Solved

BSOD issues Possibly related to Nod32

Posted on 2012-04-03
13
2,025 Views
Last Modified: 2013-11-22
I have been having some issues with some windows 7 machines crashing. The only link I have been able to find between the 4 computers (all running windows 7 professional) is they all had downloaded and installed Windows update :
Definition Update for Windows Defender - KB915597 (Definition 1.123.978.0)
And after the system is restarted, or signed onto, it will either BSOD on start up, or the user will be able to sign on for a short period of time, then it will BSOD and continuously restart and crash.
We have run into a similar issue before but on Windows Server 2008 R2, and we determined the issue was ESET nod32. After Removal, the servers worked fine and quit unexpectedly crashing. The same seems to be True in this case with the windows 7 machines. We have removed nod32 from the machines that were experiencing these issues, and the issue seems to be resolved.
I'm trying to look at the memory.dmp files but and having no luck opening them in windbg because it says i'm not using the correct symbols (which I downloaded and have listed in windbg symbol file path area). I was wondering If someone could possibly help me out with these and help shed some light on what the exact issue(s) is/are on these PC's and if they are all related or if each are having their own problems.
I am attaching a copy of the Memory.DMP file from one of the computer's (file extentions changed to .txt) for anyone that may be able to help.

Thank you for your time
0
Comment
Question by:sobrsu
  • 6
  • 4
  • 2
  • +1
13 Comments
 
LVL 24

Expert Comment

by:smckeown777
ID: 37803828
Maybe its me but I can't see your memory dump file?
Can you attach the minidump files? They are smaller in size, usually located in C:\Windows\Minidump...

Cheers...
0
 

Author Comment

by:sobrsu
ID: 37803880
Oh.. looks like it didn't make it because the file was to large.. I found three files. in the mini dump folder

Thanks
033012-9297-01.txt
033012-9391-01.txt
033012-9360-01.txt
0
 

Author Comment

by:sobrsu
ID: 37803891
and here are 2 more from another computer that experienced the same problem just this morning.
040312-9921-01.txt
040312-11575-01.txt
0
Master Your Team's Linux and Cloud Stack!

The average business loses $13.5M per year to ineffective training (per 1,000 employees). Keep ahead of the competition and combine in-person quality with online cost and flexibility by training with Linux Academy.

 
LVL 24

Assisted Solution

by:smckeown777
smckeown777 earned 333 total points
ID: 37803926
Based on the minidumps these BSOD's are also relating to ESET, the faulting file is listed as 'eamonm.sys' which is a file associated with ESET antivirus

Is ESET up to date with latest version?
0
 
LVL 32

Assisted Solution

by:willcomp
willcomp earned 167 total points
ID: 37803932
The faulting module on both PCs is eamonm.sys which is the NOD32 driver. Copies of the crash dump analyses are attached.
Analysis.log
Analysis1.log
0
 
LVL 32

Expert Comment

by:willcomp
ID: 37803955
@smckeown777 -- didn't mean to steal your thunder. At least we agree.
0
 
LVL 24

Expert Comment

by:smckeown777
ID: 37803993
Not a problem sir, all here to help!
0
 

Author Comment

by:sobrsu
ID: 37804003
Wow Thanks for the quick responses. This is the list of Installed components for nod32 :

Virus signature database: 7024 (20120403)
Update module: 1040 (20120313)
Antivirus and antispyware scanner module: 1349 (20120329)
Advanced heuristics module: 1121 (20111208)
Archive support module: 1143 (20120320)
Cleaner module: 1054 (20120323)
Anti-Stealth support module: 1026 (20110628)
ESET SysInspector module: 1216 (20100517)
Self-defense support module: 1018 (20100812)
Real-time file system protection module: 1006 (20110921)

And the Version we are running is : Version 4.2.64.12

To the Best of my knowledge this is the latest (For enterprise). I know personal is at version 5, but it hasn't been released for business use which allows for a Remote Administration and Update server and all that.
Any Advice on how to proceed? Maybe just re installing NOD32?
0
 
LVL 24

Accepted Solution

by:
smckeown777 earned 333 total points
ID: 37804088
Might be the only option

Do u have enterprise support?
Might be an option to send them the same u sent here
They may be more able to help

But to get ur machines back on their feet uninstall and reinstall
0
 
LVL 24

Expert Comment

by:smckeown777
ID: 37804105
Also u mentioned windows defender update
Possibly it and nod are in conflict?
Can u disable it maybe an see if it helps?
0
 

Author Comment

by:sobrsu
ID: 37806668
Well, on the system's that were experiencing this issue NOD32 was uninstalled. I reinstalled on one of the computer's last night, and spoke to the user this morning (who's been working on it for about 2 hours now) who said it was working fine. I found this help article on ESET's website
http://kb.eset.com/esetkb/index?page=content&id=SOLN2523&actp=search&viewlocale=en_US&searchid=1333551177321 
And it looks like the windows defender updates have caused problems in the past. I had another issue with them after trying to recreate this problem on a test machine. I installed NOD32, before anything else on a brand new Laptop running windows 7 pro x86. After I ran all windows updates and nothing happened, I opened NOD32 and there are no menu items available and a message shows saying error communicating with kernel. Just thought I'd post that to document ESET issues here.
But any way, thank you smckeown777 and willcomp. You helped me out greatly.
Capture2.PNG
0
 
LVL 24

Expert Comment

by:smckeown777
ID: 37806715
Good info to know, glad u got sorted...
0
 

Expert Comment

by:ColinBC
ID: 37825079
I'm glad I'm not the only one that has been experiencing these freezes and crashes.  I have had 3 users at work in the past week all reported the same issues as the original poster.  All PC's effected are running Windows 7 Profession 64-bit and all have ESET NOD32.  My breakdown of the error reports pointed to ESET being a factor.  I temporarily resolved this on the first user to report the issue by completely removing ESET.  They have been 100% stable since the removal of ESET.  I still have to reinstall on that users's PC and see if the issue reappears.

Thanks for the info everyone posted here.  I'm troubleshooting 2 more PC's with this issue as I type this...
0

Featured Post

Does Powershell have you tied up in knots?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

PREFACE The purpose of this guide is to explain what the SEPC Status Utility is and how it works. I have written the utility using AutoIt and have included the source code for your review. You are welcome to modify the code to your liking, but I wi…
By the time you finish reading this article, you may have already lost all your money because you don't know the simple steps to securing your BitCoin wallet. BitCoin is an incredible invention. It is a decentralized currency system, which is the…
With the advent of Windows 10, Microsoft is pushing a Get Windows 10 icon into the notification area (system tray) of qualifying computers. There are many reasons for wanting to remove this icon. This two-part Experts Exchange video Micro Tutorial s…
Established in 1997, Technology Architects has become one of the most reputable technology solutions companies in the country. TA have been providing businesses with cost effective state-of-the-art solutions and unparalleled service that is designed…

803 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question