Recurring BSODs point to eamon.sys

I was encouraged to post these problems to see if a potential solution is available. Any help would be great.

Had three BSODs in the last couple months. Didn't know what to do with them until today. The first and second pointed to eamon.sys. Today's dump cited pool_corruption. I suspect that this error might still be from the eamon.sys, but didn't get far enough to dump the actual problem.

I am running ESET NOD32 v3.0.657.0

Here is the dump analyzer:
Loading Dump File [C:\WINDOWS\Minidump\Mini020409-01.dmp]
Mini Kernel Dump File: Only registers and stack trace are available

WARNING: Whitespace at end of path element
WARNING: Whitespace at end of path element
Symbol search path is: srv*C:\Symbols*http://msdl.microsoft.com/download/symbols




Executable search path is: c:\windows\i386
Windows XP Kernel Version 2600 (Service Pack 3) MP (2 procs) Free x86 compatible
Product: WinNt, suite: TerminalServer SingleUserTS
Built by: 2600.xpsp_sp3_gdr.080814-1236
Machine Name:
Kernel base = 0x804d7000 PsLoadedModuleList = 0x8055d720
Debug session time: Wed Feb 4 21:25:06.303 2009 (GMT-
System Uptime: 0 days 0:01:58.896
Loading Kernel Symbols
...............................................................
................................................................
...........
Loading User Symbols
Loading unloaded module list
..........
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************

Use !analyze -v to get detailed debugging information.

BugCheck 19, {20, e238e7b9, e238e7d9, c041708}

*** WARNING: Unable to verify timestamp for eamon.sys
*** ERROR: Module load completed but symbols could not be loaded for eamon.sys
Unable to load image easdrv.sys, Win32 error 0n2
*** WARNING: Unable to verify timestamp for easdrv.sys
*** ERROR: Module load completed but symbols could not be loaded for easdrv.sys
Probably caused by : eamon.sys ( eamon+3cae )

Followup: MachineOwner
---------

1: kd> !analyze -v
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************

BAD_POOL_HEADER (19)
The pool is already corrupt at the time of the current request.
This may or may not be due to the caller.
The internal pool links must be walked to figure out a possible cause of
the problem, and then special pool applied to the suspect tags or the driver
verifier to a suspect driver.
Arguments:
Arg1: 00000020, a pool block header size is corrupt.
Arg2: e238e7b9, The pool entry we were looking for within the page.
Arg3: e238e7d9, The next pool entry.
Arg4: 0c041708, (reserved)

Debugging Details:
------------------


BUGCHECK_STR: 0x19_20

POOL_ADDRESS: e238e7b9

CUSTOMER_CRASH_COUNT: 1

DEFAULT_BUCKET_ID: DRIVER_FAULT

PROCESS_NAME: ekrn.exe

LAST_CONTROL_TRANSFER: from 8054b583 to 804f9f43

STACK_TEXT:
a4065564 8054b583 00000019 00000020 e238e7b9 nt!KeBugCheckEx+0x1b
a40655b4 b9d3ab4b e238e7c1 00000000 b9d36198 nt!ExFreePoolWithTag+0x2a3
a40655c0 b9d36198 002fa800 00000000 cdefa900 Ntfs!NtfsCommonCreate+0x1563
a40657c4 b9d37f2d 89a13c18 88924c88 a406581c Ntfs!NtfsCommonCreate+0x14c0
a40658a8 804ef19f 8a5c6020 88924c88 8897c0f8 Ntfs!NtfsFsdCreate+0x1dc
a40658b8 b9de4876 88f15870 8a5bb7d0 89a14c60 nt!IopfCallDriver+0x31
a4065904 804ef19f 8a621918 00000001 00000000 sr!SrCreate+0x150
a4065914 a5577cae 88924c98 88e33f38 8897c0f8 nt!IopfCallDriver+0x31
WARNING: Stack unwind information not available. Following frames may be wrong.
a4065948 804ef19f 000006f4 88924c88 88924c88 eamon+0x3cae
a4065958 805831fa 8a5ceb80 88a81274 a4065af0 nt!IopfCallDriver+0x31
a4065a38 805bf450 8a5ceb98 00000000 88a811d0 nt!IopParseDevice+0xa12
a4065ab0 805bb9dc 00000000 a4065af0 00000040 nt!ObpLookupObjectName+0x53c
a4065b04 80576033 00000000 00000000 a14ba801 nt!ObOpenObjectByName+0xea
a4065b80 805769aa 0479d4d8 80100080 0479d4f4 nt!IopCreateFile+0x407
a4065bdc b289c739 0479d4d8 80100080 0479d4f4 nt!IoCreateFile+0x8e
a4065c1c b289ca55 0479d440 a4b4d407 89067ed0 easdrv+0x2739
a4065c5c 80580487 88e88400 00000001 0479d440 easdrv+0x2a55
a4065d00 80579274 00000190 00000000 00000000 nt!IopXxxControlFile+0x255
a4065d34 8054162c 00000190 00000000 00000000 nt!NtDeviceIoControlFile+0x2a
a4065d34 7c90e4f4 00000190 00000000 00000000 nt!KiFastCallEntry+0xfc
0479d3f0 00000000 00000000 00000000 00000000 0x7c90e4f4


STACK_COMMAND: kb

FOLLOWUP_IP:
eamon+3cae
a5577cae ??

SYMBOL_STACK_INDEX: 8

SYMBOL_NAME: eamon+3cae

FOLLOWUP_NAME: MachineOwner

MODULE_NAME: eamon

IMAGE_NAME: eamon.sys

DEBUG_FLR_IMAGE_TIMESTAMP: 480f2fc9

FAILURE_BUCKET_ID: 0x19_20_eamon+3cae

BUCKET_ID: 0x19_20_eamon+3cae

Followup: MachineOwner
---------

 

First of all, please install the latest version of EAV 3.0.684 and restart the computer. Should the problem persist, we'll need to get a kernel or complete memory dump.

 

Checking back after updrading to version 3.0.684.

Got another BSOD. This one also points to eamon.sys. I had changed the dump to a kernel memory dump, per your suggestion. How do I get that to you?

Also, just to I ran MemTest over night a couple weeks ago. 12 passes and no errors.

 

It's not your memory, its ESET's software. I got it all the time too with V4. Had to go back to V3, as I wait with thousands of others from word on an updated/fixed version of V4.