[BSOD at startup caused by em018k_64.dll]

22 hours ago, Marcos said:

Please continue as follows:

- configure Windows to generate complete memory dumps as per https://support.eset.com/kb380/
- restart Windows and reproduce BSOD
- after a restart, compress the memory dump, upload it to a safe location (e.g. Dropbox, OneDrive, etc.)
- collect logs with ELC and upload the generated archive
- drop me a message with both download links.

Here is the Minidump files:

https://1drv.ms/u/s!Am0esqMQ79E1niBJ9CL_4hL2sL21.

I've uninstalled ESET due to this issue. So I didn't collect any logs with ELC.

[BSOD at startup caused by em018k_64.dll]

%90 of the time I'm getting BSOD at Windows log in since the last 17063 Build. I've checked the Minidump and it's apperantly caused by ESET. I'm using Windows 10 Insider Preview and that's probably why it's happening  Here is the information if anyone cares:

IRQL_NOT_LESS_OR_EQUAL (a)
An attempt was made to access a pageable (or completely invalid) address at an
interrupt request level (IRQL) that is too high.  This is usually
caused by drivers using improper addresses.
If a kernel debugger is available get the stack backtrace.
Arguments:
Arg1: 0000000000000010, memory referenced
Arg2: 0000000000000002, IRQL
Arg3: 0000000000000000, bitfield :
	bit 0 : value 0 = read operation, 1 = write operation
	bit 3 : value 0 = not an execute operation, 1 = execute operation (only on chips which support this level of status)
Arg4: fffff8018e7d5c88, address which referenced memory

Debugging Details:
------------------

TRIAGER: Could not open triage file : e:\dump_analysis\program\triage\modclass.ini, error 2

READ_ADDRESS: unable to get nt!MmSpecialPoolStart
unable to get nt!MmSpecialPoolEnd
unable to get nt!MmPagedPoolEnd
unable to get nt!MmNonPagedPoolStart
unable to get nt!MmSizeOfNonPagedPoolInBytes
 0000000000000010 

CURRENT_IRQL:  2

FAULTING_IP: 
nt!IopInsertRemoveDevice+5c
fffff801`8e7d5c88 488b01          mov     rax,qword ptr [rcx]

CUSTOMER_CRASH_COUNT:  1

DEFAULT_BUCKET_ID:  WIN8_DRIVER_FAULT

BUGCHECK_STR:  AV

PROCESS_NAME:  services.exe

TRAP_FRAME:  fffff60d18698710 -- (.trap 0xfffff60d18698710)
NOTE: The trap frame does not contain all registers.
Some register values may be zeroed or incorrect.
rax=0000000000000000 rbx=0000000000000000 rcx=0000000000000010
rdx=0000000000000000 rsi=0000000000000000 rdi=0000000000000000
rip=fffff8018e7d5c88 rsp=fffff60d186988a0 rbp=fffff60d18698950
 r8=0000000000000000  r9=ffffe380dc4c1910 r10=0000000000000000
r11=0000000000000000 r12=0000000000000000 r13=0000000000000000
r14=0000000000000000 r15=0000000000000000
iopl=0         nv up ei pl nz na po cy
nt!IopInsertRemoveDevice+0x5c:
fffff801`8e7d5c88 488b01          mov     rax,qword ptr [rcx] ds:00000000`00000010=????????????????
Resetting default scope

LAST_CONTROL_TRANSFER:  from fffff8018e859c29 to fffff8018e84dc00

STACK_TEXT:  
fffff60d`186985c8 fffff801`8e859c29 : 00000000`0000000a 00000000`00000010 00000000`00000002 00000000`00000000 : nt!KeBugCheckEx
fffff60d`186985d0 fffff801`8e857e16 : 00000000`00000000 00000000`00000000 fffff801`8e991eb8 ffffd20b`e3d6b5d0 : nt!KiBugCheckDispatch+0x69
fffff60d`18698710 fffff801`8e7d5c88 : ffffd20b`00000000 ffffd20b`e39084b0 ffffd20b`ef14ea60 ffffd20b`e86793f0 : nt!KiPageFault+0x256
fffff60d`186988a0 fffff801`8e7d5af9 : 00000000`00000000 ffffd20b`e86793f0 00000000`0000001a fffff801`00000000 : nt!IopInsertRemoveDevice+0x5c
fffff60d`186988d0 fffff801`8e7d58b6 : 00000000`00000000 ffffd20b`ef0b3400 ffffd20b`ef14ea60 ffffd20b`ef0b34b0 : nt!IopCompleteUnloadOrDelete+0x99
fffff60d`18698990 fffff80e`c4371cd8 : ffffd20b`e6cfc078 00000000`00000000 00000000`00000000 ffffd20b`e6cfc078 : nt!IoDeleteDevice+0x76
fffff60d`186989c0 ffffd20b`e6cfc078 : 00000000`00000000 00000000`00000000 ffffd20b`e6cfc078 ffffd20b`e6cfc078 : em018k_64+0x21cd8
fffff60d`186989c8 00000000`00000000 : 00000000`00000000 ffffd20b`e6cfc078 ffffd20b`e6cfc078 fffff80e`c4371c88 : 0xffffd20b`e6cfc078


STACK_COMMAND:  kb

FOLLOWUP_IP: 
em018k_64+21cd8
fffff80e`c4371cd8 488b4308        mov     rax,qword ptr [rbx+8]

SYMBOL_STACK_INDEX:  6

SYMBOL_NAME:  em018k_64+21cd8

FOLLOWUP_NAME:  MachineOwner

MODULE_NAME: em018k_64

IMAGE_NAME:  em018k_64.dll

DEBUG_FLR_IMAGE_TIMESTAMP:  5a1c223d

FAILURE_BUCKET_ID:  X64_AV_em018k_64+21cd8

BUCKET_ID:  X64_AV_em018k_64+21cd8

Followup: MachineOwner
---------

Since that I have deleted the previous build files, I'm totally stucked with this new build and I'll probably remove ESET and wait for an update.

ESET Smart Security Version: 10.1.235.1