I would like to install ESS as I do like it. Works great on my laptop. However, when I install it on my desktop it causes problems. Right after install I'm okay but if I reboot or turn on PC after shutting down after initial install the PC simply is in a reboot loop. Once I uninstall it the problem goes away. If I install NOD32 I do not have this issue. I would like to figure this problem out

Any ideas?

Sounds a bit like some compatibility issue with the firewall. Have you tried updating your NIC (Network Interface Card) drivers?

I'm assuming you're using the latest 3.0.672.0 version of ESS?

-{ Quote: "Sounds a bit like some compatibility issue with the firewall. Have you tried updating your NIC (Network Interface Card) drivers?

I'm assuming you're using the latest 3.0.672.0 version of ESS?" }-

Yes, on the version.

I'll check on the NIC but I think I have the latest already. How would this cause an issue?

I updated to a driver dated 8/2008. However the problem still exists.

Hello,

Is there (or was there) other security software on your desktop computer before you installed ESET Smart Security? If so, what was it?

Regards,

Aryeh Goretsky

-{ Quote: "Hello,

Is there (or was there) other security software on your desktop computer before you installed ESET Smart Security? If so, what was it?

Regards,

Aryeh Goretsky" }-

Been using NOD32 for a while. It works fine.

Hello,

There could be another application present which is conflicting with ESET Smart Security. Try downloading a copy of ESET SysInspector (http://www.eset.com/download/sysinspector.php) from ESET's web site, creating a log file and mailing it to support@eset.sk (support@eset.sk) with the URL to this message thread for assistance in reviewing the log file by one of ESET's engineers.

Regards,

Aryeh Goretsky

-{ Quote: "Hello,

There could be another application present which is conflicting with ESET Smart Security. Try downloading a copy of ESET SysInspector (http://www.eset.com/download/sysinspector.php) from ESET's web site, creating a log file and mailing it to support@eset.sk (support@eset.sk) with the URL to this message thread for assistance in reviewing the log file by one of ESET's engineers.

Regards,

Aryeh Goretsky" }-

Did that and never heard back. They asked for another and I stated it would be identical to the one I had just sent and that was the end of the support.

Nice.

Hello,

Just to confirm, did you send it to eset.com or eset.sk?

Regards,

Aryeh Goretsky

-{ Quote: "Did that and never heard back. They asked for another and I stated it would be identical to the one I had just sent and that was the end of the support.

Nice." }-

-{ Quote: "Hello,

Just to confirm, did you send it to eset.com or eset.sk?

Regards,

Aryeh Goretsky" }-

Looks like:

ESET Customer Care [mailto:ccreply@eset.com]

Hello,

Please try contacting ESET's technical support department using the other email address.

Regards,

Aryeh Goretsky

-{ Quote: "Hello,

Please try contacting ESET's technical support department using the other email address.

Regards,

Aryeh Goretsky" }-

Actually, there's already an open ticket but it's been open forever it seems. Apparently they don't have any ideas. I'm also work with a VAR of theirs that's been trying to get them to respond as well.

>:(

Hello,

I've asked ESET's support department to escalate the issue.

Regards,

Aryeh Goretsky

-{ Quote: "Hello,

I've asked ESET's support department to escalate the issue.

Regards,

Aryeh Goretsky" }-

Thanks! But, how do they know who I am?

Hello,

They will probably ask you via the private messaging subsystem of the forum software.

Regards,

Aryeh Goretsky

-{ Quote: "Thanks! But, how do they know who I am?" }-

Hi SBMongoos, can I have a look at the sysinspector-log? Or if you like to, you can contact me directly using PM. No tickets, no proxies, just direct cooperative help from HQ ;)

Jan Balaz
------------------------------
Technical Support Department
------------------------------
ESET, spol. s r. o.
Aupark Tower, 16th floor
Einsteinova 24
851 01 Bratislava
Slovak Republic
------------------------------
www.eset.eu

-{ Quote: "Hi SBMongoos, can I have a look at the sysinspector-log? Or if you like to, you can contact me directly using PM. No tickets, no proxies, just direct cooperative help from HQ ;)

Jan Balaz
------------------------------
Technical Support Department
------------------------------
ESET, spol. s r. o.
Aupark Tower, 16th floor
Einsteinova 24
851 01 Bratislava
Slovak Republic
------------------------------
www.eset.eu" }-

Left you a PM the other day.

-{ Quote: "Hi SBMongoos, can I have a look at the sysinspector-log? Or if you like to, you can contact me directly using PM. No tickets, no proxies, just direct cooperative help from HQ ;)

Jan Balaz
------------------------------
Technical Support Department
------------------------------
ESET, spol. s r. o.
Aupark Tower, 16th floor
Einsteinova 24
851 01 Bratislava
Slovak Republic
------------------------------
www.eset.eu" }-

Bump

Check your PM.

I'm back again, sorry for the delay, please check your PM-inbox.

Any news on the log file?

I've been out of office for a while, sorry. Here is what I have until now:

- You are running tons of software on your computer (which makes analysis really demanding), and some of the programs operate background processes that might interfere with functions of ESS
- Here is a list of conflicting candidates, descending severity:
1. AdAware with running AdWatch/RegShield
2. SuperAntiSpyware
3. iTunes + Quicktime + Bonjour service
4. WindowBlinds
5. Symantec pcAnywhere
6. PowerAlert
7. YahooWidgets
8. Acronis Suite
- In my testing environment, the aforesaid list together with jre-6-update7 (required for PowerAlert) allowed ESS to install, but the subsequent attempt to update ESS (usually started after reboot) resulted in frozen computer
- Your \WINDOWS\system32\drivers\etc\hosts shows many garbage entries - is it possible, that your computer was recently or still is infected?
- If your computer was locked in an endless rebooting cycle after installing ESS, then how did you succeed in creating a sysinspector-log, where I can see the ESS-kernel together with ESS-gui running?
- I would preemptively recommend to update your flash card reader drivers
- Have you been using SpyBot-S&D in the past? Did you remove it completely, or are you still running this software?
- Is it possible, that you were previously using the NOD32fix to hack the trial version?

1-8 are all running on my laptop and ESS runs fine on my laptop.

As for the HOSTS file I understand that Spybot is making additions by blocking sites via adding this info to the HOSTS file. When I look at the ends of the long lists in the HOSTS file it says "# End of entries inserted by Spybot - Search & Destroy".

As for rebooting and the Sysinspector log. I uninstalled ESS in Safe Mode and then installed NOD32 to have something in place, then ran the Sysinspector. I have a license.

Flash card driver update - that would help?

As for a log with ESS and the GUI - not sure how to pull that off. I guess I could install ESS again and then run the Sysinspector right away and not reboot if asked. Then uninstall in Safe Mode, yada yada - fun fun.

Using Spybot S&D. I update it and run it manually.

- You say, you replaced ESS crashing your system with NOD32 "to have something in place". Does it mean, just for clarification, that ESET NOD32 Antivirus v.3.0 runs fine on your computer?
- If you are convinced, that your software-combination should not really be a source of conflicts, then we will need to inspect the full memory-dump right after ESS invokes the restart. Please verify, that your settings are like the attached image shows. Install ESS (latest version = 3.0.672.0), wait for the crash and let it create the dump-file. Then compress it (rar, zip, 7zip, ...) and upload it to our ftp. I will forward the ftp-site credentials, once the file is ready. Thanks.

"- You say, you replaced ESS crashing your system with NOD32 "to have something in place". Does it mean, just for clarification, that ESET NOD32 Antivirus v.3.0 runs fine on your computer?"

Correct, I have not issues with NOD32 on my desktop just ESS.

I'm not necessarily convinced to rule out the software. The system with this problem and the one running ESS without issue are very similar in regards to what is installed.

Currently, my system is set to dump the pagefile. Is that a problem with trying your method to get the "dump-file"?

Fine, then we can narrow the problem to the firewall-modules. Nevermind, regarding the dump-settings, it's important, that the "Automatically restart"-option is unchecked and creating a full memory-dump is critical. Mini-, or kernel-dump is insufficient. Uncompressed, it should have the size of your entire operating memory.

-{ Quote: "Fine, then we can narrow the problem to the firewall-modules. Nevermind, regarding the dump-settings, it's important, that the "Automatically restart"-option is unchecked and creating a full memory-dump is critical. Mini-, or kernel-dump is insufficient. Uncompressed, it should have the size of your entire operating memory." }-

So it's clear is this what you want me to do:


Uninstall NOD32 and then reinstall ESS
Uncheck the Automatically Restart option
This will create the log you want


Like I mentioned the PageFile is set to dump when I shut down. Will this be a problem for this process?

I'll need to switch back to NOD32 to not get stuck in the boot loop.

What will be the name of this log so I can find it? I assume it will be sitting at the root directory.

First of all you need to turn off the "Automatic restart" and have the size of the dump-file set to "complete". Then you can uninstall NOD32 and install the faulting ESS. You will find the memory-dump, once it's created upon crashing of operating system, under c:\windows\memory.dmp
Do you mean deleting your pagefile before shutdown when talking about dumping it?

-{ Quote: "First of all you need to turn off the "Automatic restart" and have the size of the dump-file set to "complete". Then you can uninstall NOD32 and install the faulting ESS. You will find the memory-dump, once it's created upon crashing of operating system, under c:\windows\memory.dmp
Do you mean deleting your pagefile before shutdown when talking about dumping it?" }-


Right. While back I read where it makes sense to purge the PageFile. Takes longer to shutdown but it clears it. Wanted to find out if this will mess up the memory.dmp file or not???

Been a while since I set this up, see here: http://support.microsoft.com/kb/314834

Good, that you started the question - yes, you should disable this feature.

Not getting a Memory.dmp file after having done this. Interestingly enough I am now getting a BSOD. This may be a coincidence as I'm also trying to work with some RAM memory. However, this RAM has all been used in this PC in the past and always worked fine. Same setup.

Info about the BSOD:

DRIVER_IRQL_NOT_LESS_OR_EQUAL

STOP:
0X00000D1 0X0000002 0X0000000 0X000000A

I did find the following info at a forum:

Stop 0x000000D1 or DRIVER_IRQL_NOT_LESS_OR_EQUAL
The Stop 0xD1 message indicates that the system attempted to access pageable memory using a kernel process IRQL that was too high. Drivers that have used improper addresses typically cause this error.

Interpreting the Message
This Stop message has four parameters:

Memory referenced.
IRQL at time of reference.
Type of access (0x00000000 = read operation, 0x00000001 = write operation).
Address that referenced memory.
Resolving the Problem
For additional troubleshooting suggestions that apply to all Stop errors, see "Stop Message Checklist" later in this appendix.

Stop 0xD1 messages can occur after installing faulty drivers or system services. If a driver is listed by name, disable, remove, or roll back that driver to confirm that this resolves the error. If so, contact the manufacturer about a possible update. Using updated software is especially important for backup programs, multimedia applications, antivirus scanners, DVD playback, and CD mastering tools.
For more information about Stop 0xD1 messages, see the Microsoft Knowledge Base link on the Web Resources page at http://www.microsoft.com/windows/reskits/webresources. Search using keywords winnt, 0x000000D1, and 0xD1.

updated and comaptiable drivers are very important when running XP. Check your hardware with the HCL www.microsoft.com/hcl If you hardware is not on the list it does not mean it won't work it just means it hasn't been tested by Microsoft and they won't Guarantee it to be compatible. If it not on the list check the manufacturer's website fo an up to date XP driver, if they don't have one you may be out of luck. This goes for motherboards and the bios too.

****

I don't believe the RAM is having any impact on this situation. I believe it's a driver issue with ESS and something else. I've updated my network driver (onboard NIC) about two weeks ago. But obviously this didn't have any impact.

Hmmm..

Where to go from here?

Hi,
you now can see the bluescreen, as we set it to appear, and not to restart immediately ("Automatic restart"-option). The bluescreen shows a number indicating the progress of saving (see image below) - if there is no such a number rising up to 100, then there is something wrong with the settings. Either you have the pagefile set as too small, or the dump-type is not correct. Regarding the memory - every time you turn on your computer, you necessarily have to work with your RAM a lot - this is given by technology.

No issues with RAM as I stated. I've been working with OCZ to gain back a low CL setting. When I upgraded from 1G to 2G it dropped. So they sent me another 2G kit to try. Otherwise the RAM has been fine. Currently a 1G kit is installed with a fixed pagefile size of just over 1.5G (1.5 x 1).

Do you recommend that I put a 2G kit back in and try it?

I've already changed the settings back for the dump file. I have the pagefile set on drive D: (for performance), I assume that is not an issue or does it at least need to be on drive C: to have room to dump the file??

No, I think you can keep the current memory size (= 1 G), but should set the pagefile to "system managed" (don't forget to press the "Set"-button). I see no problem with having the pagefile stored on drive D: but it should be a drive or partition visible to the operating system in safe-mode or recovery console as well - i.e. not an external usb-drive or other device, that would require third party drivers to run.

Okay, so I'll start the process over again. I should be able to get it knocked out this afternoon unless I have an interruption.

I am having the exact same issue with BSOD, but mine is pointing at epfwtdi.sys as the culprit of my mini-dumps. Just gonna be a fly on the wall while you work with SBMongoos, Unclejohn, unless you know what the problem might be. I just recently switched from Kaspersky where there was no BSOD issue. BSOD will happen with on all OS's I have installed and I have the latest and greatest MS approved drivers for all devices.

System components are as follows:

Motherboard
ASUS Formula RAMPAGE

Processor
Intel Core 2 Extreme QX9650

Memory
TWIN2X4096-8500C5DF

Video
Card # 1 BFG 8800GTX
Card # 2 BFG 8800GTX

HD's
Hard Drive # 1 WD VelociRaptor 150 GB (WD1500BLFS)
Hard Drive # 2 Maxtor 100 GB (6 L100M0)
Hard Drive # 3 Maxtor OneTouch 600 GB

Optical
Drive # 1 SONY DRU-840A

Case
ThermalTake VE2000BWS

Power Supply
XION-1000R14HE

Sound Card
SurpremeFX II Audio

Monitor
SAMSUNG SyncMaster 2693HM

Operating System
Windows XP (32 bit)
Vista Home Premium (32 bit)
Windows Vista Ultimate (64 bit)

Thanks in advance,
n1brvfan

Nice system n1brvfan! I've been building my own as well but have been going for about 3.5 years or so. Been thinking about building another but don't need to build a gaming PC. Starting to consider my options but if I do I want to watch the $$ this time around.

-{ Quote: "No, I think you can keep the current memory size (= 1 G), but should set the pagefile to "system managed" (don't forget to press the "Set"-button). I see no problem with having the pagefile stored on drive D: but it should be a drive or partition visible to the operating system in safe-mode or recovery console as well - i.e. not an external usb-drive or other device, that would require third party drivers to run." }-


Well, I've done as requested and the results are the same. I put 2G of RAM back in to be sure and it's System Managed. Get the BSOD but no counter saving off a Dump File and no file saved. Do I need to wait for some period of time before I see the status of the file creation complete (% wise that is)?? I checked the settings under Startup and Recovery and they are: Automatically Restart is "unchecked", Write debugging information is "complete memory dump".

I wasn't confident that ESS v4 Beta would work either but I tried it and had the same results as above.

Let me know if you have any ideas unclejohn.

Honestly, this is really strange. I've done lots of brainstorming, asked the chief of R&D, but we cannot imagine a situation, when windows would fail to create the dump. It's a very basic feature of a healthy system, once the settings are properly tweaked. Remote advice is a hard job here, but please send me the screenshots of your settings (Startup&Recovery dialogue, Performance->Advanced->VirtualMemory window), maybe I can see something what you've missed. Optionally try to create the "Kernel memory dump" at least, let's see if this makes a difference. Try to search your entire drive, if the MEMORY.DMP-file is not "hiding" somewhere, where you would not expect it, just to make sure.

unclejohn: well to my disappointment I've run into a bigger problem. After testing different RAM and working out a warranty issue with OCZ I think my mb crapped out. May have been a static charge I'm not sure.

At this point my PC sits partially pulled apart. Bummed about this as the timing with $$. Not sure I want to bother fixing a 4 year old PC. The machine had been working great. OCZ was finally following up on a very long overdue warranty issue. Not a big thing but just some RAM that was not hitting a certain CL setting.

At this point I'm trying to determine if I want to get a 478 model mb or just do major upgrades. Either way I see a fresh OS install, etc. At that point I will be loading ESS and see if it will work. Perhaps the conflict won't come up. Not sure when this will be however.

Thanks for your help...