ESET NOD hard-lock (v4.2.67.10)

Hi everyone,

I've just had a rather disturbing event transpire that's never happened at all: My entire system (Running Windows 7 x64) completely hard-locked on me for several moments. Eventually I regained control, but investigating my system logs and looking at ESET revealed that NOD had crashed horribly, and restarted itself.

I've never had NOD crash on me before, though I admit that in the last three weeks I've upgraded from an earlier version of 4.X to 4.2.67.10.

Is this indicative of my being infected with anything? Did something kill NOD so it could play nasty games? I was running Opera at the time, but it was operating inside Sandboxie.

My NOD information is as follows:

Code:

Virus signature database: 5758 (20110104)
Update module: 1031 (20091029)
Antivirus and antispyware scanner module: 1293 (20101110)
Advanced heuristics module: 1115 (20101116)
Archive support module: 1123 (20101108)
Cleaner module: 1050 (20101207)
Anti-Stealth support module: 1023 (20101125)
SysInspector module: 1217 (20100907)
Self-defense support module : 1018 (20100812)
Real-time file system protection module: 1004 (20100727)

In the event viewer, during the crashes, I see:

Code:

Faulting application name: ekrn.exe, version: 4.2.67.10, time stamp: 0x4cd2d774
Faulting module name: ntdll.dll, version: 6.1.7600.16559, time stamp: 0x4ba9b29c
Exception code: 0xc0000005
Fault offset: 0x0002e1fe
Faulting process id: 0x604
Faulting application start time: 0x01cbac18b8b782b0
Faulting application path: C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
Faulting module path: C:\Windows\SysWOW64\ntdll.dll
Report Id: f75fa3f0-180c-11e0-822a-001fbc01945b

And

Code:

Fault bucket , type 0
Event Name: APPCRASH
Response: Not available
Cab Id: 0

Problem signature:
P1: ekrn.exe
P2: 4.2.67.10
P3: 4cd2d774
P4: ntdll.dll
P5: 6.1.7600.16559
P6: 4ba9b29c
P7: c0000005
P8: 0002e1fe
P9: 
P10: 

Attached files:
C:\Windows\Temp\WERD2F2.tmp.appcompat.txt
C:\Windows\Temp\WERD380.tmp.WERInternalMetadata.xml
C:\Windows\Temp\WERD381.tmp.hdmp
C:\Windows\Temp\WERD44D.tmp.mdmp

These files may be available here:
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_ekrn.exe_5cafdb419b39a302b95eedcc5235e7e1e346185_cab_053ad498

Analysis symbol: 
Rechecking for solution: 0
Report Id: f75fa3f0-180c-11e0-822a-001fbc01945b
Report Status: 4

Any help with this would be appreciated. I'm not sure if this is something seriously wrong, and I need to panic about infection, or if it's just a fluke, and everything is OK. Thanks.

 

This has already been discussed here, please the posts at the end. To keep this issue discussed in one thread, we'll draw this one to a close.