?
Solved

BSOD issues Possibly related to Nod32

Posted on 2012-04-03
13
Medium Priority
?
2,103 Views
Last Modified: 2013-11-22
I have been having some issues with some windows 7 machines crashing. The only link I have been able to find between the 4 computers (all running windows 7 professional) is they all had downloaded and installed Windows update :
Definition Update for Windows Defender - KB915597 (Definition 1.123.978.0)
And after the system is restarted, or signed onto, it will either BSOD on start up, or the user will be able to sign on for a short period of time, then it will BSOD and continuously restart and crash.
We have run into a similar issue before but on Windows Server 2008 R2, and we determined the issue was ESET nod32. After Removal, the servers worked fine and quit unexpectedly crashing. The same seems to be True in this case with the windows 7 machines. We have removed nod32 from the machines that were experiencing these issues, and the issue seems to be resolved.
I'm trying to look at the memory.dmp files but and having no luck opening them in windbg because it says i'm not using the correct symbols (which I downloaded and have listed in windbg symbol file path area). I was wondering If someone could possibly help me out with these and help shed some light on what the exact issue(s) is/are on these PC's and if they are all related or if each are having their own problems.
I am attaching a copy of the Memory.DMP file from one of the computer's (file extentions changed to .txt) for anyone that may be able to help.

Thank you for your time
0
Comment
Question by:sobrsu
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 6
  • 4
  • 2
  • +1
13 Comments
 
LVL 24

Expert Comment

by:smckeown777
ID: 37803828
Maybe its me but I can't see your memory dump file?
Can you attach the minidump files? They are smaller in size, usually located in C:\Windows\Minidump...

Cheers...
0
 

Author Comment

by:sobrsu
ID: 37803880
Oh.. looks like it didn't make it because the file was to large.. I found three files. in the mini dump folder

Thanks
033012-9297-01.txt
033012-9391-01.txt
033012-9360-01.txt
0
 

Author Comment

by:sobrsu
ID: 37803891
and here are 2 more from another computer that experienced the same problem just this morning.
040312-9921-01.txt
040312-11575-01.txt
0
Put Machine Learning to Work--Protect Your Clients

Machine learning means Smarter Cybersecurity™ Solutions.
As technology continues to advance, managing and analyzing massive data sets just can’t be accomplished by humans alone. It requires huge amounts of memory and storage, as well as high-speed processing of the cloud.

 
LVL 24

Assisted Solution

by:smckeown777
smckeown777 earned 1332 total points
ID: 37803926
Based on the minidumps these BSOD's are also relating to ESET, the faulting file is listed as 'eamonm.sys' which is a file associated with ESET antivirus

Is ESET up to date with latest version?
0
 
LVL 32

Assisted Solution

by:willcomp
willcomp earned 668 total points
ID: 37803932
The faulting module on both PCs is eamonm.sys which is the NOD32 driver. Copies of the crash dump analyses are attached.
Analysis.log
Analysis1.log
0
 
LVL 32

Expert Comment

by:willcomp
ID: 37803955
@smckeown777 -- didn't mean to steal your thunder. At least we agree.
0
 
LVL 24

Expert Comment

by:smckeown777
ID: 37803993
Not a problem sir, all here to help!
0
 

Author Comment

by:sobrsu
ID: 37804003
Wow Thanks for the quick responses. This is the list of Installed components for nod32 :

Virus signature database: 7024 (20120403)
Update module: 1040 (20120313)
Antivirus and antispyware scanner module: 1349 (20120329)
Advanced heuristics module: 1121 (20111208)
Archive support module: 1143 (20120320)
Cleaner module: 1054 (20120323)
Anti-Stealth support module: 1026 (20110628)
ESET SysInspector module: 1216 (20100517)
Self-defense support module: 1018 (20100812)
Real-time file system protection module: 1006 (20110921)

And the Version we are running is : Version 4.2.64.12

To the Best of my knowledge this is the latest (For enterprise). I know personal is at version 5, but it hasn't been released for business use which allows for a Remote Administration and Update server and all that.
Any Advice on how to proceed? Maybe just re installing NOD32?
0
 
LVL 24

Accepted Solution

by:
smckeown777 earned 1332 total points
ID: 37804088
Might be the only option

Do u have enterprise support?
Might be an option to send them the same u sent here
They may be more able to help

But to get ur machines back on their feet uninstall and reinstall
0
 
LVL 24

Expert Comment

by:smckeown777
ID: 37804105
Also u mentioned windows defender update
Possibly it and nod are in conflict?
Can u disable it maybe an see if it helps?
0
 

Author Comment

by:sobrsu
ID: 37806668
Well, on the system's that were experiencing this issue NOD32 was uninstalled. I reinstalled on one of the computer's last night, and spoke to the user this morning (who's been working on it for about 2 hours now) who said it was working fine. I found this help article on ESET's website
http://kb.eset.com/esetkb/index?page=content&id=SOLN2523&actp=search&viewlocale=en_US&searchid=1333551177321 
And it looks like the windows defender updates have caused problems in the past. I had another issue with them after trying to recreate this problem on a test machine. I installed NOD32, before anything else on a brand new Laptop running windows 7 pro x86. After I ran all windows updates and nothing happened, I opened NOD32 and there are no menu items available and a message shows saying error communicating with kernel. Just thought I'd post that to document ESET issues here.
But any way, thank you smckeown777 and willcomp. You helped me out greatly.
Capture2.PNG
0
 
LVL 24

Expert Comment

by:smckeown777
ID: 37806715
Good info to know, glad u got sorted...
0
 

Expert Comment

by:ColinBC
ID: 37825079
I'm glad I'm not the only one that has been experiencing these freezes and crashes.  I have had 3 users at work in the past week all reported the same issues as the original poster.  All PC's effected are running Windows 7 Profession 64-bit and all have ESET NOD32.  My breakdown of the error reports pointed to ESET being a factor.  I temporarily resolved this on the first user to report the issue by completely removing ESET.  They have been 100% stable since the removal of ESET.  I still have to reinstall on that users's PC and see if the issue reappears.

Thanks for the info everyone posted here.  I'm troubleshooting 2 more PC's with this issue as I type this...
0

Featured Post

What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

UPDATE - 6/15/2011 Added support for Release Update 6 Maintenance Patch 2 Point Patch 1 (RU6 MP2 PP1). Fixed a defect in the username field that was hard-coded to look for a specific domain (left over code from testing). This release will be the …
If you thought ransomware was bad, think again! Doxware has the potential to be even more damaging.
Windows 8 comes with a dramatically different user interface known as Metro. Notably missing from the new interface is a Start button and Start Menu. Many users do not like it, much preferring the interface of earlier versions — Windows 7, Windows X…
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…

770 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question