I came here for a solution to various frustrating problems I am experiencing with NOD32. I manage several websites and servers where I use(d) NOD32 and SmartSecurity 4.

I have several Windows 2003 servers where I host our business websites. Initially, I installed NOD32 tral version. Everything went fine until I reached close to the expiration of trial. Then it started using 100% CPU all the time. After trying all kinds of tweaking, I uninstalled the trail version.

Thinking that the expired trial version may be causing the problem, I went ahead and bought the NOD32 Antivirus licensed version. It occassionally created the 100% CPU problems.

Finally I decided to "upgrade" to Smart Security 4. The experience was horrible. Out of 3 servers, I was kicked out of 2 servers (I was using Remote desktop) after installing SmartSecurity. To get access back to the server, I had to wait several hours until someone walk in to the remote data center, login and disable the SmartSecurity. And to my surpise, the IIS also was shutdown during this time, causing all my websites to go down for several hours.

I learnt that I have to allow explicite permission on SmartSecurity to use remote desktop. I configured it according to instructions. And it worked great for 2 days and then it kicked me out of the server again with no remote login access again. Again the same story - someone had to go to remote data center and enable remote desktop connections in SmartSecurity.

After few weeks, I was tired and decided to get rid of SmartSecurity. I went back to NOD32.

Simple NOD32 works smooth most of the time, with many exeptions.

We have a watch dog service which monitor the websites and restart application pools or IIS when the critical sites becomes non responsive. Last 4 weeks, these monitoring services started going wild, causing all websites to be restarted every few minutes or hours. After several days of investigation, we found that shutting down NOD32 solves the problem. Further investigation showed that NOD32 is going wild sometimes and is eating up all CPU and causes the sites to freeze every few hours.

I disabled the antivirus and realtime protection to see how it goes. Even after disabling the real time protection, I found that there are still some activity going on. Our monitoring services call some websites and webservices to check the health. The NOD32 Protection Status >> Statistics shows that it still scanning those URLs. I could not figure out a way to disable that scan. Is there a way I can disable scaning of selected URLs ?

At this point, I am completed frustrated about the over CPU utilization of NOD32 at random intervals. It could be my mistake that I am not making proper exceptions for scanning, but can't NOD32 provide me some status report on what is causing the problem ?

Have you properly set up the recommended exclusions?

What is recommended exclusions ? I have excluded the log files & databases files, nothing else.

To me running ESET NOD32 4.0 on a production system is like upgrading to a new version of Windows before the first servicepack is released. I wouldn't do it yet!

In order to catch viruses antivirus systems (NOD32 or whatever antivirus system one would use) has to integrate quite deeply into the operating system and I have seen it so many times now: New code causes performance and stability problems that are hard to track down because of the many different configurations out there.

My recommendation would be to go with NOD32 3.0.684 for the time being which I have running at several customers on various servers without any problems.

{QUOTE-> To me running ESET NOD32 4.0 on a production system is like upgrading to a new version of Windows before the first servicepack is released. I wouldn't do it yet!

In order to catch viruses antivirus systems (NOD32 or whatever antivirus system one would use) has to integrate quite deeply into the operating system and I have seen it so many times now: New code causes performance and stability problems that are hard to track down because of the many different configurations out there.

My recommendation would be to go with NOD32 3.0.684 for the time being which I have running at several customers on various servers without any problems. <-QUOTE}

I agree however for someone getting fresh into the ball game it's nice to go with the new thing out during the initial push. On Servers I don't think 4.0 was a good idea, on workstations though it seems to be doing adequate for me with some minor problems.

Still using 2.7 on servers and will continue for a while.
v3 for clients and testing v4 on standalone machines.

High-volume web servers can have problems with the HTTP module eating up CPU cycles for scanning and you may be better off disabling that portion of the product.

{QUOTE-> Still using 2.7 on servers and will continue for a while.
v3 for clients and testing v4 on standalone machines. <-QUOTE}

Do you happen to run 2008 Server 64bit? Or just 2k3, and 2k?

{QUOTE-> Do you happen to run 2008 Server 64bit? Or just 2k3, and 2k? <-QUOTE}

We are using Windows 2003 Servers. I do not want to upgrade to the 64 bit servers in the near future.

Now I have disabled the http modules, excluded the extensions .txt, .log, .jpg, .gif etc and it seem to be pretty stable with that settings now.

{QUOTE-> I agree however for someone getting fresh into the ball game it's nice to go with the new thing out during the initial push. On Servers I don't think 4.0 was a good idea, on workstations though it seems to be doing adequate for me with some minor problems. <-QUOTE}

Will the NOD32 4.0 license key work for 3.0 versions ? I am thinking about switching to 3.0 now based on the above feedbacks.

{QUOTE-> Do you happen to run 2008 Server 64bit? Or just 2k3, and 2k? <-QUOTE}

All Win 2k3 32 bit and no SBS servers.

{QUOTE-> Will the NOD32 4.0 license key work for 3.0 versions ? I am thinking about switching to 3.0 now based on the above feedbacks. <-QUOTE}
Your username/password will work with any version.