ESET NOD hard-lock (v4.2.67.10)

Discussion in 'ESET NOD32 Antivirus' started by Carbonyl, Jan 4, 2011.

Thread Status:
Not open for further replies.
  1. Carbonyl

    Carbonyl Registered Member

    Joined:
    May 19, 2009
    Posts:
    256
    Hi everyone,

    I've just had a rather disturbing event transpire that's never happened at all: My entire system (Running Windows 7 x64) completely hard-locked on me for several moments. Eventually I regained control, but investigating my system logs and looking at ESET revealed that NOD had crashed horribly, and restarted itself.

    I've never had NOD crash on me before, though I admit that in the last three weeks I've upgraded from an earlier version of 4.X to 4.2.67.10.

    Is this indicative of my being infected with anything? Did something kill NOD so it could play nasty games? I was running Opera at the time, but it was operating inside Sandboxie.

    My NOD information is as follows:

    Code:
    Virus signature database: 5758 (20110104)
    Update module: 1031 (20091029)
    Antivirus and antispyware scanner module: 1293 (20101110)
    Advanced heuristics module: 1115 (20101116)
    Archive support module: 1123 (20101108)
    Cleaner module: 1050 (20101207)
    Anti-Stealth support module: 1023 (20101125)
    SysInspector module: 1217 (20100907)
    Self-defense support module : 1018 (20100812)
    Real-time file system protection module: 1004 (20100727)
    In the event viewer, during the crashes, I see:

    Code:
    Faulting application name: ekrn.exe, version: 4.2.67.10, time stamp: 0x4cd2d774
    Faulting module name: ntdll.dll, version: 6.1.7600.16559, time stamp: 0x4ba9b29c
    Exception code: 0xc0000005
    Fault offset: 0x0002e1fe
    Faulting process id: 0x604
    Faulting application start time: 0x01cbac18b8b782b0
    Faulting application path: C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
    Faulting module path: C:\Windows\SysWOW64\ntdll.dll
    Report Id: f75fa3f0-180c-11e0-822a-001fbc01945b
    And

    Code:
    Fault bucket , type 0
    Event Name: APPCRASH
    Response: Not available
    Cab Id: 0
    
    Problem signature:
    P1: ekrn.exe
    P2: 4.2.67.10
    P3: 4cd2d774
    P4: ntdll.dll
    P5: 6.1.7600.16559
    P6: 4ba9b29c
    P7: c0000005
    P8: 0002e1fe
    P9: 
    P10: 
    
    Attached files:
    C:\Windows\Temp\WERD2F2.tmp.appcompat.txt
    C:\Windows\Temp\WERD380.tmp.WERInternalMetadata.xml
    C:\Windows\Temp\WERD381.tmp.hdmp
    C:\Windows\Temp\WERD44D.tmp.mdmp
    
    These files may be available here:
    C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_ekrn.exe_5cafdb419b39a302b95eedcc5235e7e1e346185_cab_053ad498
    
    Analysis symbol: 
    Rechecking for solution: 0
    Report Id: f75fa3f0-180c-11e0-822a-001fbc01945b
    Report Status: 4
    Any help with this would be appreciated. I'm not sure if this is something seriously wrong, and I need to panic about infection, or if it's just a fluke, and everything is OK. Thanks.
     
  2. Marcos

    Marcos Eset Staff Account

    Joined:
    Nov 22, 2002
    Posts:
    14,374
    This has already been discussed here, please the posts at the end. To keep this issue discussed in one thread, we'll draw this one to a close.
     
Thread Status:
Not open for further replies.