cancel
Showing results for 
Search instead for 
Did you mean: 
eyal
Level 7
Report Inappropriate Content
Message 1 of 6

Scan64 Crashing on Windows server 2012 R2

Hello

I have an issue with virus scan crashing on Server 2012. Please see below...anyone ever experienced thiss issue before?

Faulting application name: scan64.exe, version: 8.8.0.777, time stamp: 0x4d2e0635

Faulting module name: ntdll.dll, version: 6.3.9600.17736, time stamp: 0x550f4336

Exception code: 0xc000009a

Fault offset: 0x00000000000ec180

Faulting process id: 0x2434

Faulting application start time: 0x01d0aed17d450bde

Faulting application path: C:\Program Files (x86)\McAfee\VirusScan Enterprise\x64\scan64.exe

Faulting module path: C:\Windows\SYSTEM32\ntdll.dll

Report Id: baf3f8be-1ac4-11e5-80e8-005056bb0565

Faulting package full name:

Faulting package-relative application ID:

5 Replies
mmcgary
Level 12
Report Inappropriate Content
Message 2 of 6

Re: Scan64 Crashing on Windows server 2012 R2

Are you by chance seeing some Access Protection events around the same time similar to the following?

Blocked by Access Protection rule NT AUTHORITY\SYSTEM C:\Windows\System32\svchost.exe C:\Program Files (x86)\McAfee\VirusScan Enterprise\x64\scan64.exe Common Standard ProtectionSmiley Tonguerevent termination of McAfee processes Action blocked : Terminate

wwarren
Level 15
Report Inappropriate Content
Message 3 of 6

Re: Scan64 Crashing on Windows server 2012 R2

The question is a tad too generic. What you're showing here is that the on demand scan process crashed. There could be a multitude of reasons for that.

The most productive way forward, if this issue is reproducible, is to capture a process dump of the failure.

e.g.

Procdump -ma -e -w scan64.exe

Then run the ODS.

A dump file will be created, which can be shared with Support for further investigation.

If you have reason to suspect this might be an issue we've seen in the past, the due diligent thing to do is test the behavior using our latest version + patch, 8.8 Patch 5.

William W. Warren | S.I.R.R. | Customer Success Group | McAfee
Nielsb
Level 11
Report Inappropriate Content
Message 4 of 6

Re: Scan64 Crashing on Windows server 2012 R2

If i'm correct VSE 8.8.0.777 is the 8.8 RTW version. McAfee supports Wiindows Server 2012 with VSE 8.8 Patch 3 (build number 8.8.0.1128) or higher

It's a good idea to upgrade to a higher version

mmcgary
Level 12
Report Inappropriate Content
Message 5 of 6

Re: Scan64 Crashing on Windows server 2012 R2

I was going to say something too but I checked my VSE latest version and the properties for scan64.exe were also 777.

wwarren
Level 15
Report Inappropriate Content
Message 6 of 6

Re: Scan64 Crashing on Windows server 2012 R2

Yep, there isn't enough data in the post to know which version they're using.

We only update the binary version stamp when code has changed since the last release, and, we haven't had any need to revisit the code of the ODS process since the product shipped. Seems surprising huh?

But the executable doesn't actually do much. Much of the work the ODS is does is handled by other DLLs that we load, like vsodscpl.dll.

William W. Warren | S.I.R.R. | Customer Success Group | McAfee