Crash during scanning

Hi everyone.

I was doing a full system scan of my vista sp2 machine when suddenly the pc stopped responding. Even the mouse cursor could not be moved around. This happened when a file in this path was being scanned : winsxs/x86_microsoft-windows-smbserver-31bf3856ad364e35... This is not the complete name of the file as I could not see more details about it due to the pc not responding. If you need some more information I'll be glad to provide it to you. I'm using the 35 release.

Comments

  • [Deleted User]
    [Deleted User] Posts: 0 Former F-Secure Employee

    While during the scan, is there any Windows update running at the back ground? maybe you can try to disable the windows update and re run a scan. 

     

  • nikols
    nikols Posts: 6 Observer
    No,windows was not being updated. I was just using chrome the first time and at the second one only the scan was running.
  • [Deleted User]
    [Deleted User] Posts: 0 Former F-Secure Employee

    Hi,

     

    I just tried to reproduce the problem on several different Vista test images here, but did not succeed. But that wasn't a suprise as the problem happens in winsxs folder, which content depends totally on what you happen to have installed on your computer.

     

    So to help us forward, could you try to see, if there are some crash reports with dumps left on you computer about the issue? To do this:

    1. Open control panel

    2. Type "problem" to seach field

    3. Open "View problem history" to see if there are any crash reports from the time this happened.

     

    and in addition check if there is c:\windows\memory.dmp file?

     

    If there are, please collect the crash dumps from the problem reports and sent to us for further analysis.

     

    And if we don't have crash reports, then this gets really complex to debug further. One bad option is to ZIP the whole winsxs -folder and sent it to us for analysis and reproducing, but unfortunately that is normally some 10G - 15GB of files (don't know really how well they even zip).

     

    Petri

     

     

  • nikols
    nikols Posts: 6 Observer

    Hi Petri!

    So I checked what you suggested and found some reports about problem regarding some driver, could this be the tp's ones? It's probably f-secure's ones because the time that the crash happend according to the report is the same when the pc was being scanned. The file is a memory.hdmp but there are some other ones, like WUDFTrace.etl and WudfHost_3268.dm.config.evtx.

    So shall I upload them? And if where exactly?

  • Tapsa
    Tapsa Posts: 82 F-Secure Employee

    We inspected the crash dumps, thank you for providing them for inspection. It turned out that the reason for the crashes is something else than our Technology Preview product. The problem also reproduced in later tests with our Technology Preview turned off.

     

    Tapio

     

This discussion has been closed.