eamon driver fault

Discussion in 'ESET Smart Security' started by someuser8, Dec 2, 2008.

Thread Status:
Not open for further replies.
  1. someuser8

    someuser8 Registered Member

    Joined:
    Dec 2, 2008
    Posts:
    9
    Is this a problem?
    Eset smart security V3.0.621.0


    PEB is paged out (Peb.Ldr = 7ffdd00c). Type ".hh dbgerr001" for details

    PEB is paged out (Peb.Ldr = 7ffdd00c). Type ".hh dbgerr001" for details

    MODULE_NAME: eamon

    FAULTING_MODULE: 804d7000 nt

    DEBUG_FLR_IMAGE_TIMESTAMP: 476b6882

    EXCEPTION_CODE: (NTSTATUS) 0xc0000005 - The instruction at "0x%08lx" referenced memory at "0x%08lx". The memory could not be "%s".

    FAULTING_IP:
    nt!PsGetProcessExitTime+327
    80598298 8939 mov dword ptr [ecx],edi

    TRAP_FRAME: a56cc804 -- (.trap 0xffffffffa56cc804)
    ErrCode = 00000002
    eax=e2d5ea61 ebx=e10e34f8 ecx=53000000 edx=00000000 esi=86f2f710 edi=e2d71810
    eip=80598298 esp=a56cc878 ebp=a56cc894 iopl=0 nv up ei ng nz na po nc
    cs=0008 ss=0010 ds=0023 es=0023 fs=0030 gs=0000 efl=00010282
    nt!PsGetProcessExitTime+0x327:
    80598298 8939 mov dword ptr [ecx],edi ds:0023:53000000=o_Oo_O??
    Resetting default scope

    DEFAULT_BUCKET_ID: WRONG_SYMBOLS

    BUGCHECK_STR: 0x8E

    LAST_CONTROL_TRANSFER: from 805221e9 to 80537672

    STACK_TEXT:
    WARNING: Stack unwind information not available. Following frames may be wrong.
    a56cc3cc 805221e9 0000008e c0000005 80598298 nt!KeBugCheckEx+0x1b
    a56cc794 804de3f3 a56cc7b0 00000000 a56cc804 nt!IoSetFileOrigin+0x5a2f
    a56cc814 805512fa 86f2c478 86f2c488 00000000 nt!Kei386EoiHelper+0x1da
    a56cc894 80598407 e1095ed9 e2d5ea51 a56cc8cc nt!ExFreePoolWithTag+0x114
    a56cc8ac a53ad109 e10e34f8 a56cc8cc a56cc8cc nt!LpcRequestWaitReplyPort+0x15
    a56cc9f4 a53aeeb9 a56cca0c a56cca24 8569cd00 eamon+0x3109
    a56cca28 a53adb17 8569cd00 00000000 a56cca01 eamon+0x4eb9
    a56cca70 804e13c9 8576a408 85644318 85644318 eamon+0x3b17
    a56ccb60 8056d03b 872bd9e0 00000000 86edb628 nt!IofCallDriver+0x32
    a56ccbd8 80570402 00000000 a56ccc18 00000040 nt!SeDeleteAccessState+0x573
    a56ccc2c 8057c24e 00000000 00000000 00000001 nt!ObOpenObjectByName+0xda
    a56ccca8 8057c31d 00e6f83c 00100020 00e6f810 nt!SeAuditingFileEventsWithContext+0x29c
    a56ccd04 8057c4cb 00e6f83c 00100020 00e6f810 nt!IoCreateFile+0x4f
    a56ccd44 804dd98f 00e6f83c 00100020 00e6f810 nt!NtOpenFile+0x27
    a56ccd64 7c90e4f4 badb0d00 00e6f7c0 00000000 nt!KiDeliverApc+0xb9e
    a56ccd68 badb0d00 00e6f7c0 00000000 00000000 0x7c90e4f4
    a56ccd6c 00e6f7c0 00000000 00000000 00000000 0xbadb0d00
    a56ccd70 00000000 00000000 00000000 00000000 0xe6f7c0


    STACK_COMMAND: kb

    FOLLOWUP_IP:
    eamon+3109
    a53ad109 8bf0 mov esi,eax

    SYMBOL_STACK_INDEX: 5

    SYMBOL_NAME: eamon+3109

    FOLLOWUP_NAME: MachineOwner

    IMAGE_NAME: eamon.sys

    BUCKET_ID: WRONG_SYMBOLS

    Followup: MachineOwner
     
  2. doktornotor

    doktornotor Registered Member

    Joined:
    Jul 19, 2008
    Posts:
    2,047
    How about trying the latest version first? (Which is 3.0.672)
     
Thread Status:
Not open for further replies.