Jump to content

danpritts

Members
  • Content Count

    2
  • Joined

  • Last visited

About danpritts

  • Rank
    Candidate
  1. Hi, I am using the rescue disk version 10 to scan a machine. I had previous installed Microsoft Endpoint protection on the machine, and as far as I can tell, the Kaspersky rescue disk entered an infinite loop while processing the zip file containing the Endpoint installer. It is hard to tell for sure, since the GUI doesn't show me a list of exactly what files were being scanned, but the scan was 18 hours in so I decided to start poking around. the scanner process had the zip file open for over 10 minutes before I decided to pause the scan and kill the file. I can provide the file if you like. I can be reached at my forum user name at gmail. Here is the information on the file, which was downloaded from MSDN. % shasum -a 256 ENDPOINT-CLIENT.zip fa66c3d766c8cce5b13d584f848e6473a4320bb25dc1bb6de04930636dcc7522 ENDPOINT-CLIENT.zip % unzip -l ENDPOINT-CLIENT.zip Archive: ENDPOINT-CLIENT.zip Length Date Time Name -------- ---- ---- ---- 0 05-06-15 18:51 CLIENT/ 9594 05-06-15 04:00 CLIENT/ccmsetup.cab 1740472 04-29-15 04:00 CLIENT/ccmsetup.exe 7718 04-14-15 05:47 CLIENT/EP_DefaultPolicy.xml 0 04-15-15 11:35 CLIENT/I386/ 27930624 04-14-15 07:00 CLIENT/I386/CLIENT.MSI 0 04-14-15 05:47 CLIENT/I386/dotNetFx40_Client_x86_x64.exe 1798144 04-14-15 05:47 CLIENT/I386/MicrosoftPolicyPlatformSetup.msi 0 04-14-15 05:47 CLIENT/I386/msrdcoob_x86.exe 1521152 04-14-15 05:47 CLIENT/I386/msxml6.msi 0 04-14-15 05:47 CLIENT/I386/Silverlight.exe 2707352 04-14-15 05:47 CLIENT/I386/vc50727_x86.exe 6498200 04-14-15 05:47 CLIENT/I386/vcredist_x86.exe 0 04-14-15 05:47 CLIENT/I386/wic_x86_enu.exe 543232 04-14-15 05:47 CLIENT/I386/WindowsFirewallConfigurationProvider.msi 0 04-14-15 05:47 CLIENT/I386/WindowsUpdateAgent30-x86.exe 28333200 05-06-15 17:59 CLIENT/scepinstall.exe 786432 04-14-15 05:47 CLIENT/wimgapi.msi 0 04-15-15 11:36 CLIENT/X64/ 35565568 04-14-15 07:00 CLIENT/X64/CLIENT.MSI 2265088 04-14-15 05:47 CLIENT/X64/MicrosoftPolicyPlatformSetup.msi 0 04-14-15 05:47 CLIENT/X64/msrdcoob_amd64.exe 2664960 04-14-15 05:47 CLIENT/X64/msxml6_x64.msi 3175832 04-14-15 05:47 CLIENT/X64/vc50727_x64.exe 7188536 04-14-15 05:47 CLIENT/X64/vcredist_x64.exe 0 04-14-15 05:47 CLIENT/X64/wic_x64_enu.exe 603136 04-14-15 05:47 CLIENT/X64/WindowsFirewallConfigurationProvider.msi 0 04-14-15 05:47 CLIENT/X64/WindowsUpdateAgent30-x64.exe -------- ------- 123339240 28 files
  2. Hi, DOwnloaded and ran the rescue disk today (2014-05-19). md5sum of the iso is 824a1146805ac54fccb45eaf7820f69e. hardware is a dell R520. OS is win2008r2. The rescue disk booted my system OK, and the AV scanner got about 1% into the scan. It then sat for at least an hour. I went poking around and noticed that the OS had started to swap on c:\pagefile.sys (i forget the linux path that it used, but it was pointing at that file). As soon as I did a swapoff on the file, the scanner started back up again. I don't know for sure, but presumably the scanner was having trouble locking the pagefile. Seems like a bad idea to touch the disk at all. Certainly it shouldn't be necessary when there is a ton of RAM, which my system has (32GB). thanks for making this useful tool available.
×
×
  • Create New...

Important Information

We use cookies to make your experience of our websites better. By using and further navigating this website you accept this. Detailed information about the use of cookies on this website is available by clicking on more information.