Ahoy Soy 0 Posted May 14, 2019 Posted May 14, 2019 I have a dell laptop which has endpoint version 6 on. A staff member tried to enable hypervisor manager on their PC. It now loads BSOD reporting the error EDCEMON.SYS has caused the error. I have found a similar thread which you can download the edvemon.sys however it no longer exsists. Any known fixes for this? Thanks, James
Administrators Marcos 5,452 Posted May 14, 2019 Administrators Posted May 14, 2019 If possible, uninstall ESET and install the latest version of Endpoint v7.1. In case of problems with uninstallation, use the Uninstall tool in safe mode as per https://support.eset.com/kb2289/. Should the problem persist, please carry on as follows: 1, Configure Windows to generate complete memory dumps as per https://support.eset.com/kb380/. 2, After a reboot, reproduce BSOD. 3, Gather logs with ESET Log Collector (e.g. after removing ESET in safe mode). Provide us with both the dump (in a compressed form) and ELC logs. You can upload them to a safe location and drop me a private message with download links.
Ahoy Soy 0 Posted May 14, 2019 Author Posted May 14, 2019 Hi Marcos, Unfortunately I cannot boot the PC even in safe mode. I cannot get the .exe to work in the BSOD CMD either. Is it possible to get a link to the edvemon.sys file? Thanks
itman 1,801 Posted May 14, 2019 Posted May 14, 2019 Do you have Win 10 Secure Boot enabled? If so, I would disable it and see if the PC will now boot.
Ahoy Soy 0 Posted May 14, 2019 Author Posted May 14, 2019 It won't boot unfortunately, good idea however.
Administrators Marcos 5,452 Posted May 14, 2019 Administrators Posted May 14, 2019 What exact version of Endpoint do you have installed? Is it a 32 or 64-bit OS?
itman 1,801 Posted May 14, 2019 Posted May 14, 2019 2 hours ago, Ahoy Soy said: It now loads BSOD reporting the error EDCEMON.SYS has caused the error. Did you mistype that driver name? There is no Eset or Win 10 driver so named that I am aware of.
Administrators Marcos 5,452 Posted May 14, 2019 Administrators Posted May 14, 2019 I'm sure the OP meant edevmon.sys which is the only driver that may cause the said issue if removed from the disk without being properly unregistered from the chain in the registry.
Ahoy Soy 0 Posted May 14, 2019 Author Posted May 14, 2019 Thanks for sending the file, I managed to replace this in the drivers folder and the PC is now working! Does the new system file mean I can use hyper V or do I need to update eset to version 6.5 or higher?
Administrators Marcos 5,452 Posted May 14, 2019 Administrators Posted May 14, 2019 I would strongly recommend upgrading to the latest version of Endpoint v7.1. V7 brought support for streamed updates to react even quicker to new threats and also Behavioral inspection was added among other improvements and fixes so upgrade definitely makes sense.
Ahoy Soy 0 Posted May 14, 2019 Author Posted May 14, 2019 The plan is to move across to 7 ASAP so its not in the too distant future. Thanks for your help
Recommended Posts