NOD32 v3 makes Windows 2003 server not responding

[Niko]

Hello,

On a windows 2003 server (sp2) running MS SQL Server, since installation of NOD32 v3.0.650, sometimes, this server stop responding on each new authentification request. No connection can be established until I reboot the server.

I have tryed to disable web access protection or to disable scheduled scan but the problem still occur one time a day.

No special message logged in the events viewer.

What can I try else to solve this problem ?

Thanks

Niko

[YeOldeStonecat]

What exclusions have you done? For both OS directories..as well as SQL log directories.
Is this also a DC?

[Niko]

I didn't set any exclusions and yes, this server is a DC. Is there special configuration to set for DC's ?

Wich folders should be placed in explusions ?

Thanks

Niko

[balasuaq]

Hi Niko.

We discovered the same problem yesterday - yet on a file server and on a Concorde XAL server running on a Oracle database. These two servers each handles over 100 users each hour every day.

Apparantly NOD32 V3 runs without any problems on all other servers.

Have now uninstalled NOD32 V3 on both servers, and they are working just fine now...

Have called Eset in Denmark, that told me, that I should reinstall NOD32 V2 on all servers This can of course be done - but I'd rather use V3.

Have sent a xml file to Eset Support, but have not yet received answer.

Have additionally excluded c:\windows\sysvol and changed scanning from all files to specific extensions in Eset Kernel -> Scanner -> Extensions after talking to Eset Support.

[Niko]

Quote:

Originally Posted by balasuaq

Hi Niko.

We discovered the same problem yesterday - yet on a file server and on a Concorde XAL server running on a Oracle database. These two servers each handles over 100 users each hour every day.

It's nice not to be alone but....

Quote:

Originally Posted by balasuaq

Have additionally excluded c:\windows\sysvol and changed scanning from all files to specific extensions in Eset Kernel -> Scanner -> Extensions after talking to Eset Support.

I'm not sure it could be resolved by adding exclusions but I can be wrong.
Problem doesn't appear during scanning the system but it looks like if the server could not respond after too many unclosed connections or if nod32 v3 was locking the winlogon process.

When a server is just a file server it can spend a lot of time before the maximum connection is reached. But in case of a database server (in my case with windows NT builtin account authentification), one authentification is made each time a program requests for data.