You are not logged in.

Saturday, July 26th 2014, 1:09pm

The Avira Forum will be moved to the new platform Avira Answers soon. We'll make the transition of existing user profiles and threads as smooth as possible.
New visitors are able to log in on Avira Answers with the existing Avira account directly or sign up with a new account.

  • "rcm578" started this thread

Date of registration:
Jun 23rd 2008

Operating System:
Vista Ultimate 64bit

  • Send private message

1

Wednesday, July 16th 2008, 9:47pm

Avira Scan Freezes

Hi when doing full system scan the pc freezes, this does not happen when using safe mode.
I'm using Avira Premium Security v8 on Vista Ultimate 64bit system.
Would like some help on this please.

Richard :(

Barrie

Community member

Date of registration:
Jan 31st 2006

Version:
none

Operating System:
Mac OS X 10.8.3

  • Send private message

2

Thursday, July 17th 2008, 1:49am

Hi Richard,

Is there any indication of the file that the scan stops at, IE is it the same file each time?


Regards
Barrie
Cordialement - Grüße and Regards.

[Avira Tech Blog - Avira VL Virusscan.jotti -HijackThis - - Avira tools - Online shop - Avira safe mode scan
Sorry NO support via PM > Kein Support über PN > Aucun support par message privé.

Date of registration:
Feb 18th 2006

Operating System:
XP SP3, Vista SP1, Kubuntu 9.04 and a heavily modified puppy on a stick!

  • Send private message

3

Thursday, July 17th 2008, 1:49am

Hello Richard,

Does the scan always freeze on the same file, and if so could you tell us which one?

If there is a report file for this scan please post it.

Additionally it may help to post a HijackThis logfile.

It probably won't all fit into one post, so just split it into as many posts as it takes.

Cheers,

Steve

  • "rcm578" started this thread

Date of registration:
Jun 23rd 2008

Operating System:
Vista Ultimate 64bit

  • Send private message

4

Thursday, July 17th 2008, 2:25am

Hi Guys,no it can be any where on my drives, but seems to fail after 40% to 52%, but like i said it works fine in safe mode :?:
I will list a hijackthis log later today.
Thanks for your help in this. :thumbup:

This post has been edited 1 times, last edit by "rcm578" (Jul 17th 2008, 2:26am)


  • "rcm578" started this thread

Date of registration:
Jun 23rd 2008

Operating System:
Vista Ultimate 64bit

  • Send private message

5

Thursday, July 17th 2008, 7:04pm

Hi Here is my Hijackthis log:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:54:16, on 17/07/2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v8.00 (8.00.6001.17184)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
C:\Windows\soundman.exe
D:\Program Files (x86)\Nero\PhotoShow 5\data\Xtras\mssysmgr.exe
C:\Program Files (x86)\Kontiki\KHost.exe
D:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
D:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
D:\Program Files (x86)\Acronis\TrueImageHome\TimounterMonitor.exe
C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files (x86)\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files (x86)\Common Files\Logishrd\LComMgr\Communications_Helper.exe
D:\Program Files (x86)\Logitech\QuickCam\Quickcam.exe
E:\Program Files (x86)\Adobe\Reader 8.0\Reader\reader_sl.exe
D:\Program Files (x86)\iTunes\iTunesHelper.exe
D:\opti-safe-ups\Sentinel.exe
D:\Program Files (x86)\IVT Corporation\BlueSoleil\BtTray.exe
G:\Program Files (x86)\AMD\AMD Power Monitor\AMD_PwrMon.exe
C:\Program Files (x86)\Hp\HP Software Update\hpwuSchd2.exe
C:\Program Files (x86)\Common Files\Logishrd\LQCVFX\COCIManager.exe
D:\Program Files\Logitech\SetPoint\x86\SetPoint32.exe
C:\Program Files (x86)\PC Connectivity Solution\Transports\NclIVTBTSrv.exe
C:\Program Files (x86)\Common Files\Nokia\MPAPI\MPAPI3s.exe
G:\HiJackThis\hijackthis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.sky.com/skynews
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60327
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://dnl.crawler.com/support/sa_customize.aspx?TbId=60327
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60327
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://dnl.crawler.com/support/sa_customize.aspx?TbId=60327
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = This is Ricado's Master Pc.
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: RCM578 Toolbar - {5b0884a7-d9a7-44f0-b837-abf97e11f144} - C:\Program Files (x86)\RCM578\tbRCM1.dll
F2 - REG:system.ini: UserInit=userinit.exe
O1 - Hosts: ::1 localhost
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {206E52E0-D52E-11D4-AD54-0000E86C26F6} - G:\PROGRA~2\FRESHD~1\FRESHD~1\FDCatch.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\PROGRA~2\Skype\Phone\IEPlugin\SKYPEI~1.DLL
O2 - BHO: flashget urlcatch - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - H:\Program Files\FlashGet\jccatch.dll
O2 - BHO: RCM578 Toolbar - {5b0884a7-d9a7-44f0-b837-abf97e11f144} - C:\Program Files (x86)\RCM578\tbRCM1.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - E:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: FlashGet GetFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - H:\Program Files\FlashGet\getflash.dll
O3 - Toolbar: RCM578 Toolbar - {5b0884a7-d9a7-44f0-b837-abf97e11f144} - C:\Program Files (x86)\RCM578\tbRCM1.dll
O3 - Toolbar: FreshDownload Bar - {ED0E8CA5-42FB-4B18-997B-769E0408E79D} - G:\PROGRA~2\FRESHD~1\FRESHD~1\fdiebar.dll

  • "rcm578" started this thread

Date of registration:
Jun 23rd 2008

Operating System:
Vista Ultimate 64bit

  • Send private message

6

Thursday, July 17th 2008, 7:05pm

O4 - HKLM\..\Run: [TrueImageMonitor.exe] D:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
O4 - HKLM\..\Run: [AcronisTimounterMonitor] D:\Program Files (x86)\Acronis\TrueImageHome\TimounterMonitor.exe
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [amd_dc_opt] D:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe
O4 - HKLM\..\Run: [FlingRun] "C:\Program Files (x86)\NCH Software\Fling\fling.exe" -logon
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files (x86)\Common Files\LogiShrd\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "D:\Program Files (x86)\Logitech\QuickCam\Quickcam.exe" /hide
O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "E:\Program Files (x86)\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "D:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [UPSMON] D:\opti-safe-ups\Sentinel.exe
O4 - HKLM\..\Run: [BtTray] "D:\Program Files (x86)\IVT Corporation\BlueSoleil\BtTray.exe"
O4 - HKLM\..\Run: [AMD_Display] "G:\Program Files (x86)\AMD\AMD Power Monitor\AMD_PwrMon.exe"
O4 - HKLM\..\Run: [TomTomHOME.exe] "d:\Program Files (x86)\TomTom HOME\TomTomHOME.exe" -s
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [kdx] "C:\Program Files (x86)\Kontiki\KHost.exe" -all
O4 - HKLM\..\Run: [GrooveMonitor] "E:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [StartCCC] "d:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [avgnt] "D:\Program Files (x86)\Avira\Avira Premium Security Suite\avgnt.exe" /min
O4 - HKCU\..\Run: [ISUSPM Startup] C:\PROGRA~2\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe -startup
O4 - HKCU\..\Run: [Nero PhotoShow Media Manager] D:\PROGRA~2\Nero\PHOTOS~1\data\Xtras\mssysmgr.exe
O4 - HKCU\..\Run: [PC Suite Tray] "D:\Program Files (x86)\Nokia\Nokia PC Suite 6\PCSuite.exe" -onlytray
O4 - HKCU\..\Run: [Nokia.PCSync] "D:\Program Files (x86)\Nokia\Nokia PC Suite 6\PCSync2.exe" /NoDialog
O4 - HKCU\..\Run: [kdx] C:\Program Files (x86)\Kontiki\KHost.exe -all
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files (x86)\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [Nokia.PCSync] "D:\Program Files (x86)\Nokia\Nokia PC Suite 6\PcSync2.exe" /NoDialog (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Nokia.PCSync] "D:\Program Files (x86)\Nokia\Nokia PC Suite 6\PcSync2.exe" /NoDialog (User 'Default user')
O4 - Startup: BOINC System Tray.lnk = H:\Program Files\BOINC\boinctray.exe
O4 - Startup: Yahoo! Widget Engine.lnk = D:\Program Files (x86)\Yahoo!\Widgets\YahooWidgetEngine.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = D:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: Logitech SetPoint.lnk = ?
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: &Download All with FlashGet - H:\Program Files\FlashGet\jc_all.htm
O8 - Extra context menu item: &Download with FlashGet - H:\Program Files\FlashGet\jc_link.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://E:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files (x86)\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files (x86)\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - E:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - E:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\PROGRA~2\Skype\Phone\IEPlugin\SKYPEI~1.DLL
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - E:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: FreshDownload - {B1B84345-6FF3-40C6-A80F-2F1B32C7457E} - G:\Program Files (x86)\FreshDevices\FreshDownload\fd.exe
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - H:\Program Files\FlashGet\FlashGet.exe
O9 - Extra 'Tools' menuitem: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - H:\Program Files\FlashGet\FlashGet.exe
O13 - Gopher Prefix:
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5) - http://upload.facebook.com/controls/FacebookPhotoUploader5.cab
O16 - DPF: {0E8D0700-75DF-11D3-8B4A-0008C7450C4A} (DjVuCtl Class) - http://www.lizardtech.com/download/files/win/djvuplugin/en_US/DjVuControl_en_US.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files (x86)\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {3860DD98-0549-4D50-AA72-5D17D200EE10} (Windows Live OneCare safety scanner control) - http://cdn.scan.onecare.live.com/resource/download/scanner/en-gb/wlscctrl2.cab
O16 - DPF: {60EFC337-15C2-4369-B2A0-3429B071D8B8} (Hewlett-Packard Printer Diagnostics) - http://h50203.www5.hp.com/HPISWeb/Customer/cabs/HPISWebManager.CAB
O16 - DPF: {6B75345B-AA36-438A-BBE6-4078B4C6984D} (HpProductDetection Class) - http://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection.cab
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://dl8-cdn-01.sun.com/s/ESD44/JSCDL/jdk/6u7/jinstall-6u7-windows-i586-jc.cab?e=1216254956549&h=166dfd59bf7aee46b20785ccd1af46ef/&filename=jinstall-6u7-windows-i586-jc.cab
O16 - DPF: {A796D216-2DE1-4EA8-BABB-FE6E7C959098} (HPSDDX Class) - http://www.hp.com/cpso-support-new/SDD/hpsddObjSigned.cab
O16 - DPF: {CB50428B-657F-47DF-9B32-671F82AA73F7} (Photodex Presenter AX control) - http://www.photodex.com/pxplay.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {E8F628B5-259A-4734-97EE-BA914D7BE941} (Driver Agent ActiveX Control) - http://www.driveragent.com/files/driveragent.cab
O16 - DPF: {F09BFD07-20B5-46D8-A6D5-BE4EF22F1F4D} (DGTx.uc1) - http://69.57.132.82/DGTx.CAB

  • "rcm578" started this thread

Date of registration:
Jun 23rd 2008

Operating System:
Vista Ultimate 64bit

  • Send private message

7

Thursday, July 17th 2008, 7:06pm

O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - d:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - E:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Avira Premium Security Suite Firewall (AntiVirFirewallService) - Avira GmbH - D:\Program Files (x86)\Avira\Avira Premium Security Suite\avfwsvc.exe
O23 - Service: Avira Premium Security Suite MailGuard (AntiVirMailService) - Avira GmbH - D:\Program Files (x86)\Avira\Avira Premium Security Suite\avmailc.exe
O23 - Service: Avira Premium Security Suite Scheduler (AntiVirScheduler) - Avira GmbH - D:\Program Files (x86)\Avira\Avira Premium Security Suite\sched.exe
O23 - Service: Avira Premium Security Suite Guard (AntiVirService) - Avira GmbH - D:\Program Files (x86)\Avira\Avira Premium Security Suite\avguard.exe
O23 - Service: Avira Premium Security Suite WebGuard (antivirwebservice) - Avira GmbH - D:\Program Files (x86)\Avira\Avira Premium Security Suite\AVWEBGRD.EXE
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati External Event Utility - Unknown owner - C:\Windows\system32\Ati2evxx.exe (file missing)
O23 - Service: Avira Premium Security Suite MailGuard helper service (AVEService) - Avira GmbH - D:\Program Files (x86)\Avira\Avira Premium Security Suite\avesvc.exe
O23 - Service: BlueSoleilCS - Unknown owner - D:\Program Files (x86)\IVT Corporation\BlueSoleil\BlueSoleilCS.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
O23 - Service: BsHelpCS - Unknown owner - D:\Program Files (x86)\IVT Corporation\BlueSoleil\BsHelpCS.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Fling Service (FlingService) - Unknown owner - C:\Program Files (x86)\NCH Software\Fling\fling.exe
O23 - Service: FolderProtectService - Unknown owner - F:\Program Files (x86)\Spotmau WinCares 2007\FolderProtectService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files (x86)\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: KService - Kontiki Inc. - C:\Program Files (x86)\Kontiki\KService.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\Logitech\Bluetooth\LBTServ.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVCSer64.exe
O23 - Service: Process Monitor (LVPrcS64) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NMIndexingService - Nero AG - C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: OPTISAFEService - Unknown owner - D:\opti-safe-ups\OPTISAFE_Service.Exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files (x86)\WinPcap\rpcapd.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: ServiceLayer - Nokia. - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 17952 bytes
Hope this helps.

Richard :(

  • "Radu Gheorghe" has been banned

Date of registration:
May 22nd 2006

Operating System:
Windows

  • Send private message

8

Friday, July 18th 2008, 9:10am

Hello Richard,

Your log looks clean to me. However, can you give us more details about the freeze? Like, for example, does it just stay there, scanning the same file? Or does the window get white, saying "not responding"?

Also, please post here the scan report file.

Best regards,
Radu Gheorghe
Avira Operations GmbH & Co. KG

  • "rcm578" started this thread

Date of registration:
Jun 23rd 2008

Operating System:
Vista Ultimate 64bit

  • Send private message

9

Friday, July 18th 2008, 11:16pm

Hi Radu

Thak you for getting back with the findings of my log, i belive the fault was with Adobe Dreamweaver CS4 beta.
And also .rbf files in configmsi folder, so i told the scan not to check Adobe and put .rbf into file ext for checking.

here is the scan log report that you asked for.

Premium Security Suite
Report file date: 18 July 2008 21:29

Scanning for 1475814 virus strains and unwanted programs.

Licensed to: Richard Mosey
Serial number: 1100938122-ISECE-0001
Platform: Windows Vista x64 Edition
Windows version: (Service Pack 1) [6.0.6001]
Boot mode: Normally booted
Username: SYSTEM
Computer name: RICHARD-PC

Version information:
BUILD.DAT : 8.1.0.239 27421 Bytes 11/07/2008 12:46:00
AVSCAN.EXE : 8.1.4.7 315649 Bytes 17/07/2008 12:53:09
AVSCAN.DLL : 8.1.4.0 40705 Bytes 17/07/2008 12:53:09
LUKE.DLL : 8.1.4.5 164097 Bytes 17/07/2008 12:53:09
LUKERES.DLL : 8.1.4.0 12033 Bytes 17/07/2008 12:53:09
ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 18/07/2007 11:33:34
ANTIVIR1.VDF : 7.0.5.1 8182784 Bytes 24/06/2008 12:53:10
ANTIVIR2.VDF : 7.0.5.119 1264128 Bytes 15/07/2008 12:53:10
ANTIVIR3.VDF : 7.0.5.138 321536 Bytes 18/07/2008 19:51:05
Engineversion : 8.1.1.11
AEVDF.DLL : 8.1.0.5 102772 Bytes 25/02/2008 10:58:21
AESCRIPT.DLL : 8.1.0.59 307579 Bytes 18/07/2008 19:51:11
AESCN.DLL : 8.1.0.23 119156 Bytes 17/07/2008 12:53:10
AERDL.DLL : 8.1.0.20 418165 Bytes 17/07/2008 12:53:10
AEPACK.DLL : 8.1.2.1 364917 Bytes 17/07/2008 12:53:10
AEOFFICE.DLL : 8.1.0.21 192891 Bytes 18/07/2008 19:51:10
AEHEUR.DLL : 8.1.0.43 1339767 Bytes 18/07/2008 19:51:09
AEHELP.DLL : 8.1.0.15 115063 Bytes 17/07/2008 12:53:10
AEGEN.DLL : 8.1.0.29 307573 Bytes 17/07/2008 12:53:10
AEEMU.DLL : 8.1.0.6 430451 Bytes 17/07/2008 12:53:10
AECORE.DLL : 8.1.1.6 172405 Bytes 17/07/2008 12:53:10
AEBB.DLL : 8.1.0.1 53617 Bytes 17/07/2008 12:53:10
AVWINLL.DLL : 1.0.0.12 15105 Bytes 17/07/2008 12:53:09
AVPREF.DLL : 8.0.2.0 38657 Bytes 17/07/2008 12:53:09
AVREP.DLL : 7.0.0.1 155688 Bytes 16/04/2007 14:26:47
AVREG.DLL : 8.0.0.1 33537 Bytes 17/07/2008 12:53:09
AVARKT.DLL : 1.0.0.23 307457 Bytes 12/02/2008 09:29:23
AVEVTLOG.DLL : 8.0.0.16 119041 Bytes 17/07/2008 12:53:09
SQLITE3.DLL : 3.3.17.1 339968 Bytes 22/01/2008 18:28:02
SMTPLIB.DLL : 1.2.0.23 28929 Bytes 17/07/2008 12:53:09
NETNT.DLL : 8.0.0.1 7937 Bytes 25/01/2008 13:05:10
RCIMAGE.DLL : 8.0.0.51 2904321 Bytes 17/07/2008 12:53:07
RCTEXT.DLL : 8.0.46.0 86273 Bytes 17/07/2008 12:53:07

Configuration settings for the scan:
Jobname..........................: Complete system scan
Configuration file...............: d:\program files (x86)\avira\avira premium security suite\sysscan.avp
Logging..........................: low
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: on
Scan boot sector.................: on
Boot sectors.....................: C:, D:, E:, F:, G:, H:, I:, J:,
Process scan.....................: on
Scan registry....................: on
Search for rootkits..............: off
Scan all files...................: Use file extension list
File extensions..................: +RBF,
Scan archives....................: off
Macro heuristic..................: on
File heuristic...................: medium
Skipped files....................: F:\Program Files\Adobe Dreamweaver CS4, F:\Program Files\Adobe Extension Manager CS4,

Start of the scan: 18 July 2008 21:29

  • "rcm578" started this thread

Date of registration:
Jun 23rd 2008

Operating System:
Vista Ultimate 64bit

  • Send private message

10

Friday, July 18th 2008, 11:17pm

The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'SearchProtocolHost.exe' - '0' Module(s) have been scanned
Scan process 'SearchFilterHost.exe' - '0' Module(s) have been scanned
Scan process 'MPAPI3s.exe' - '1' Module(s) have been scanned
Scan process 'NclIVTBTSrv.exe' - '1' Module(s) have been scanned
Scan process 'NclUSBSrv64.exe' - '0' Module(s) have been scanned
Scan process 'SearchProtocolHost.exe' - '0' Module(s) have been scanned
Scan process 'ServiceLayer.exe' - '1' Module(s) have been scanned
Scan process 'KHALMNPR.exe' - '0' Module(s) have been scanned
Scan process 'SetPoint32.exe' - '1' Module(s) have been scanned
Scan process 'CCC.exe' - '0' Module(s) have been scanned
Scan process 'COCIManager.exe' - '1' Module(s) have been scanned
Scan process 'WmiPrvSE.exe' - '0' Module(s) have been scanned
Scan process 'unsecapp.exe' - '0' Module(s) have been scanned
Scan process 'iPodService.exe' - '1' Module(s) have been scanned
Scan process 'MOM.exe' - '0' Module(s) have been scanned
Scan process 'avgnt.exe' - '1' Module(s) have been scanned
Scan process 'hpwuSchd2.exe' - '1' Module(s) have been scanned
Scan process 'AMD_PwrMon.exe' - '1' Module(s) have been scanned
Scan process 'BtTray.exe' - '1' Module(s) have been scanned
Scan process 'Sentinel.exe' - '1' Module(s) have been scanned
Scan process 'iTunesHelper.exe' - '1' Module(s) have been scanned
Scan process 'reader_sl.exe' - '1' Module(s) have been scanned
Scan process 'Quickcam.exe' - '1' Module(s) have been scanned
Scan process 'Communications_Helper.exe' - '1' Module(s) have been scanned
Scan process 'jusched.exe' - '1' Module(s) have been scanned
Scan process 'issch.exe' - '1' Module(s) have been scanned
Scan process 'TimounterMonitor.exe' - '1' Module(s) have been scanned
Scan process 'boinctray.exe' - '0' Module(s) have been scanned
Scan process 'TrueImageMonitor.exe' - '1' Module(s) have been scanned
Scan process 'mobsync.exe' - '0' Module(s) have been scanned
Scan process 'SetPoint.exe' - '0' Module(s) have been scanned
Scan process 'LogitechDesktopMessenger.exe' - '1' Module(s) have been scanned
Scan process 'KHost.exe' - '1' Module(s) have been scanned
Scan process 'mssysmgr.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '0' Module(s) have been scanned
Scan process 'wmdc.exe' - '0' Module(s) have been scanned
Scan process 'soundman.exe' - '1' Module(s) have been scanned
Scan process 'schedhlp.exe' - '1' Module(s) have been scanned
Scan process 'explorer.exe' - '0' Module(s) have been scanned
Scan process 'dwm.exe' - '0' Module(s) have been scanned
Scan process 'taskeng.exe' - '0' Module(s) have been scanned
Scan process 'LVCSer64.exe' - '0' Module(s) have been scanned
Scan process 'BsHelpCS.exe' - '0' Module(s) have been scanned
Scan process 'avwebgrd.exe' - '1' Module(s) have been scanned
Scan process 'avmailc.exe' - '1' Module(s) have been scanned
Scan process 'SearchIndexer.exe' - '0' Module(s) have been scanned
Scan process 'svchost.exe' - '0' Module(s) have been scanned
Scan process 'sqlwriter.exe' - '0' Module(s) have been scanned
Scan process 'svchost.exe' - '0' Module(s) have been scanned
Scan process 'OPTISAFE_Service.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '0' Module(s) have been scanned
Scan process 'sqlservr.exe' - '1' Module(s) have been scanned
Scan process 'mdm.exe' - '1' Module(s) have been scanned
Scan process 'LVCSer64.exe' - '0' Module(s) have been scanned
Scan process 'LSSrvc.exe' - '1' Module(s) have been scanned
Scan process 'KService.exe' - '1' Module(s) have been scanned
Scan process 'FolderProtectService.exe' - '1' Module(s) have been scanned
Scan process 'mDNSResponder.exe' - '1' Module(s) have been scanned
Scan process 'BlueSoleilCS.exe' - '1' Module(s) have been scanned
Scan process 'avesvc.exe' - '1' Module(s) have been scanned
Scan process 'AppleMobileDeviceService.exe' - '1' Module(s) have been scanned
Scan process 'avguard.exe' - '1' Module(s) have been scanned
Scan process 'avfwsvc.exe' - '1' Module(s) have been scanned
Scan process 'schedul2.exe' - '0' Module(s) have been scanned
Scan process 'svchost.exe' - '0' Module(s) have been scanned
Scan process 'sched.exe' - '1' Module(s) have been scanned
Scan process 'spoolsv.exe' - '0' Module(s) have been scanned
Scan process 'Ati2evxx.exe' - '0' Module(s) have been scanned
Scan process 'svchost.exe' - '0' Module(s) have been scanned
Scan process 'svchost.exe' - '0' Module(s) have been scanned
Scan process 'SLsvc.exe' - '0' Module(s) have been scanned
Scan process 'svchost.exe' - '0' Module(s) have been scanned
Scan process 'audiodg.exe' - '0' Module(s) have been scanned
Scan process 'LVPrS64H.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '0' Module(s) have been scanned
Scan process 'LVPrcSrv.exe' - '0' Module(s) have been scanned
Scan process 'svchost.exe' - '0' Module(s) have been scanned
Scan process 'svchost.exe' - '0' Module(s) have been scanned
Scan process 'Ati2evxx.exe' - '0' Module(s) have been scanned
Scan process 'svchost.exe' - '0' Module(s) have been scanned
Scan process 'svchost.exe' - '0' Module(s) have been scanned
Scan process 'winlogon.exe' - '0' Module(s) have been scanned
Scan process 'lsm.exe' - '0' Module(s) have been scanned
Scan process 'lsass.exe' - '0' Module(s) have been scanned
Scan process 'services.exe' - '0' Module(s) have been scanned
Scan process 'csrss.exe' - '0' Module(s) have been scanned
Scan process 'wininit.exe' - '0' Module(s) have been scanned
Scan process 'csrss.exe' - '0' Module(s) have been scanned
Scan process 'smss.exe' - '0' Module(s) have been scanned
42 processes with 42 modules were scanned

Starting master boot sector scan:
Master boot sector HD0
[INFO] No virus was found!
Master boot sector HD1
[INFO] No virus was found!
Master boot sector HD2
[INFO] No virus was found!

Start scanning boot sectors:
Boot sector 'C:\'
[INFO] No virus was found!
Boot sector 'D:\'
[INFO] No virus was found!
Boot sector 'E:\'
[INFO] No virus was found!
Boot sector 'F:\'
[INFO] No virus was found!
Boot sector 'G:\'
[INFO] No virus was found!
Boot sector 'H:\'
[INFO] No virus was found!
Boot sector 'I:\'
[INFO] No virus was found!
Boot sector 'J:\'
[INFO] No virus was found!

Starting to scan the registry.
The registry was scanned ( '48' files ).


Starting the file scan:

Begin scan in 'C:\' <Vista64U>
C:\hiberfil.sys
[WARNING] The file could not be opened!
C:\pagefile.sys
[WARNING] The file could not be opened!
Begin scan in 'D:\' <WORK1>
Begin scan in 'E:\' <WORK2>
Begin scan in 'F:\' <WORK3>
The directory 'F:\Program Files\Adobe Dreamweaver CS4\' was excluded from scanning!
The directory 'F:\Program Files\Adobe Extension Manager CS4\' was excluded from scanning!
Begin scan in 'G:\' <WORK4>
Begin scan in 'H:\' <WORK5>
Begin scan in 'I:\' <WORK6>
Begin scan in 'J:\' <WORK7>


End of the scan: 18 July 2008 22:00
Used time: 31:05 Minute(s)

The scan has been done completely.

36698 Scanning directories
143948 Files were scanned
0 viruses and/or unwanted programs were found
0 Files were classified as suspicious:
0 files were deleted
0 files were repaired
0 files were moved to quarantine
0 files were renamed
2 Files cannot be scanned
143946 Files not concerned
0 Archives were scanned
2 Warnings
0 Notes

Hope this helps.

Regards
Richard

  • "Radu Gheorghe" has been banned

Date of registration:
May 22nd 2006

Operating System:
Windows

  • Send private message

11

Monday, July 21st 2008, 2:24pm

Hello Richard,

Since the exclusions, did you change anything in the AntiVir Configuration? Because I've installed Adobe Dreamweaver CS4 beta on a Vista64 SP1 machine and then scanned with your settings but all went fine without the exclusions. I will try with all the options on and post here if something comes up.

Best regards,
Radu Gheorghe
Avira Operations GmbH & Co. KG

  • "rcm578" started this thread

Date of registration:
Jun 23rd 2008

Operating System:
Vista Ultimate 64bit

  • Send private message

12

Tuesday, July 22nd 2008, 7:51pm

Hi Radu

It seems that i can only do a full system scan in safe mode, I tried today a full scan but no luck in normal mode, could there be a driver or a program
conflict with Avira in normal mode, which in safe mode they are not used?

Regards

Richard :(

  • "Radu Gheorghe" has been banned

Date of registration:
May 22nd 2006

Operating System:
Windows

  • Send private message

13

Thursday, July 24th 2008, 2:57pm

Hello Richard,

It could be. But I would need some more details. Does the scan just get stuck on a single file, or does it freeze and say "not responding" on the window?

Does it use much of the processor when it's in this state?

Best regards,
Radu Gheorghe
Avira Operations GmbH & Co. KG

This post has been edited 1 times, last edit by "Radu Gheorghe" (Jul 24th 2008, 2:58pm)


  • "rcm578" started this thread

Date of registration:
Jun 23rd 2008

Operating System:
Vista Ultimate 64bit

  • Send private message

14

Thursday, July 24th 2008, 11:53pm

Hi Ruda

Could be any file,when it freezes you can not press any keys or move the mouse. and no message to say it's stopped.

Regards.
Richard

  • "Radu Gheorghe" has been banned

Date of registration:
May 22nd 2006

Operating System:
Windows

  • Send private message

15

Friday, July 25th 2008, 12:26pm

Hello,

Please run a disk check on your C: drive, to see if there's any error. To do that, open a command prompt and type the following command:

chkdsk c: /r

Restart your computer and let the scan run.

If the problem persists, please make a dump of this freeze by the following steps:
1. Start Registry Editor (start -> run -> regedit).
2. Locate the following registry subkey:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\i8042prt\Parameters
3. On the Edit menu, click Add Value, and then add the following registry entry:
Name: CrashOnCtrlScroll
Data Type: REG_DWORD
Value: 1
4. Exit Registry Editor, and then restart the computer.
5. Right-click My Computer, and then click Properties. Then click on the Advances Settings link on the left side.
6. Click the Startup and Recovery button.
7. Click Write Debugging Information, and then click to select Kernel Memory Dump.
8. Run a scan and when the PC hangs, hold the right CTRL key and press the Scroll Lock key twice. A BSOD should appear.

If the BSOD appears, please send me a PM with your name and Email address so I can contact you to get the dump. If it doesn't appear, then the problem should reside on a driver/hardware failure.

Best regards,
Radu Gheorghe
Avira Operations GmbH & Co. KG

  • "rcm578" started this thread

Date of registration:
Jun 23rd 2008

Operating System:
Vista Ultimate 64bit

  • Send private message

16

Saturday, July 26th 2008, 1:53am

Thanks for your help Radu,i will try this over the weekend and will let you know the outcome.

Regards

Richard

This post has been edited 1 times, last edit by "rcm578" (Jul 26th 2008, 1:57am)


  • "rcm578" started this thread

Date of registration:
Jun 23rd 2008

Operating System:
Vista Ultimate 64bit

  • Send private message

17

Tuesday, July 29th 2008, 11:59pm

Hi Radu

Well no BSOD so the fault must be a driver :?:
Checked using safe mode this worked fine, so fitted new hard drive did fresh install of OS and loaded Avira did all updates for both OS and Avira,but still have the same fault.
Could their be a conflict with 64bit OS :?:

I shall put back my old hard drive due to me having to catch up with my work.

Regards
Richard :(

  • "Radu Gheorghe" has been banned

Date of registration:
May 22nd 2006

Operating System:
Windows

  • Send private message

18

Wednesday, July 30th 2008, 1:57pm

Hello Richard,

Is your keyboard USB or PS2? If it's USB, then you need to add another value:

1. Start Registry Editor.
2. Locate the following registry subkey:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\kbdhid\Parameters
3. Make sure that the following registry entry is enabled:
Name: CrashOnCtrlScroll
Data Type: REG_DWORD
Value: 1

Take a look here for full details. Sinca you use Windows Vista, you shouldn't need a hotfix if you are up to date.

Best regards,
Radu Gheorghe
Avira Operations GmbH & Co. KG

  • "rcm578" started this thread

Date of registration:
Jun 23rd 2008

Operating System:
Vista Ultimate 64bit

  • Send private message

19

Wednesday, July 30th 2008, 8:14pm

Hi Radu

Keyboard is PS2, had a look at HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\kbdhid\Parameters and this was enabled.
But still coud not get the BSOD to work. :(

So what i did next was went into the Avira Config and made sure archives was not enabled and use file extenstion list.
And this worked :!:
I have done this 4 times today and each time it worked :)

Is it ok to run it this way if the archives are not checked :?:

Regards
Richard

  • "Radu Gheorghe" has been banned

Date of registration:
May 22nd 2006

Operating System:
Windows

  • Send private message

20

Thursday, July 31st 2008, 9:59am

Hello Richard,

Yes, it's OK to disable Archive scanning in Scanner, as long as you have Guard enabled so it would catch viruses when they're unpacked.

Back to the BSOD thing (only if you're still willing to do it :) ), make sure you hold the right CTRL key, and not the left CTRL key, and then press Scroll Lock twice.

Best regards,
Radu Gheorghe
Avira Operations GmbH & Co. KG