Jump to content

Recommended Posts

Posted (edited)

I disabled AMS and loaded the new module... I can't mess around with the system any longer, becaue my clients need to work with it.

Edited by zer0g
Posted

We have likely found the cause of the issue in software that directly accesses hardware ports and does mapping in a way that we think is not correct and also according to Microsoft in scenarios when also another driver does mapping in a recommended way this may lead to unpredictable system results. We have made a workaround in Antivirus and antispyware protection module 1162 (currently available on pre-release servers and for all v9 beta users) to prevent this from happening when such drivers are installed.

 

Please confirm or deny that the issue is fixed with Antivirus and antispyware protection module 1462.

 

Should the problem persist, please supply us with a new memory dump (compress it before uploading). Also carry out the following test, if possible:

- uninstall v8 and restart the computer

- install v8 but don't activate / update it

- disabled Advanced memory scanner in the advanced setup -> HIPS

- restart the computer

- update v8

- let us know if disabling AMS solves the issue.

 

Marco,

 

That number doesn't seem to make sense with any updates I am seeing - how does one get "Antivirus and antispyware protection module 1162"?

 

Ronnie

  • Administrators
Posted
That number doesn't seem to make sense with any updates I am seeing - how does one get "Antivirus and antispyware protection module 1162"?

 

Sorry, I made a typo. The correct module version is 1462.

  • Administrators
Posted

I disabled AMS and loaded the new module... I can't mess around with the system any longer, becaue my clients need to work with it.

 

AMS is a crucial protection layer and should always be kept enabled. All I wanted is somebody with spare time for testing to uninstall v8, install it from scratch without activating it and downloading updates, and then disable AMS to see if it makes a difference.

Posted (edited)

 

I disabled AMS and loaded the new module... I can't mess around with the system any longer, becaue my clients need to work with it.

 

AMS is a crucial protection layer and should always be kept enabled. All I wanted is somebody with spare time for testing to uninstall v8, install it from scratch without activating it and downloading updates, and then disable AMS to see if it makes a difference.

 

Do you mean the updates of regular update or pre-release?

Edited by fanstein
  • Administrators
Posted

Do you mean the updates of regular update or pre-release?

 

Antivirus and antispyware module 1462 that contains a workaround for what we think causes BSOD is currently available on pre-release servers only. If we get no reports of BSODs with it, we will start pushing it gradually to regular update servers soon.

Posted

 

Do you mean the updates of regular update or pre-release?

 

Antivirus and antispyware module 1462 that contains a workaround for what we think causes BSOD is currently available on pre-release servers only. If we get no reports of BSODs with it, we will start pushing it gradually to regular update servers soon.

 

I did all the case, 

1. regular update + no AMS = no BSOD 

2. regular update + AMS = as long as I enable it and press OK, BSOD LOL, and I can't get to desktop any more, have to uninstall it in safe mode

3.pre-release + AMS = no BSOD when I press OK at setting and so far no BSOD

 

I will let you know if I got 0x00000124 again

Posted

This issue has been occuring for me for the past 3 days - I've an Asus Z87-Pro board with Windows 7 Pro SP1 and AI Suite 3 running. While I have had several BSODs, mainly my system just freezes totally within 5 minutes of boot. My system had been up and down using hibernation for approx 10 days without full reboot prior to this. Like other users, Eset had been running without problems in this machine for 18 months.

 

I've disabled all new Windows GWX  components from within the Task Scheduler and disabled all CEIP tasks to see if any MS X10 changes have impacted but crashes continued to occur.

 

Following the instructions from Marcos, I've uninstalled Eset, re-installed with 'Activate Later', enabled pre-release updates, disabled HIPS and AMS. Then I activated to receive updates, verified from the Help->About Smart Security 8 that the module was version 1462.

 

Rebooted and system froze within 5 minutes. I'm back to square 1 with Eset disabled from Msconfig...

Posted

This issue has been occuring for me for the past 3 days - I've an Asus Z87-Pro board with Windows 7 Pro SP1 and AI Suite 3 running. While I have had several BSODs, mainly my system just freezes totally within 5 minutes of boot. My system had been up and down using hibernation for approx 10 days without full reboot prior to this. Like other users, Eset had been running without problems in this machine for 18 months.

 

I've disabled all new Windows GWX  components from within the Task Scheduler and disabled all CEIP tasks to see if any MS X10 changes have impacted but crashes continued to occur.

 

Following the instructions from Marcos, I've uninstalled Eset, re-installed with 'Activate Later', enabled pre-release updates, disabled HIPS and AMS. Then I activated to receive updates, verified from the Help->About Smart Security 8 that the module was version 1462.

 

Rebooted and system froze within 5 minutes. I'm back to square 1 with Eset disabled from Msconfig...

Having the same issue with multiple customers. Also went through all the steps to get Pre-Release updates and unchecked "AMS". Was ok until reboot and crashes within 4minutes. Only way I can have these systems up and running with ESET is to rename ehdrv.sys to .old and leave the whole HIPS module disabled. 

  • Administrators
Posted

Please supply us with fresh memory dumps if you encounter BSOD with Antivirus and antispyware module 1462 installed. If you have one ready, compress it, upload it to a safe location and pm me the download link.

Posted (edited)

Here is something to check out on this issue.

 

Windows Updates for June offered an Intel microcode optional update: https://support.microsoft.com/en-us/kb/3064209 . It was dated 6/19/2015. Most of the posts on these BSODs started after that date. Would be curious to see if people having issues with Eset SS or NOD32 have installed this update.

 

-EDIT- Known problems with this update: hxxp://www.sevenforums.com/windows-updates-activation/373250-recent-windows-update-kb3064209-causes-windows-7-not-boot.html

Edited by itman
Posted

Please supply us with fresh memory dumps if you encounter BSOD with Antivirus and antispyware module 1462 installed. If you have one ready, compress it, upload it to a safe location and pm me the download link.

Since some of these other systems are not BSOD but just locking up there is no memory dump being placed in the root of C. Would we follow the steps outlined in :   hxxp://kb.eset.com/esetkb/index?page=content&id=SOLN380&actp=search&viewlocale=en_US&searchid=1435331385212      to create a manual memory dump. We would do the CTRL and SCROLL lock after user login before freeze?  

Posted

@Marcos

As I am experiencing freezes/lockups as opposed to BSODs, I don't think I have any memory dumps to forward. If you think a manual memory dump (a couple of minutes after boot, say) would be useful, let me know and I'll try to schedule.

 

WRT to windows updates, these were the last updates installed:

Description      FixComments  HotFixID   InstallDate  InstalledBy            InstalledOn  Name  ServicePackInEffect  Status 
Update                        KB2952664               NT AUTHORITY\SYSTEM    6/22/2015                                      
Security Update               KB3033890               NT AUTHORITY\SYSTEM    6/22/2015                                      
Update                        KB3054476               NT AUTHORITY\SYSTEM    6/22/2015                                      
Security Update               KB3057839               NT AUTHORITY\SYSTEM    6/22/2015                                      
Security Update               KB3058515               NT AUTHORITY\SYSTEM    6/22/2015                                      
Security Update               KB3059317               NT AUTHORITY\SYSTEM    6/22/2015                                      
Update                        KB3068708               NT AUTHORITY\SYSTEM    6/22/2015                                      

Failed Update:
Security Update for Windows 7 for x64-based Systems (KB3063858)
Installation date: ‎22/‎06/‎2015 15:30
Installation status: Failed
Error details: Code 8024200D
Update type: Important

 

I've installed the hotfix for failed patch above (kb947821) so my system should be fully updated.

 

Prior to this, the last Windows update (excluding Defender definitions) was May 21.

Posted

Hi Marcos,

 

I have AntiVirus on a Gigabyte motherboard and have the App Center installed.

 

I renamed the Program Files/ESET folder in safe mode, restarted in normal mode, renamed the ESET folder back to the original name, uninstalled, restarted, reinstalled, restarted, changed to the pre-release updates and updated, and restarted to test.  Everything worked well.  I also ran a smart scan last night and it worked well.  I never did turn of the advanced memory scan.

 

--Thanks,
--Robert

  • Administrators
Posted

Please let me know if anybody with a Gigabyte motherboard is still having issues despite having the latest Antivirus and antispyware module 1462 installed. I've just successfully reproduced BSOD with such MB upon launching System Information Viewer, however, after updating from pre-release servers I was unable to reproduce the crash any more. So it seems that the latest module solves the issues with Gigabyte motherboards at least.

 

If you experience freezes, please generate a complete memory dump manually. When done, compress it, upload it to a safe location and pm me the download link.

 

We highly appreciate your willingness to co-operate with us on this matter which will hopefully bear its fruit soon as we hope.

Posted

Please let me know if anybody with a Gigabyte motherboard is still having issues despite having the latest Antivirus and antispyware module 1462 installed. I've just successfully reproduced BSOD with such MB upon launching System Information Viewer, however, after updating from pre-release servers I was unable to reproduce the crash any more. So it seems that the latest module solves the issues with Gigabyte motherboards at least.

 

If you experience freezes, please generate a complete memory dump manually. When done, compress it, upload it to a safe location and pm me the download link.

 

We highly appreciate your willingness to co-operate with us on this matter which will hopefully bear its fruit soon as we hope.

The manual memory dump is not working. I do the RIGHT CONTROL and SCROLL lock after making key in reg and doesn't do anything.

Posted (edited)

Sorry about the delay on my part, I've been rather busy.

 

Just tried installing the 1462 module and re-installing the Gigabyte App Center. No BSOD on boot, so there's definitely progress there. I'll keep both installed for now and see if it holds up over the weekend.

 

Here is something to check out on this issue.

 

Windows Updates for June offered an Intel microcode optional update: https://support.microsoft.com/en-us/kb/3064209 . It was dated 6/19/2015. Most of the posts on these BSODs started after that date. Would be curious to see if people having issues with Eset SS or NOD32 have installed this update.

 

Just cheked, I personally do not have that installed, so at least for me that wasn't the culprit.


*Update*

 

So, my PC has been running for a good 14 hours now with the 1462 module installed together with the gigabyte app center, and everything works smoothly. No BSODs, no performance issues, just smooth sailing all the way. So the problem seems fixed.

Edited by Henduluin
Posted

Hi,

Having the same issue with 8.0.312.0 Pre-Release update 1462.

Motherboard is a ASUS Z87 Sabertooth.

All Windows Critical, Important and optional updates installed.

System freezes without a BSOD, but freezes keyboard  and mouse inputs.

No indicators of compromise using multiple scanners, Malwarebytes, TDSKiller, ESET Rescue, etc.

 

Uninstalled ESET and system runs fine.

I am now scanning with Loki for IOC's.

 

I plan to upload a BSOD dump after the loki scan completes.

I will keep you posted.

 

Thanks to all for the help so far.

Posted

After a few days of use, no BSOD anymore with update 11857P, for the record, I am using Gigabyte G1.Sniper Z87 motherborad, thank you Marcos.

Posted (edited)

I uninstalled the Gigabyte APP Center a couple days ago and running ESET Smart Security without Blue Screens-

 

Is it safe to download the latest ESET SS and re-install the Gigabyte APP Center yet?

Edited by pizzly
Posted

Hi, I have returned and have explored the system and found that no Minidump file were created since 11/2014. Attempting to determine why.

Boot Drive is SSD settings for BSOD dump are in effect. So I don't have BSOD dump.

 

I do have a DM Log Collector Zip File.

Size=4.2Mb.

 

I have not reinstalled ESET Smart Security 8.

I am running Lastest Updated Windows Defender and MS Firewall and a fully licensed and updated Malwarebytes Premium.

Ohwellian-BSOD_ESET.zip

Posted

Hi, I have returned and have explored the system and found that no Minidump file were created since 11/2014.

2nd File. I hope this can be attached below.

 

 

msinfo32-Ohwellian.zip

Posted

Thanks to the folks with the Gigabyte MoBo App Center Products and MoBo's

Hi,
I persisted with fixing this myself from the "Man" knows better than "Machine" standpoint. I took a lesson from Pizzly and Fanstein. Uninstalled the following: ASUS Sabertooth Z87 Apps. -- Removal completed successfully.

AI Suite III, ASUS Product Register Program, ASUS Product Register Program, Asus Fan Control Service, Asus WebStorage Windows Service

I reinstalled ESET 2014 from the CD with the downloaded update that gets Smart Security 8.0.312, AV Signature is 11881 (20150702) 6:15 PM (MST-7)

I am running on ESET 8.0.312, So far all is well.

As far as I can surmise something killed the Win8.1 of making BSOD dumps and also rendered the system incapable of running an ESET startup scan. 11/2014.
The ASUS geo-location of code writers manufacturers with malware are suspect.

Oh Well. Now more scans are needed and I do need the FAN Control back.
Need to find out why dumps did not occur too,

Posted

I was having this problem as well -- but installing KB2664888-v2 fixed the problem.

Win 7 x64

Gigabyte G1.Sniper.H6

I do have Gigabyte App Center installed

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...