IPB

Welcome Guest ( Log In | Register )

2 Pages V   1 2 >  
Reply to this topicStart new topic
> Disk Defragmenter NTFS Module
guilijan
post 29.11.2008 03:33
Post #1


Advanced Member II
****

Group: Members
Posts: 373
Joined: 10.06.2005
From: Ass of the world




Hi

Is there any way to avoid this in the self defense report? I have more than 45.000 of it.

Kav .506 with update problem solved rolleyes.gif
28/11/2008 16:46:11 Denied Disk Defragmenter NTFS Module Open C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe
Go to the top of the page
 
+Quote Post
guilijan
post 29.11.2008 17:05
Post #2


Advanced Member II
****

Group: Members
Posts: 373
Joined: 10.06.2005
From: Ass of the world




QUOTE(guilijan @ 28.11.2008 21:33) *
Hi

Is there any way to avoid this in the self defense report? I have more than 45.000 of it.

Kav .506 with update problem solved rolleyes.gif
28/11/2008 16:46:11 Denied Disk Defragmenter NTFS Module Open C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe


Hi, any idea?
dash1.gif
Go to the top of the page
 
+Quote Post
Schulte
post 29.11.2008 17:35
Post #3


Gold Beta Tester
**************

Group: Moderators
Posts: 8399
Joined: 15.01.2008
From: Germany (08111000)




Hi guilijan,

'Settings->System Security->Application Filtering->Settings'. Doubleklick 'Disk Defragmenter NTFS Module', go to 'Exclusions' and check 'Do not monitor application activity'.


--------------------
XPpro x86/Win7pro x86/x64 running KIS 2015, KAV6, KES8, PURE3
Win2003R2 running KAV6 FS, Android x86 running KIS4A
Go to the top of the page
 
+Quote Post
guilijan
post 29.11.2008 19:08
Post #4


Advanced Member II
****

Group: Members
Posts: 373
Joined: 10.06.2005
From: Ass of the world




QUOTE(Schulte @ 29.11.2008 11:35) *
Hi guilijan,

'Settings->System Security->Application Filtering->Settings'. Doubleklick 'Disk Defragmenter NTFS Module', go to 'Exclusions' and check 'Do not monitor application activity'.


Nop, it haven't that posibility in System Security.
It's Kav .506
Today I have 21460 of this

29/11/2008 10:58:29 Denied Kaspersky Anti-Virus Modification REGISTRY\MACHINE\SOFTWARE\KasperskyLab\protected\AVP8\Trace\Default

29/11/2008 11:37:32 Denied Disk Defragmenter NTFS Module Open C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe

There may be any way to avoid that.
I can't believe that Kav make so much or so many (I dont know what is corect) reports about this. Some must be wrong but I don´t know what.
Go to the top of the page
 
+Quote Post
guilijan
post 30.11.2008 02:20
Post #5


Advanced Member II
****

Group: Members
Posts: 373
Joined: 10.06.2005
From: Ass of the world





It seems that nobody has any idea of what is happening and why.
Self-Defense (events: 44922)
and growing.

Go to the top of the page
 
+Quote Post
mbt
post 30.11.2008 03:46
Post #6


Newbie
*

Group: Members
Posts: 4
Joined: 23.11.2008




QUOTE(guilijan @ 29.11.2008 10:08) *
Nop, it haven't that posibility in System Security.
It's Kav .506
Today I have 21460 of this

29/11/2008 10:58:29 Denied Kaspersky Anti-Virus Modification REGISTRY\MACHINE\SOFTWARE\KasperskyLab\protected\AVP8\Trace\Default

29/11/2008 11:37:32 Denied Disk Defragmenter NTFS Module Open C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe

There may be any way to avoid that.
I can't believe that Kav make so much or so many (I dont know what is corect) reports about this. Some must be wrong but I don´t know what.


Schulte should have said:
'Settings->System Security->Application Filtering->Settings'>Expand Microsoft Categoy>Scroll down to Disk Defragmenter NTFS Module> Doubleklick 'Disk Defragmenter NTFS Module', go to 'Exclusions' and check 'Do not monitor application activity'.

He also should have said to do the same for the "Disk Defragmenter" module too. I tried what he suggested and the log entries are greatly reduced to a couple hundred process start and process exit messages over a 2 minute period.

I don't understand why the Disk Defragmenter and Disk Defragmenter NTFS modules are starting up by themselves at all and can't seem to find an answer.
Go to the top of the page
 
+Quote Post
guilijan
post 30.11.2008 04:13
Post #7


Advanced Member II
****

Group: Members
Posts: 373
Joined: 10.06.2005
From: Ass of the world




QUOTE(mbt @ 29.11.2008 21:46) *
Schulte should have said:
'Settings->System Security->Application Filtering->Settings'>Expand Microsoft Categoy>Scroll down to Disk Defragmenter NTFS Module> Doubleklick 'Disk Defragmenter NTFS Module', go to 'Exclusions' and check 'Do not monitor application activity'.

He also should have said to do the same for the "Disk Defragmenter" module too. I tried what he suggested and the log entries are greatly reduced to a couple hundred process start and process exit messages over a 2 minute period.

I don't understand why the Disk Defragmenter and Disk Defragmenter NTFS modules are starting up by themselves at all and can't seem to find an answer.



Well if you read the post #4 I said that following that route I dont find Application filtering
System Security

Perhaps I'm doing something wrong.
Go to the top of the page
 
+Quote Post
denzilla
post 30.11.2008 06:15
Post #8


Advanced Member II
****

Group: Members
Posts: 217
Joined: 26.04.2006




Same issue here. Hundreds of entries for the defragmenter and "Host Process for Windows Services". KIS2009 .506
Go to the top of the page
 
+Quote Post
mbt
post 30.11.2008 06:19
Post #9


Newbie
*

Group: Members
Posts: 4
Joined: 23.11.2008




QUOTE(guilijan @ 29.11.2008 19:13) *
Well if you read the post #4 I said that following that route I dont find Application filtering
System Security

Perhaps I'm doing something wrong.

Sorry I misunderstood. If you don't have a "Settings" button next to the checkbox to Enable Application Filtering in the System Security settings section, then something bigger is wrong. Perhaps a reinstall might help.
Go to the top of the page
 
+Quote Post
rudger79
post 30.11.2008 07:13
Post #10


Forum Elite
**************

Group: Gold beta testers
Posts: 9122
Joined: 20.10.2008
From: Kodiak USA




Same here. I have 1000's yesterday and today. See screen shot.

Version 8.0.0.506
Windows XP Media Center SP3

Also when I click on the virus activity review, it won't load completely.

Attached File  NTSF_MOD.zip ( 242,85K ) Number of downloads: 17


--------------------
2015 Beta Test Machine specs: Windows 7 Pro x64 SP1, Real Machine (laptop), 4GB Ram No OEM stuff. My GSI Report Link

________________________________________________________________________________
1.Laptop -
Windows 7 Pro SP 1 x64 4gb - FF latest -
KIS 2015 Beta
2.Desktop -
Windows 7 Pro SP 1 x86 4gb - FF latest - KIS 2014
_______________________________________________________________________

My Kaspersky Account Kaspersky Support Ticket Request to Kaspersky Virus Lab Link to GSI Report Instructions Kaspersky Latest Product Versions
Go to the top of the page
 
+Quote Post
guilijan
post 30.11.2008 16:35
Post #11


Advanced Member II
****

Group: Members
Posts: 373
Joined: 10.06.2005
From: Ass of the world




Ups I'm not alone blink.gif

Just start my pc today and:

Self-Defense (events: 27840)

30/11/2008 09:20:05 Denied Kaspersky Anti-Virus Modification REGISTRY\MACHINE\SOFTWARE\KasperskyLab\protected\AVP8\Trace\Default
30/11/2008 09:49:56 Denied Disk Defragmenter NTFS Module Open C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe

There may be a explanation for that?

Go to the top of the page
 
+Quote Post
guilijan
post 30.11.2008 17:11
Post #12


Advanced Member II
****

Group: Members
Posts: 373
Joined: 10.06.2005
From: Ass of the world




Sorry can't edit the last post.

http://img99.imageshack.us/my.php?image=reportab3.jpg
Go to the top of the page
 
+Quote Post
JanRei
post 30.11.2008 17:33
Post #13


Gold Beta Testers
***************

Group: Moderators
Posts: 12072
Joined: 1.01.2006
From: Germany




If you want you can set up the exclusions in the trusted zone (Settings -> Threats and exclusions -> Trusted zone -> tab "Trusted applications"). The way via Application Filtering is equivalent, but works only with KIS (KAV doesn't include this component).
Go to the top of the page
 
+Quote Post
guilijan
post 30.11.2008 17:56
Post #14


Advanced Member II
****

Group: Members
Posts: 373
Joined: 10.06.2005
From: Ass of the world




QUOTE(JanRei @ 30.11.2008 11:33) *
If you want you can set up the exclusions in the trusted zone (Settings -> Threats and exclusions -> Trusted zone -> tab "Trusted applications"). The way via Application Filtering is equivalent, but works only with KIS (KAV doesn't include this component).


Thank you for your answer.
What are the application to add to trusted zone and where is it located?
Is it like to put the dust under the carpet?

And why Kav denied Kav action? See the picture of the report.
Its very, very crazy.

The final question is why Kav/Kis do this actions?
dash1.gif
Go to the top of the page
 
+Quote Post
rudger79
post 30.11.2008 18:16
Post #15


Forum Elite
**************

Group: Gold beta testers
Posts: 9122
Joined: 20.10.2008
From: Kodiak USA




This is what my vista 64 machine (Home premium) shows for self defense.
Attached File  Untitled.jpg ( 206,99K ) Number of downloads: 22


KAV 8.0.0.506

So should deal with this via trusted? JanRei states cannot do this with KAV? Please advise.

Thanks


--------------------
2015 Beta Test Machine specs: Windows 7 Pro x64 SP1, Real Machine (laptop), 4GB Ram No OEM stuff. My GSI Report Link

________________________________________________________________________________
1.Laptop -
Windows 7 Pro SP 1 x64 4gb - FF latest -
KIS 2015 Beta
2.Desktop -
Windows 7 Pro SP 1 x86 4gb - FF latest - KIS 2014
_______________________________________________________________________

My Kaspersky Account Kaspersky Support Ticket Request to Kaspersky Virus Lab Link to GSI Report Instructions Kaspersky Latest Product Versions
Go to the top of the page
 
+Quote Post
JanRei
post 30.11.2008 18:35
Post #16


Gold Beta Testers
***************

Group: Moderators
Posts: 12072
Joined: 1.01.2006
From: Germany




In version 8.0.0.506 self-defence was made more aggressive, which results in a higher amount of messages / report entries. In particular defragmentation tools and svchost.exe will cause such messages now when they come across the files or processes of KAV/KIS. It should be safe to define exclusions for the defrag tools, regarding svchost.exe I am not completely sure.

You can start with an exclusion for "Disk Defragmenter NTFS Module" (should be C:\WINDOWS\system32\DfrgNtfs.exe) maybe it will already help to reduce the messages.

It's always possible to define the exclusions in the trusted zone. Just the way via Application Filtering is restricted to KIS.

I don't know exactly why KAV/KIS denies itself access to the mentioned registry key. However, since it is not an unusual behaviour I would suggest to simply ignore it.
Go to the top of the page
 
+Quote Post
rudger79
post 30.11.2008 19:39
Post #17


Forum Elite
**************

Group: Gold beta testers
Posts: 9122
Joined: 20.10.2008
From: Kodiak USA




QUOTE(JanRei @ 30.11.2008 05:35) *
You can start with an exclusion for "Disk Defragmenter NTFS Module" (should be C:\WINDOWS\system32\DfrgNtfs.exe) maybe it will already help to reduce the messages.


This did the trick. Thanks.


--------------------
2015 Beta Test Machine specs: Windows 7 Pro x64 SP1, Real Machine (laptop), 4GB Ram No OEM stuff. My GSI Report Link

________________________________________________________________________________
1.Laptop -
Windows 7 Pro SP 1 x64 4gb - FF latest -
KIS 2015 Beta
2.Desktop -
Windows 7 Pro SP 1 x86 4gb - FF latest - KIS 2014
_______________________________________________________________________

My Kaspersky Account Kaspersky Support Ticket Request to Kaspersky Virus Lab Link to GSI Report Instructions Kaspersky Latest Product Versions
Go to the top of the page
 
+Quote Post
guilijan
post 30.11.2008 19:46
Post #18


Advanced Member II
****

Group: Members
Posts: 373
Joined: 10.06.2005
From: Ass of the world




QUOTE(JanRei @ 30.11.2008 12:35) *
In version 8.0.0.506 self-defence was made more aggressive, which results in a higher amount of messages / report entries. In particular defragmentation tools and svchost.exe will cause such messages now when they come across the files or processes of KAV/KIS. It should be safe to define exclusions for the defrag tools, regarding svchost.exe I am not completely sure.

You can start with an exclusion for "Disk Defragmenter NTFS Module" (should be C:\WINDOWS\system32\DfrgNtfs.exe) maybe it will already help to reduce the messages.

It's always possible to define the exclusions in the trusted zone. Just the way via Application Filtering is restricted to KIS.

I don't know exactly why KAV/KIS denies itself access to the mentioned registry key. However, since it is not an unusual behaviour I would suggest to simply ignore it.


Ok I did, will see in the next hours if it works.
But somebody in Moscow must take care about this problems and why it happens. It's very crazy Kav denied Kav blink.gif
Otherwise we are blocking the sun with our hands, but the sun is still shining.

Thank you JanRei
Go to the top of the page
 
+Quote Post
guilijan
post 1.12.2008 19:58
Post #19


Advanced Member II
****

Group: Members
Posts: 373
Joined: 10.06.2005
From: Ass of the world




It works for Disk Defragmenter NTFS Module.

But still Kav vs Kav warnings blink.gif
Self-Defense (events: 10)
01/12/2008 09:31:53 Denied Kaspersky Anti-Virus Modification REGISTRY\MACHINE\SOFTWARE\KasperskyLab\protected\AVP8\Trace\Default

Go to the top of the page
 
+Quote Post
JanRei
post 1.12.2008 20:44
Post #20


Gold Beta Testers
***************

Group: Moderators
Posts: 12072
Joined: 1.01.2006
From: Germany




I don't think there is much a user can do to avoid these entries, but fortunately the number of entries is not very high. I assume that Kaspersky knows about this issue and I hope they will look into it for one of the next versions. However, it probably doesn't have a high priority since it doesn't seem to be related to malfunctions or things like that.
Go to the top of the page
 
+Quote Post

2 Pages V   1 2 >
Reply to this topicStart new topic

 



Lo-Fi Version Time is now: 31.08.2014 14:15