520.5348) [9/18]12:37:54:401 GetProfileStatus: Calling AcTcpIpServices::IsValidIP for PCI\VEN_8086&DEV_10F5&SUBSYS_20EE17AA
    	Ok AcSvc( SYSTEM(Prvlg).2520.5348) [9/18]12:37:54:401 AcProfileStatus::AcSvcIsValidIP(CAcLanSettings LanSettings)) Entry 
    	Ok AcSvc( SYSTEM(Prvlg).2520.5348) [9/18]12:37:54:402 AcProfileStatus::AcSvcIsValidIP IpAddress is Valid 
    	Ok AcSvc( SYSTEM(Prvlg).2520.5348) [9/18]12:37:54:402 AcProfileStatus::AcSvcIsValidIP Exit 
    	Ok AcSvc( SYSTEM(Prvlg).2520.5348) [9/18]12:37:54:403 GetProfileStatus: After calling AcTcpIpServices::IsValidIP for PCI\VEN_8086&DEV_10F5&SUBSYS_20EE17AA
    	Ok AcSvc( SYSTEM(Prvlg).2520.5348) [9/18]12:37:54:403 ### Valid IP address is found 
    	Ok AcSvc( SYSTEM(Prvlg).2520.5348) [9/18]12:37:54:404 AcAdapterCurrentProfile::ReadAcitveProfileName Entry 
    	Ok AcSvc( SYSTEM(Prvlg).2520.5348) [9/18]12:37:54:404 AcAdapterCurrentProfile::ReadAcitveProfileName Active profile is [RIT Wired]
    	Ok AcSvc( SYSTEM(Prvlg).2520.5348) [9/18]12:37:54:404 AcAdapterCurrentProfile::ReadAcitveProfileName Exit
    	Ok AcSvc( SYSTEM(Prvlg).2520.5348) [9/18]12:37:54:405 AcAdapter::DecreamentUsageCount(): Lock acquired for PCI\VEN_8086&DEV_10F5&SUBSYS_20EE17AA
    	Ok AcSvc( SYSTEM(Prvlg).2520.5348) [9/18]12:37:54:405 AcAdapter::DecreamentUsageCount(): Lock released for PCI\VEN_8086&DEV_10F5&SUBSYS_20EE17AA. The usage count has become =0
    	Ok AcSvc( SYSTEM(Prvlg).2520.5348) [9/18]12:37:54:406 GetProfileStatus: Exit for profile RIT Wired. STatus is 1
    	Ok ACGadgetWrapper( alex(Prvlg).3568.4444) [9/18]12:37:54:406 AcSvcGetProfileStatus: Exit
    	Ok ACWLIcon( alex(Prvlg).3620.3624) [9/18]12:37:57:365 Inside CWLIcon::UpdateTrayIcon()
    	Ok ACWLIcon( alex(Prvlg).3620.3624) [9/18]12:37:57:365 Calling AcSvcGetRadioStatus()
    	Ok ACWLIcon( alex(Prvlg).3620.3624) [9/18]12:37:57:366 AcSvcGetRadioStatus: Entry
    	Ok AcSvc( SYSTEM(Prvlg).2520.5348) [9/18]12:37:57:367 AcSvcIntf.GetRadioStatus: Entry
    	Ok AcSvc( SYSTEM(Prvlg).2520.5348) [9/18]12:37:57:367 AcAdapter::IncreamentUsageCount(): Lock acquired for PCI\VEN_8086&DEV_4236&SUBSYS_10118086
    	Ok AcSvc( SYSTEM(Prvlg).2520.5348) [9/18]12:37:57:368 AcAdapter::IncreamentUsageCount(): Lock released for PCI\VEN_8086&DEV_4236&SUBSYS_10118086. The usage count has become =1
    	Ok AcSvc( SYSTEM(Prvlg).2520.5348) [9/18]12:37:57:368 AcVistaWlAutoconfig::GetRadioStateInDriver Entry
    	Ok AcSvc( SYSTEM(Prvlg).2520.5348) [9/18]12:37:57:369 CAcVistaWlAutoconfig::GetRadiostateindriver Turned OFF for phy type:1
    	Ok AcSvc( SYSTEM(Prvlg).2520.5348) [9/18]12:37:57:370 CAcVistaWlAutoconfig::GetRadiostateindriver Turned OFF for phy type:2
    	Ok AcSvc( SYSTEM(Prvlg).2520.5348) [9/18]12:37:57:370 CAcVistaWlAutoconfig::GetRadiostateindriver Turned OFF for phy type:3
    	Ok AcSvc( SYSTEM(Prvlg).2520.5348) [9/18]12:37:57:371 AcVistaWlAutoconfig::GetRadioStateInDriver Exit
    	Ok AcSvc( SYSTEM(Prvlg).2520.5348) [9/18]12:37:57:371 AcAdapter::DecreamentUsageCount(): Lock acquired for PCI\VEN_8086&DEV_4236&SUBSYS_10118086
    	Ok AcSvc( SYSTEM(Prvlg).2520.5348) [9/18]12:37:57:373 AcAdapter::DecreamentUsageCount(): Lock released for PCI\VEN_8086&DEV_4236&SUBSYS_10118086. The usage count has become =0
    	Ok AcSvc( SYSTEM(Prvlg).2520.5348) [9/18]12:37:57:373 AcSvcIntf.GetRadioStatus: RadioState=2, Exit with code 0
    	Ok ACWLIcon( alex(Prvlg).3620.3624) [9/18]12:37:57:374 AcSvcGetRadioStatus: Exit
    	Ok ACWLIcon( alex(Prvlg).3620.3624) [9/18]12:37:57:375 Get Radio Status returned - radio Off
    	Ok ACWLIcon( alex(Prvlg).3620.3624) [9/18]12:37:57:408 Exiting CWLIcon::UpdateTrayIcon()
    	Ok ACWLIcon( alex(Prvlg).3620.3624) [9/18]12:38:00:406 Inside CWLIcon::UpdateTrayIcon()
    	Ok ACWLIcon( alex(Prvlg).3620.3624) [9/18]12:38:00:406 Calling AcSvcGetRadioStatus()
    	Ok ACWLIcon( alex(Prvlg).3620.3624) [9/18]12:38:00:407 AcSvcGetRadioStatus: Entry
    	Ok AcSvc( SYSTEM(Prvlg).2520.5348) [9/18]12:38:00:408 AcSvcIntf.GetRadioStatus: Entry
    	Ok AcSvc( SYSTEM(Prvlg).2520.5348) [9/18]12:38:00:408 AcAdapter::IncreamentUsageCount(): Lock acquired for PCI\VEN_8086&DEV_4236&SUBSYS_10118086
    	Ok AcSvc( SYSTEM(Prvlg).2520.5348) [9/18]12:38:00:409 AcAdapter::IncreamentUsageCount(): Lock released for PCI\VEN_8086&DEV_4236&SUBSYS_10118086. The usage count has become =1
    	Ok AcSvc( SYSTEM(Prvlg).2520.5348) [9/18]12:38:00:409 AcVistaWlAutoconfig::GetRadioStateInDriver Entry
    	Ok AcSvc( SYSTEM(Prvlg).2520.5348) [9/18]12:38:00:410 CAcVistaWlAutoconfig::GetRadiostateindriver Turned OFF for phy type:1
    	Ok AcSvc( SYSTEM(Prvlg).2520.5348) [9/18]12:38:00:410 CAcVistaWlAutoconfig::GetRadiostateindriver Turned OFF for phy type:2
    	Ok AcSvc( SYSTEM(Prvlg).2520.5348) [9/18]12:38:00:411 CAcVistaWlAutoconfig::GetRadiostateindriver Turned OFF for phy type:3
    	Ok AcSvc( SYSTEM(Prvlg).2520.5348) [9/18]12:38:00:411 AcVistaWlAutoconfig::GetRadioStateInDriver Exit
    	Ok AcSvc( SYSTEM(Prvlg).2520.5348) [9/18]12:38:00:412 AcAdapter::DecreamentUsageCount(): Lock acquired for PCI\VEN_8086&DEV_4236&SUBSYS_10118086
    	Ok AcSvc( SYSTEM(Prvlg).2520.5348) [9/18]12:38:00:413 AcAdapter::DecreamentUsageCount(): Lock released for PCI\VEN_8086&DEV_4236&SUBSYS_10118086. The usage count has become =0
    	Ok AcSvc( SYSTEM(Prvlg).2520.5348) [9/18]12:38:00:413 AcSvcIntf.GetRadioStatus: RadioState=2, Exit with code 0
    	Ok ACWLIcon( alex(Prvlg).3620.3624) [9/18]12:38:00:414 AcSvcGetRadioStatus: Exit
    	Ok ACWLIcon( alex(Prvlg).3620.3624) [9/18]12:38:00:414 Get Radio Status returned - radio Off
    	Ok ACWLIcon( alex(Prvlg).3620.3624) [9/18]12:38:00:414 Exiting CWLIcon::UpdateTrayIcon()
    	Ok ACWLIcon( alex(Prvlg).3620.3624) [9/18]12:38:03:415 Inside CWLIcon::UpdateTrayIcon()
    	Ok ACWLIcon( alex(Prvlg).3620.3624) [9/18]12:38:03:415 Calling AcSvcGetRadioStatus()
    	Ok ACWLIcon( alex(Prvlg).3620.3624) [9/18]12:38:03:416 AcSvcGetRadioStatus: Entry
    	Ok AcSvc( SYSTEM(Prvlg).2520.5348) [9/18]12:38:03:417 AcSvcIntf.GetRadioStatus: Entry
    
     
    Last edited: Sep 18, 2008
Thread Status:
Not open for further replies.