Showing results for 
Search instead for 
Did you mean: 

ODS failures after P4 - SCAN64.EXE crashing

Hi there,

After upgrade to VSE88 P4 we are experiencing the following errors:

Log Name: Application

Source: Application Error

Date: 21/03/2014 07:45:09

Event ID: 1000

Task Category: (100)

Level: Error

Keywords: Classic

User: N/A

Computer: black_devil_666


Faulting application name: SCAN64.EXE, version:, time stamp: 0x4d2e0635

Faulting module name: ntdll.dll, version: 6.1.7601.22436, time stamp: 0x521eb03f

Exception code: 0xc0000374

Fault offset: 0x00000000000c4322

Faulting process id: 0x3850

Faulting application start time: 0x01cf44d1171ba830

Faulting application path: C:\Program Files (x86)\McAfee\VirusScan Enterprise\x64\SCAN64.EXE

Faulting module path: C:\Windows\SYSTEM32\ntdll.dll

at the time of scheduled scans - and obviously scans fail.

Windows 7p1 x64

Anyone experiencing the same issue???

We have SR 4-5457415063  open for this issue.

2 Replies
McAfee Employee wwarren
McAfee Employee
Report Inappropriate Content
Message 2 of 3

Re: ODS failures after P4 - SCAN64.EXE crashing

Haven't seen any other reports of this.

Key thing here to note is, this is a process crash event. Which means, you'll be able to get a process dump of the failure - so long as it can be reproduced.

Use ProcDump from SysInternals to capture a 2nd chance exception of Scan64.exe, and to monitor for the process to start.

i.e. procdump -e -ma -w scan64.exe

The dump it creates will be of interest to us/Support.

It could be indicative of a bug in our code, or in the DAT content, or the Engine, or Windows, or in a 3rd party that has hooked the process - so, too many possibilities to go speculating on... hence the need for data.

William W. Warren | S.I.R.R. | Customer Success Group | McAfee

Re: ODS failures after P4 - SCAN64.EXE crashing

Hi there,

Have you tried to disable the prevent hooking AP rule and see if the scan finish? I have seen a similar crash when running ODS and it was this rule causing the issue.

The solution was trusting the dll injecting as per


More McAfee Tools to Help You
  • Subscription Service Notification (SNS)
  • How-to: Endpoint Removal Tool
  • Support: Endpoint Security
  • eSupport: Policy Orchestrator
  • Community Help Hub

      New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.

    • Find Forum FAQs
    • Learn How to Earn Badges
    • Ask for Help
    Go to Community Help

    Join the Community

      Thousands of customers use the McAfee Community for peer-to-peer and expert product support. Enjoy these benefits with a free membership:

    • Get helpful solutions from McAfee experts.
    • Stay connected to product conversations that matter to you.
    • Participate in product groups led by McAfee employees.
    Join the Community
    Join the Community