ESET Mail Security BSOD SBS 2008

Discussion in 'Other ESET Business Products' started by smacca20, Oct 16, 2012.

Thread Status:
Not open for further replies.
  1. smacca20

    smacca20 Registered Member

    Joined:
    Oct 16, 2012
    Posts:
    1
    Location:
    Australia
    Hi,

    I have a customer who I installed ESET MS 4.3.10025 on an SBS 2008 server, and within 24 hours it bluescreened.
    Subsequently, it happened 2 days later, and then the following day.
    Upon uninstalling ESET MS, the server is now fine.

    I am struggling to get an answer from ESET and another support team, and need some assistance.


    Crash Dump Analysis
    ________________________________________

    Crash dump directory: C:\Windows\Minidump

    Crash dumps are enabled on your computer.


    On Wed 12/09/2012 1:39:27 PM GMT your computer crashed
    crash dump file: C:\Windows\Minidump\Mini091312-01.dmp
    This was probably caused by the following module: ntoskrnl.exe (nt+0x57AD0)
    Bugcheck code: 0x4A (0x7797747A, 0x1, 0x0, 0xFFFFFA6008BBDCA0)
    Error: IRQL_GT_ZERO_AT_SYSTEM_SERVICE
    file path: C:\Windows\system32\ntoskrnl.exe
    product: Microsoft® Windows® Operating System
    company: Microsoft Corporation
    description: NT Kernel & System
    Bug check description: This indicates that a thread is returning to user mode from a system call when its IRQL is still above PASSIVE_LEVEL.
    The crash took place in the Windows kernel. Possibly this problem is caused by another driver which cannot be identified at this time.


    On Wed 12/09/2012 1:39:27 PM GMT your computer crashed
    crash dump file: C:\Windows\memory.dmp
    This was probably caused by the following module: ntkrnlmp.exe (nt!KeBugCheckEx+0x0)
    Bugcheck code: 0x4A (0x7797747A, 0x1, 0x0, 0xFFFFFA6008BBDCA0)
    Error: IRQL_GT_ZERO_AT_SYSTEM_SERVICE
    Bug check description: This indicates that a thread is returning to user mode from a system call when its IRQL is still above PASSIVE_LEVEL.
    The crash took place in the Windows kernel. Possibly this problem is caused by another driver which cannot be identified at this time.


    On Mon 10/09/2012 11:34:23 PM GMT your computer crashed
    crash dump file: C:\Windows\Minidump\Mini091112-01.dmp
    This was probably caused by the following module: ntoskrnl.exe (nt+0x57AD0)
    Bugcheck code: 0x4A (0x7771747A, 0x1, 0x0, 0xFFFFFA6009283CA0)
    Error: IRQL_GT_ZERO_AT_SYSTEM_SERVICE
    file path: C:\Windows\system32\ntoskrnl.exe
    product: Microsoft® Windows® Operating System
    company: Microsoft Corporation
    description: NT Kernel & System
    Bug check description: This indicates that a thread is returning to user mode from a system call when its IRQL is still above PASSIVE_LEVEL.
    The crash took place in the Windows kernel. Possibly this problem is caused by another driver which cannot be identified at this time.


    On Sun 9/09/2012 11:14:03 PM GMT your computer crashed
    crash dump file: C:\Windows\Minidump\Mini091012-01.dmp
    This was probably caused by the following module: ntoskrnl.exe (nt+0x57AD0)
    Bugcheck code: 0x4A (0x775B747A, 0x1, 0x0, 0xFFFFFA6008FF4CA0)
    Error: IRQL_GT_ZERO_AT_SYSTEM_SERVICE
    file path: C:\Windows\system32\ntoskrnl.exe
    product: Microsoft® Windows® Operating System
    company: Microsoft Corporation
    description: NT Kernel & System
    Bug check description: This indicates that a thread is returning to user mode from a system call when its IRQL is still above PASSIVE_LEVEL.
    The crash took place in the Windows kernel. Possibly this problem is caused by another driver which cannot be identified at this time.


    It was installed like any other program and no errors upon installation, and the BSOD’s stopped after uninstallation.

    Any ideas.

    Thanks
     
  2. P_R_

    P_R_ Eset Staff Account

    Joined:
    Jul 25, 2012
    Posts:
    62
    Location:
    Slovakia
    Hello,

    we would need complete (or at least kernel) memory dump and SysInspector log from affected system in order to analyze this issue.

    Could you please upload them to safe location and provide us with download details in PM?

    "Possibly this problem is caused by another driver which cannot be identified at this time" - this is caused by missing debugging symbols so we would need mentioned dump.

    Thank you.
     
Thread Status:
Not open for further replies.