On my firm, some servers started with random reboots. Event viewer reads: Event ID: 6008 The previous system shutdown at h:mm:ss AM on d/mm/yyyy was unexpected. Since Eset does not reply the questions I pose them on their support web form, I asked their resseller, and they replied him: we have discovered that the problem occurs on multiprocessor systems (mostly server editions with DC) running NOD32 with IMON enabled. The only workaround is either to disable the Hyper-threading feature in BIOS, or turn off IMON if you don't use it for checking email until we come out with a fix. since you don't use any mail client on the server, it's not risky. I estimate we will come out with a fix within next week. Not risky What do you say about this screen shot taken from my RA console (dozens of Virus alerts triggered buy module IMON)? How come Eset saying to disable IMON is not risky, when more than 95% of worm attacks are detected by IMON in my firm?