Vista freezes when accessing WebDAV Folders

Discussion in 'ESET NOD32 Antivirus' started by Kosh, Sep 24, 2008.

Thread Status:
Not open for further replies.
  1. Kosh

    Kosh Registered Member

    Joined:
    Sep 24, 2008
    Posts:
    10
    Greetings everyone.

    As the topic says, everytime I work on a WebDAV Folder (e.g. MS Sharepoint, iPhone via AirShare) with Windows Explorer, Windows Vista freezes. I cant do anything except turning my PC off.

    Strange thing is, if I turn off NOD32 Realtime-Protection, WebDAV Access works like a charm. Also this problem doesnt exist on XP Clients with the same NOD32 Version.

    Atm we are running NOD32 Antivirus Business 3.0.642.0.

    I also tried reinstalling Vista and applying SP1. Nothing worked.

    Any ideas?
     
  2. Marcos

    Marcos Eset Staff Account

    Joined:
    Nov 22, 2002
    Posts:
    14,374
    Does setting the real-time protection to scan only files with default extensions (ie. files that can potentially carry malicious code) make a difference? Would it be possible for you to generate a full memory dump from the moment when the system freezes?
     
  3. Kosh

    Kosh Registered Member

    Joined:
    Sep 24, 2008
    Posts:
    10
    I went to NOD32 Control Panel, Settings -> Advanced Settings -> Realtime-Protection -> ThreatSense Settings -> Configure.

    There under "extensions" I unticked "scan all files".
    (I am translating this from the german nod-version so this might be not 100% exact ;) )

    And wohoo, seems to work perfect now!

    Thanks a lot !!!

    How much does this setting increase the risk of getting my system infected?
     
  4. Marcos

    Marcos Eset Staff Account

    Joined:
    Nov 22, 2002
    Posts:
    14,374
    I assume the problem could be that certain application is continually writing into a large log which is subsequently scanned by the real-time protection. Could you try enabling scan of all files again and exclude just files with the "log" extension from scanning? Let me know if it works then too. I'd highly appreciate if you could cooperate with us, replicate the problem and create a complete memory dump for us.
     
  5. Kosh

    Kosh Registered Member

    Joined:
    Sep 24, 2008
    Posts:
    10
    Well since the "application" i use for browsing webdav is windows explorer, i dont think the problem lies within logfile scanning, but ok...

    I will try your suggestion soon and give you the needed info.

    Could you tell me how I can generate the requested memory dump?
     
  6. Kosh

    Kosh Registered Member

    Joined:
    Sep 24, 2008
    Posts:
    10
  7. davidrendall

    davidrendall Registered Member

    Joined:
    Oct 7, 2008
    Posts:
    1
    I'm experiencing the same problem. Any access of webdav folder using either the built-in Vista webdav client or even WebDrive results in all programs hanging on the computer. The mouse pointer still works, alt+tab works, and the machine is still responsive over the network. However Ctl+alt+del does nothing, ctl+shift+esc does nothing. No errors in Event Viewer. The only possible action is to force a hardware reset. So it's extremely difficult to diagnose the problem. However, as the first poster pointed out, disabling on-access file scanning in Nod32 fixes the problem. I tried mapping a drive using webdrive then excluding the drive from on-access scanning, but it made no difference, still hung everything in the same way. Very frustrating - I've wasted a lot of time getting to the point where I realised it was Nod32, and lost some work as a result of programs hanging.
     
  8. ronjor

    ronjor Global Moderator

    Joined:
    Jul 21, 2003
    Posts:
    57,734
    Location:
    Texas
    One off topic post removed.
     
  9. erikr

    erikr Registered Member

    Joined:
    Oct 17, 2008
    Posts:
    1
    I am the server engineer for the Air Sharing WebDAV server product for iPhone. I would be happy to set up a public WebDAV server for the NOD32 engineers to test against in hopes of reproducing the problem and finding a fix.

    Let me know if I can be of assistance.

    Erik
    --
    Erik Rogers, Sr. Software Engineer
    Avatron Software, Inc.
     
  10. Kosh

    Kosh Registered Member

    Joined:
    Sep 24, 2008
    Posts:
    10
    Any update on this?

    Yesterday I copied some PDFs via WebDav to out Sharepoint Server. My computer froze again.

    Scanning all files is disabled for realtime scanning.
     
  11. nonoise

    nonoise Registered Member

    Joined:
    Jun 6, 2008
    Posts:
    322
    I know its going to sound lame but did you try it with NOD32 3.0.672?
     
  12. Geary

    Geary Registered Member

    Joined:
    May 27, 2008
    Posts:
    4
    I encountered the exact same problem as davidrendall, the first day I tried NOD32 3.0.669.0 64-bit version with WebDrive 8.22 on a Vista x64 system. It makes NOD32 useless to me, since I absolutely depend on WebDrive for my work.

    Disabling NOD32 fixed the problem, but now it has a red tray icon and keeps popping up annoying messages telling me I'm not protected. I will probably just uninstall the thing, since WebDrive is much more important to me.

    I've never gotten a virus anyway, and was only trying NOD32 after bragging to a friend about how I've never used antivirus software and have never gotten a virus. He suggested that I might have gotten infected without realizing it. I was happy that NOD32 confirmed that there were no viruses on my system, less happy when NOD32 itself caused me more problems than any virus ever did.

    What is the 3.0.672 version that nonoise suggested? It was only 2-3 days ago that I downloaded the trial version from eset.com and it was 3.0.669.0.
     
  13. Geary

    Geary Registered Member

    Joined:
    May 27, 2008
    Posts:
    4
    Hmm... It appears that the problem with WebDrive and NOD32 version3 was first reported over a year ago in another thread:

    https://www.wilderssecurity.com/showthread.php?t=193226

    The only suggestion in that thread was to use version 2 of NOD32 instead of version 3.

    I would think that one year should be enough time to fix a critical problem like this that hangs your computer with data loss.

    Would anyone from ESET care to comment on this?
     
  14. funkydude

    funkydude Registered Member

    Joined:
    Apr 5, 2004
    Posts:
    6,852
    Unless they don't have sufficient information on how to replicate the problem and are just as stumped as you are? Not sure, never used WebDAV.
     
  15. Geary

    Geary Registered Member

    Joined:
    May 27, 2008
    Posts:
    4
    There's no indication that anyone from ESET has even tried to repro the bug. Given that another user in the other thread experienced the exact same symptoms that I did, I suspect that it is this simple:

    Install Vista x64.

    Install WebDrive.

    Install NOD32 64 bit version.

    Open a remote SFTP site with WebDrive and open a couple of folders.

    If anyone at ESET would like to try that, I would be interested to hear the results. I would also be happy to assist in the troubleshooting in any way I can.

    But given that the bug was first reported over a year ago and it doesn't appear that there has been any attempt to repro it, I'm not hopeful.

    Note that the same problem occurs with either WebDAV or with WebDrive and an SFTP site. This strongly suggests that the problem is with NOD32, not WebDrive.
     
    Last edited: Dec 14, 2008
  16. ronjor

    ronjor Global Moderator

    Joined:
    Jul 21, 2003
    Posts:
    57,734
    Location:
    Texas
  17. Geary

    Geary Registered Member

    Joined:
    May 27, 2008
    Posts:
    4
    At the risk of sounding argumentative, I didn't say that no one from ESET posted any suggestions. What I said was that there was no indication that anyone from ESET made any attempt to reproduce the bug.

    So about those suggestions:

    The bug still occurs. In any case, there are no log files in the remote directory I opened in WebDrive, and no program is writing to any files in that directory.

    It makes no difference. The bug still occurs.

    Turning off real-time protection completely does prevent the bug from happening.

    Given that the system is frozen at this point, I'm not sure how I would accomplish this. Even if I could, I don't know if I would want to, since this memory dump would be likely to contain confidential information such as the login credentials to my SFTP server.

    Speaking as a developer myself, if this were a bug in my own software, I wouldn't be asking for a memory dump. I'd be asking how I could reproduce the problem. That's a much more effective way to troubleshoot it.

    When a system hang data loss bug with two straightforward repro cases (WebDAV and WebDrive) has been outstanding for over a year, isn't it reasonable to expect that the software vendor would make some attempt to reproduce it - especially considering that this is security software whose sole purpose is to protect your system from harm?
     
    Last edited: Dec 14, 2008
  18. agoretsky

    agoretsky Eset Staff Account

    Joined:
    Apr 4, 2006
    Posts:
    4,032
    Location:
    California
    Hello,

    ESET Smart Security and ESET NOD32 Antivirus v4.0 public beta 1 interface a little differently than previous versions of the software under Microsoft Windows Vista. Would you mind installing the test version and seeing if you can reproduce the problem with it?

    Regards,

    Aryeh Goretsky
     
  19. Kosh

    Kosh Registered Member

    Joined:
    Sep 24, 2008
    Posts:
    10
    I am running version 4.0.68.0 now.

    Good thing is: Axis Network Cameras are working now, without the need of making an http-exclusion in NOD32.

    Bad thing: WebDAV still crashes my pc.
    I opened a WebDAV Folder in Windows Vista Explorer, startet to copy about 400 MB to my local pc, and after 10 to 20 seconds vista froze.

    So v4 Beta1 seems to be no solution.
     
  20. unclejohn

    unclejohn Eset Staff

    Joined:
    Nov 20, 2008
    Posts:
    13
    Hi everybody,
    a short testing of WebDAV using ESS_v.4.0.417.0 together with WebDrive despite the reports here is surprisingly running fine. Have a look at the proof attached. The testing machine has been in no way specifically modified (intel core2 quad q9300@2.5GHz + 2GB RAM + 64bit VistaUltimate_SP1 + Realtek RTL8168C/8111C), on the contrary - it's a messy crashtest-dummy that already survived a few un/install procedures of products that we examine for conflicts. Maybe you should give it a try with the latest build of ESS or inspect your computer further (like updating network drivers etc.).
     

    Attached Files:

Thread Status:
Not open for further replies.