[UPDATED 2010-09-04] Warning: don’t use any ESET NOD32 V4.x Antivirus product together with Windows Vista SP2 or Windows Server 2008 SP2
The story: numerous ESET NOD32 V4.x Antivirus product customers reported severe problems after install of Service Pack 2 Windows Vista and Windows Server 2008. First reports showed up begin of May 2009, and at the moment I write this post these reports still continue. Embarrassing: the total lack of feedback from ESET regarding the issue. Like I today already wrote on DSLReports, looking at all the threads and posts in their own support forums regarding the severe Service Pack 2 related problems, like e.g.system crashes, BSODs aso, and the fact that (apparently) ESET refuse to communicate with their PAYING customers about the SP2 related occurances, it is evident that ESET will lose customers. Even worse, their name and products will be scratched. It is a pity because ESET have fine products.
Finally today an ESET employee made a short statement on their support forum, almost 1 month after the first reports were produced:
“An issue with ESET’s V4 software and Service Pack 2 for Microsoft Windows Vista and Windows 2008 has been identified and the developers are working on a solution for it. Currently, I do not have any information about when it will be available or what form it will take, but as soon as more information is available it will be provided.”
Again, 1 month after the first reports were produced. And, even more embarrassing, Service Pack 2 RTM for Windows Vista and Windows Server 2008 are released and ESET is not able to offer fixed software that will solve the severe problems related to Service Pack 2.
ESET, this is bad, really bad. You can’t treat your customers with such incredible arrogance and ignorance.
Considering all disgraceful facts, to me it is a pleasure to grant you the famous Smokey’s Security Weblog 2009 Hall of Shame Award.
My sincere congratulations with this valuable Award!
Smokey
Update 2009-05-30, additional info provided by ESET
“Just to let you know, the web pages ESET posted on the matter have been revised, problem explanation and FAQ (Newsbulletin): http://kb.eset.com/esetkb/index?page=content&id=NEWS30
Provides workarounds (Knowledge Base article): http://kb.eset.com/esetkb/index?page=content&id=SOLN2254
You may want to bookmark these web pages and check them periodically as they will be updated iwth additonal information as it becomes available.”
Update 2009-06-02: ESET patch available to solve the ESET NOD32 V4.x Antivirus products compatibility issues related to Service Pack 2 Windows Vista and Windows Server 2008
A spokesman of ESET just informed me they have a patch (an updated Anti-Stealth module, v1012, build date 20090526) ready to solve the ESET NOD32 V4.x Antivirus products compatibility issues related to Service Pack 2 Windows Vista and Windows Server 2008. According to ESET, right now it is still being tested but they are not aware of any issues or problems from users who have installed it on their Microsoft Windows Vista/Microsoft Windows 2008 systems with SP2 on them.
To obtain the patch, open the ESET user interface, press F5 to open the Advanced Settings window, select Update in the left pane, then Advanced Update Setup in the right pane and check Enable Test Mode at the bottom of the window.
The next time the client performs an virus signature database update, it will also download the updated Anti-Stealth module. If you are running ESET Smart Security, an updated Firewall module will also be downloaded for testing (it contains some other fixes and updates unrelated to the SP2 issue).
Update 2009-06-04: ESET Smart Security v4 and and ESET NOD32 Antivirus v4.0 compatibility update for Vista/Server 2008 SP2 – The fix has moved into production
Statement ESET
Testing of the new Anti-Stealth module to improve compatibility between ESET Smart Security and ESET NOD32 Antivirus v4.0 and Microsoft Windows Vista / Windows Server 2008 Service Pack 2 has successfully completed and distribution has begun. The updated module will be downloaded automatically when a virus signature database update occurs in ESET Smart Security and ESET NOD32 Antivirus.
After the update is downloaded, the entry for the Anti-Stealth module in the About window for ESET Smart Security and ESET NOD32 Antivirus v4 will appear as Anti-Stealth support module: 1012 (20090526). The update is also installed if your Anti-Stealth module has a newer version or release date.
If Anti-Stealth was disabled as a temporary workaround, re-enable it by opening the ESET Graphic User Interface, pressing the F5 key to open the Advanced Setup window, selecting Antivorus and Antispyware in the left navigation pane and enabling (checking) the Enable Anti-Stealth Technology option in the right pane.
Source: Wilders
2010-09-04: Post enlarged with information about a newly occurred severe NOD32 definition update(s) problem
From ESET NOD32 Support Forum on Wilders Security:
after update to v. 5418, you might have encountered a problem with any of the following symptoms:
– ekrn crashed
– system stopped responding
– administrators might have received threat notifications with a blank threat name fieldThe problem was discovered in update 5417 and exhibited after an update to a newer version. To protect our users, we stopped the update as soon as the problems were reported to us.
A newer update 5419, which fixes the problems, has just been released. Note that ekrn may crash once more during update to the latest version due to the problem present in the previous versions 5417/5418.
SOLUTION FOR USERS:
Update to v. 5419 and restart the computer. Ekrn.exe will start and function properly then.SOLUTION FOR SERVER SYSTEMS:
Update to v. 5419 and run “net start ekrn” to start ekrn.exe after a crash.Signed: Marcos, ESET Moderator
See also an ESET kb article about the issue: http://kb.eset.com/esetkb/index?page=content&id=NEWS101
May 26, 2009 - Posted by Smokey | Advisories, Alerts, Downloads, Friends, News, Recommended External Security Related Links | 32-bit (x86), 64-bit (x64), blank threat name field, BSODs with ESET Anti-Virus v4.x products, definition update problem NOD32, DRIVER_IRQL_NOT_LESS_OR_EQUAL, eamon.sys problems, ekrn.exe error, ESET comptability update Vista/Server 2008 SP2, ESET kb knowledgebase article, ESET NOD32 Newsbulletin Vista and Winserver 2008 Service Pack 2 issues, ESET NOD32 V4.x Anti-Virus system crashes, ESET NOD32 Windows Vista - Server 2008 SP2 Service Pack 2 Knowledge Base Article, ESET SP2 patch Antivirus v4.x, ESET SP2 patch Smart Security v4.x, ESET V4.x products updated Anti-Stealth module, eset won't work with SP2, ESS - ESET Smart Security v4.x, Hall of Shame 2008/2009 Awardee, Patch ESET Windows Vista and Windows Server 2008 Service Pack 2 SP2, Smokey's Security Weblog Hall of Shame Award, system stopped responding, update 5418, Virus Signature Database Update version 5417, Windows Server 2008 Service Pack 2, Windows Vista Service Pack 2
17 Comments »
Leave a comment Cancel reply
Introduction
__________________________________________
Text from the song Spark by Amy Macdonald
I am the light in the dark
I am the march
I am the spark
Just dry your tears and I’ll be there
Don’t live for anger all this pain
Don’t worry, I’m ok, I’m ok now
Always in our hearts – R.I.P. Donna Buenaventura
__________________________________________
.
Welcome to Smokey’s Security Weblog!
Let’s introduce myself: my (nick)name is Smokey aka Smokey Bear.
Like my board Smokey’s Security Forums, this blog is mainly devoted to Security and all related issues. However, other issues like e.g. major occurances on my forum and social topics will be blogged too.
My board offer free security and malware related Support, Help, Advice and Education forums, however is not limited to such issues. Smokey’s have also forums with comprehensive Microsoft Windows related issues like Microsoft and Windows OS Based Products News, MS Download Center, MSDN Developer Information, software reviews, browser and tools forums, Webware, Social Networks info, Hardware- and Gadgets forums and last but not least a dedicated Windows Drivers, Linux Drivers, Firmware and BIOS Survey & Updates section containing (recently) released Drivers, Firmware and BIOSses, Windows 7 releases included. Note: most info on Smokey’s is real-time and therefore always up-to-date.
As extra service we have a OTL (formerly OTListIt2) Log Analyzing and Malware Removal/Cleaning Help Forum, full qualified OTL Log Analysers/Malware Hunters will be pleased to help you for free to clean your malware infected PC.
Smokey’s host and maintain the Official Jetico Inc. Support Forums, including the following products:
– Jetico Personal Firewall V1
– Jetico Personal Firewall V2
– Jetico BestCrypt for Windows
– Jetico BestCrypt for Linux
– Jetico BestCrypt for Mac
– Jetico BestCrypt Volume Encryption
– Jetico BCArchive
– Jetico BCWipe for Windows
– Jetico BCWipe for UNIX
Disclaimer: information in this blog can be based on (not confirmed) statements of (anonymous) sources, Smokey’s Security Weblog don’t take any responsabilty for the credibility of these sources and their statements. Also, statements and opinions expressed in articles, reviews and other materials herein, reproduced by me, are those of the authors.
The posts/articles in this blog can be supplemented with so called “Possibly related posts” links. Because these links are automatically generated by WordPress.com, Smokey’s Security Weblog have no influence on the links itself and/or content of them. Therefore this Weblog don’t take any responsability for these links and all related issues.
About Copyright and this Blog: it is allowed to reproduce (parts of) posts in this blog if this reproduction is provided with a direct link to the original blog post. It is NOT allowed to copy, use and/or reproduce any image or blog banner.
Blog comments policy: to restrain indecent and off-topic comments and spam, comments are reviewed before publishing. Therefore, delay in comment publishing is unavoidable. Obligatory language of comments is English.
.
My main task
* Smokey’s Choice Awards *
Smokey's 2011/2012 Choice Awarded software, Highly Recommended by Smokey and Staff *avast! Mobile Security Android* *F-Secure Internet Security 2012* *Malwarebytes Anti-Malware* *Norton Internet Security 2012* *VIPRE Internet Security 2012* *WinPatrol 'Scotty'*** Smokey’s Hall of Shame **
2008 - 2011: *Matousec's Firewall Challenges* 2009 - 2011: *Trend Micro Incorporated*
2009 - 2011: *HP - Hewlett Packard Company*Recommended: Free network protection with OpenDNS
Recommended: F-Secure PC Health Check
Recommended: Dr.Web CureIt! Free Malware Scan
Recommended: Kaspersky Online Antivirus Scan
Recommended: Online Safe Password Generator
Weblog Top Posts
Weblog Top Clicks
- None
Recent Comments
- Aravind on How to enable LTE/4G on Samsung Galaxy Note 3 (SM-N9005)
- Rajiv Bhalla on How to enable LTE/4G on Samsung Galaxy Note 3 (SM-N9005)
- POOJA AGARWAL on How to enable LTE/4G on Samsung Galaxy Note 3 (SM-N9005)
- Antony on Review Updated 2015 MateGo MG380G Full HD – SONY CMOS sensor – built-in-GPS Dashcam Car DVR
- DevonW on Review Updated 2015 MateGo MG380G Full HD – SONY CMOS sensor – built-in-GPS Dashcam Car DVR
Weblog Archives
- May 2017 (1)
- January 2016 (1)
- October 2015 (1)
- June 2015 (1)
- May 2015 (1)
- March 2015 (2)
- June 2014 (1)
- May 2014 (1)
- April 2014 (1)
- March 2014 (1)
- August 2013 (1)
- May 2013 (1)
- January 2013 (4)
- December 2012 (1)
- August 2012 (1)
- July 2012 (1)
- June 2012 (1)
- February 2012 (2)
- December 2011 (2)
- October 2011 (2)
- May 2011 (3)
- April 2011 (2)
- December 2010 (5)
- September 2010 (1)
- August 2010 (2)
- July 2010 (1)
- June 2010 (1)
- May 2010 (1)
- April 2010 (2)
- March 2010 (2)
- February 2010 (2)
- January 2010 (3)
- December 2009 (7)
- November 2009 (5)
- October 2009 (2)
- September 2009 (1)
- August 2009 (3)
- July 2009 (3)
- June 2009 (2)
- May 2009 (10)
- April 2009 (6)
- March 2009 (2)
- February 2009 (3)
- January 2009 (7)
- December 2008 (14)
- November 2008 (13)
- October 2008 (8)
- September 2008 (7)
- August 2008 (12)
- July 2008 (14)
- June 2008 (13)
- May 2008 (10)
- April 2008 (31)
- March 2008 (21)
Smokey’s is Friend of WOT – Web of Trust
Keywords Smokey's Security Weblog
Smokey’s Weblog Google FeedBurner
Smokey’s Weblog Email Subscription Request
Add Smokey’s Weblog to your Technorati Favorites
Sunbelt Blog
- An error has occurred; the feed is probably down. Try again later.
AV-Comparatives Blog
- An error has occurred; the feed is probably down. Try again later.
Giveaway of the Day: commercial software for FREE
Advertisement: Link Logger from Binary Visons
Your IP and location
Blog Visitor Statistics
I updated tp SP2 blissfully unaware of the nod32 problem. SP2 does indeed break nod32. I tried to uninstall it after updating but it wouldn’t completely remove all the files as the eset services were still running after uninstall. When you to try to stop the service in task manager, BSOD. Grrrrr….I finally got all eset files off my computer and I don’t know if I will reinstall it after this. Very disappointed in eset. How long have they known that SP2 was coming out???
Comment by Gong | May 27, 2009 |
I understand your feelings of disappointment, and I know that numerous ESET customers are thinking the same way like you do.
ESET didn’t do their homework in a proper way, you can call it also a crude negligence and customer contempt. And their lack of communication direction customer is condemnable too.
Comment by Smokey | May 27, 2009 |
[…] Hall of Shame Award is seldom granted, therefore all Awardees need our unlimited attention. Yesterday I already mentioned in short that ESET is Awarded, but till yet I hadn’t the time to make an official […]
Pingback by ESET is Smokey’s Security Weblog 2009 Hall of Shame Awardee « Smokey’s Security Weblog | May 28, 2009 |
You guys are not alone.. After updating to SP2 final for Vista today. Eset NOD32 failed to protect system real time defensive. Removal was rather a pain to do, as it lead to safety mode to delete main 2 folders and also removing the services manual. orz
Comment by Silver | May 28, 2009 |
Same issue. Saw the Windows Vista Service Pack 2 update warning and I upgraded – system rebooted and lo and behold – Nod32 was glowing all red in teh system tray. After some frantic searching on the www, after rebooting to linux, i managed to figure out that it was a long drawn out issue, and hadnt been addressed. As a person working in a firm where we release customer software, i cant see how an issue like this has not been addressed. And me, a 2 year paid customer of nod32. Needless to say, i feel extremely shortchanged. And prolly will NOT be renewing my subscription. Maybe move to Kaspersky or Avira – paid version. Currently, I am running Avast Free, to make do for a few days. That said, nod32 has run very well on my comp for the last 2 years almost. Just seems such a shame ..
Comment by pigglywiggly | May 28, 2009 |
And going through teh forums, it seems extremely childish to read posts by an Eset employee named Andrew Goretsky who claims he is not able to reproduce the bug on his systems – whereas in fact, it seems to happen almost to everyone. Is Eset’s system testing environment limited to testing by one person?! on 1 pc?! Ridiculous, mate.
Comment by pigglywiggly | May 28, 2009 |
It’s not the first time I’ve heard of this but you’ve explained it much better. Nice blog, it’s my first time here but I’ll be back for more.
Comment by Steve | February 6, 2010 |
What I find strange is that it is not only version 4.. In the last months of 2009 my desktop started giving start-up problems. At first, starting up twice became ‘normal’ with the question whether to start up in normal or safe mode..
But at that time I still used version 3 (!) But this issue became worse and worse: many times booting 5 to 10 times before my computer started (and BSOD’s too !)
Because buying a new harddisk was in the planning, I decided that now was the right time. So I started with a new hd (WD blue 500gb sata) and a nice, new vista install. AND ofcourse upgraded nod32 to version 4. But as soon as nod32 updates and starts a scan of the start-up files: it crashes my computer. Not once but -again- 6, 7, 8 times..
And blue screens too.
As soon as I manage to disable everything in the Scheduler, or when nod32 is completely removed, the problems are gone.
I mailed to nod32 about this and that I might have to use AVG or something instead.. but got no answer.
This is the first time since 2007 that nod32 give me a headache.
Comment by pat | March 1, 2010 |
To ignore the customer is a matter of arrogance, maybe you should ask ESET again, this time in public in their official support forums: http://www.wilderssecurity.com/forumdisplay.php?f=15 Provide your post with a link to this thread https://smokeys.wordpress.com/2009/05/26/warning-dont-use-any-eset-nod32-v4-x-antivirus-product-together-with-windows-vista-sp2-or-windows-server-2008-sp2/, can be that the ESET folks will wake up and are willing to treat you this time in a decent way.
Comment by Smokey | March 2, 2010 |
We’ve had a number of customers affected by this issue and it’s ongoing. Server 2008 R2 crashing left, right and centre. We can no longer trust Eset Mail Security or NOD on Server 2008 R2.
It’s a real shame because they had / have some great products, however have lost a very significant amount of credibility in a very short space of time.
Comment by Matt | April 16, 2010 |
Just had NOD32 kill 2 critical live servers twice in one week. Won’t be using them again.
Comment by ian j | September 4, 2010 |
I should add our servers are Win 2k3 SP2. Maybe they concentrate testing on Win 2k8 now…..
Comment by ian j | September 4, 2010 |
Hi ian,
it seem that the server crashes are related to a newly occurred severe NOD32 definition update(s) problem, I have enlarged my main ‘Warning: don’t use any ESET NOD32 V4.x Antivirus product together with Windows Vista SP2 or Windows Server 2008 SP2’ article with info about the issue.
Regards,
Smokey
Comment by Smokey | September 4, 2010 |
I have a problem with Eset Nod32. I recently changed my user name and password but still it won’t update. Am I the only one having this problem or is it wide world?
Comment by Peter Muniu | September 17, 2010 |
ESET Nod 32 killed my laptop. I only used it for a month, later my laptop starts not open microsoft office and visual studio documents. I ended up formating my laptop, I lost everything I saved and even now some of my programs are not working. It was a disaster indeed.
Comment by Matimba Makwakwa | October 27, 2010 |
ESET has the worst product and customer service ever. It all started for me 4-5 weeks ago when I would perform web search, click on a link and would be re-directed to a totally unrelated web site. I realized I had spyware, despite ESET’s promise of “protecting my digital worlds.” I have been ESET client for years now, and keep my system and definition files up to date. When I contacted ESET, they “gave” me a solution to my problem, to run advanced cleaning tool. After I performed the 1-5 steps, my system totally stalled! Registry was totally messed up.
Comment by Jenny | November 2, 2010 |
And that went “up” b4 I finished. I contacted the ESET customer service and complained about the issues. Never got response, even though I got service tickets… Since I did not believe in ESET anymore, I ran BitDefender which operates on Linux. It detected 69 Trojans and other malware in my registry. Contacted ESET again, no response. Just to let you know that your digital worlds might not be all that well protected!!!
Comment by Jenny | November 2, 2010 |