Virus Sig Update failing

If I can at least receive confirmation that disabling "Enable self defense" option will allow me to kill the process in the future I can deal with that even though I will have to figure a time to reboot. But if I hear nothing or given no options within a day or 2 I will be reverting back to v2 on the PDC. I can't have this happening on a regular basis on this machine.


UPDATE: FYI, for any interested. I disabled the option on my pc, rebooted and discovered I could then go into services and set ekrn to "disabled" but I could not stop the ekrn process by any means. Setting to disabled means I would have to reboot again. I no longer received the access denied message via task manager. But when attempting to end process, or end process tree, ekrn kept running. So I guess I'll be putting v2 back on the PDC and use it until next February when v2 officially is retired. Hopefully this will be resolved by then.

 

Not wishing to detract from the problem in any way, but may I enquire why you even have AV on your PDC? Nobody should be surfing on it and nobody should be running any "unauthorised" applications on it.

We don't install any AV solutions on any of our DCs / FSMO role holders, on the basis that they are out of bounds to users.

I know this doesn't address the problem, but I can't help but think that reverting to no AV at all might be the way forward.

Just my 2p.



Jim

 

Yes quite true, but I still prefer to have something on there. You remember NIMDA virus? We used Norton AV back then and I had a user get infected before Symantec had a definition for it. The infected pc began attempting to map network drives on the server and did manage to infect shares which the user had write permissions to. So I believe it's still a good idea to have something on the server. V4 is good for the front line defense for users most certainly but not a priority for a server. v2 has worked just for the PDC fine in that regard.

 

happens again, this evening GMT, looks as if the eset update server is down

 

What I've decided to do and should have from the start is I have directed the PDC to pull updates from the RAS mirror instead of downloading them from eset servers. Hopefully this will eliminate the problem occurring in the future. If it does occur again though I will be going back to v2 on the PDC. My plan is to come in early Friday to reboot the PDC which should clear the error. I admit I'm a bit annoyed that Eset support will not respond to this situation other than the usual canned reply. At least tell us if you're looking into it or something.