Warning! Version 4 is crashing servers!!!

Discussion in 'ESET NOD32 Antivirus' started by not4, Mar 20, 2009.

Thread Status:
Not open for further replies.
  1. not4
    Offline

    not4 Registered Member

    We have installed version 4 on few PCs and servers using Server 2003 last week. Since then we have huge problems with our file servers! Some of our servers are failing on a random times hanging and when you’re trying to log in to diagnose the problem it’s at either "preparing network connections" or "applying computer settings". The only solution is to do the hard reset! Of the 4 file servers all of them are crashing after upgrading to version 4! That looks like performance issue. Also we have noticed that users using Software storing data on the fileservers are reporting huuuge slowdown. Operations which were taking 15 seconds when server was running version 3 now are taking about 3 minutes!!! That problem resolves turning off real time file system protection, but server crashes anyway later on! Yesterday morning I have uninstalled version 4 and installed version 3. As servers didn't last more that 24 hours without crashing on version 4 now it's working fine again. The only problem with version 3 is that it's stopping to update randomly on the servers with error: "Virus signature database could not be updated. Undocumented serious error (0x101a)". We were advised by Eset support to update to version 4 to fix this issue as we can't restart file / exchange servers or reinstall NOD32 anytime it happens. And that was the biggest mistake of all! Since last week people lost their documents as servers stopped responding and crashed. I have logged a call with Eset support on Wednesday as this is absolutely CRITICAL to have the problem fixed. We are not the only ones with the problem as I found many threads on the internet like this: http://www.wilderssecurity.com/showthread.php?t=235012 My local support is saying he didn't get any response from headquarter about the issue!!! The only advice is to come back to version 3. But there are updates issue with version 3 which are still not sorted! Now I am thinking that there's a reason why people are using big names like Symantec or McAfee and staying away from small brands like Eset. It's simply because the support sucks in Eset! The problem with updates on version 3 stayed untouched by support for months! Now there even bigger problem with version 4 and there's no response from Eset....

    Regards!
  2. spm
    Offline

    spm Registered Member

    I feel your pain. While it is of no direct help to you, I wouldn't put NOD32 v3 or v4 anywhere near a server. The only version of NOD32 that appears to work well on servers in v2.7. Indeed, given Eset's failure to even bother upgrading their v2.7 XMON product (for Exchange), it would seem that in all likelihood they privately agree. Not that they'd admit this in public, of course.

    To see what's happened with eset, you need only (1) compare Eset's posts to this forum in the days of NOD32 v2.x to those since v3 (and now v4) came along - you will see they have now adopted the siege mentality of a company and its products under serious fire; and (2) compare people's reactions on this forum (and elsewhere) to the performance, reliability and quality of NOD32 v4 to those of the equally new Avira AntiVirus v9. It's not difficult to draw obvious conclusions.
  3. bradtech
    Offline

    bradtech Guest

    I have version 4.0 on all my Global Catalog servers at remote sites.. No problems at all..

    Sounds like a DNS issue you are having.
  4. not4
    Offline

    not4 Registered Member

    I am talking about production file servers. I still have NOD32 ver 4 on some minor backend servers and they are fine. This is not a DNS issue. It is high file share usage related to the performance of version 4 what is crashing file servers. i have reinstalled to version 3 on those file servers and there was no single crash since then...
  5. jimwillsher
    Offline

    jimwillsher Registered Member

    I've had to remove V4 from one SBS2003 server. On all the SBS2003 servers, suers reported horrendous slowdown ("treacle on a cold day" was mentioned). I've disabled scanning on "file open" and that's made a big difference.

    With V3 everything was fine, and we're seriously considering a rollback. Performance with V4, if users are accessing files on the server, is horrendous.



    Jim
  6. not4
    Offline

    not4 Registered Member

    Still no response from Eset:mad: Looks like they are aware of the problem and thinking that ignoring it will make it go away...
  7. Marcos
    Online

    Marcos Eset Staff Account

    Have you already contacted Customer care and conveyed them a kernel or complete memory dump created when BSOD occurred? This is the only way how to find the root the problem.
  8. simcfc73
    Offline

    simcfc73 Registered Member

    It crashed my server too when i installed it ona file server... I have a couple of weeks left of my Sophos licensing so will stick with that until I have to move.

    Is v 2.7 still available?
  9. not4
    Offline

    not4 Registered Member

    I have contacted support and sent them Sysinspector snapshot as requested by them. That was week ago and still no response! But still plenty people complaining about servers crashing after installing version 4 should rise some alert in Eset! You cannot just ignore the problem! That's not users' job to test software but developers. And it looks like they didn't test it on Server 2003...
  10. not4
    Offline

    not4 Registered Member

    You better stick to Sophos and not even install NOD32 version 3 as that version is stopping to update randomly on the servers with error: "Virus signature database could not be updated. Undocumented serious error (0x101a)". And of course Eset support is not doing anything about that! The only fix is to re-install NOD32 but as we are talking about servers you cannot just restart servers anytime it happens!
  11. Marcos
    Online

    Marcos Eset Staff Account

    1, it's been said that it would be fixed in the next v4 build which will be available shortly

    2, it's not necessary to reinstall the program. This error occurs intermittently and was caused by a bug in a MS compiler. Terminating ekrn should suffice (will be restarted automatically) and the subsequent update will run just fine.
  12. not4
    Offline

    not4 Registered Member

    1, This is CRUCIAL issue so it should be fixed IMMEDIATELY. Who said that it would be fixed?? Support is denying that you have any problems. They're saying it's just me:) Now I can see at this forum that this is not true. Beside I didn't get any response from support yet. Do you know what is SLA?? None of the major companies like Symantec, McAfee Sophos, etc. would afford to not come back to the customer in a week!

    2, Terminating ekrn is not always fixing the problem! Even support admits it. You're saying that this MS issue?? This is your product issue as none of other major antivirus programs has this problem. And yet they are working on the same MS enviroment!

    Here's a lesson: If you're thinking of buying AV software do yourelf a favor and buy a product from a major brand. As we see some small Slovakian company cannot produce stable software and if you need help you won't get it from their support! They will just say this is MS compiler issue and that's closing the case! No matter that thousands of users have problems with updating virus definitions. No matter that their newest product is crashing servers! This is a kind of a "support" you can count on when you buy Eset software...
  13. Bigzizzzle
    Offline

    Bigzizzzle Registered Member

    Thats for the insight not4 i think you just saved me my job and company over 50k bucks. Sadly im still at a lost to what I should get, I looked into sophos which is now super bloated, and symantec endpoint is super buggy. Unless i can buy older versions of those softwares. Perhaps good ole Mcafee lol I dont know.
  14. funkydude
    Offline

    funkydude Registered Member

    I suggest you trial it yourself before reading other peoples negatively biased opinions.
  15. Bigzizzzle
    Offline

    Bigzizzzle Registered Member

    true, i did for sophos. I like their managment console alot, endpoint i guess i could trial it. However that one is definately getting the biggest and most middle fingers on the net.
  16. Marcos
    Online

    Marcos Eset Staff Account

    You could say the same about any software, including Windows. Every piece of software contains bugs, including Windows from a big US company. By the way, the problem with losing Internet connectivity seems to affect networks with routers that are prone to certain security weaknesses. As I've already mentioned in another thread, a newer firewall module is being tested and will be distributed to all v4 users as a standard update. The installers on the web will be updated as well.
  17. spm
    Offline

    spm Registered Member

    OK, ignoring the fanboy input to this thread (by the way, that is the only post to this thread that shows any bias - the others are posting experience), why are you talking about the firewall module? As far as I can see everyone in this thread has serious issues with NOD32, not ESS. So how does the prospect of a new firewall module help anyone here? You are hardly countering the observations of Eset's poor/non-existent support.
  18. UglyChild
    Offline

    UglyChild Registered Member

    This is great. Eset Mods are shooting them selfs in the foot with out even knowing it!

    :thumb:
  19. hawki
    Offline

    hawki Registered Member



    ESS V4 completely kills my network and internet connection and I AM NOT BEHIND A ROUTER. I have a wired cable
    connection. Uninstalling V4 and/or using System Restore did not restore my connection. To re-establish my network and internet access I have had to re-install windows Vista 64 after trying ESS V4 BETA and RC and FINAL.

    ESS V3 ran flawlessly on the same PC with the same OS.

    .



    .
    Last edited: Mar 23, 2009
  20. SalC
    Offline

    SalC Registered Member

    4.0.314 Crashed 3 domain controllers/dhcp servers intermittently, but reliably. Rolled them back to 3.0.684. Contacted support, and almost a week later, they are now investigating it...
  21. bradtech
    Offline

    bradtech Guest

    I have been running Version 4.0 on our agencies Clustered file server, and have not experienced any issues.. This is NOd32 V4 not the ESS 4.0... This is on Windows 2008 Server 64bit Enterprise..



  22. SalC
    Offline

    SalC Registered Member

    FYI, these were Windows Server 2003 w/ SP1, fully updated, etc.

  23. edwin3333
    Offline

    edwin3333 Registered Member

    We had similar problems going from version 2.7 to version 3. My DC's would take hours to boot up, speed was horrible.

    We figured out what the problem was on 2.7 -> 3. There were left overs of 2.7 still running on the box, conflicting with 3.0.

    We removed 3.0, rebooted twice which is required for the NON PNP drivers to fully remove. We deleted all files associated with NOD32. This included going into device manager, selecting VIEW/VIEW HIDDEN DEVICES, going into NON Plug and Play drivers, and removing just those left overs that were Nod32.

    Then we rebooted again, and re-installed Nod32 3.0. The speed issues went away. We had this issue on many machines. The DC's were the most impacted speed wise. This problem only affected domain member machines. Non domain members didn't have problems removing the 2.7 legacy drivers upon upgrade.

    No idea if this is a problem going from 3 to 4, but it sounds very familiar.
  24. SmackyTheFrog
    Offline

    SmackyTheFrog Registered Member

    Do you have exceptions set up for NTDS, DHCP, WINS and all that per Microsoft recommendations?
  25. not4
    Offline

    not4 Registered Member

    According to Eset support you CAN install version 4 over version 3 no problemo:) Ofcourse everybody's removing ver3 first, restarting then installing version 4 and restarting again. At least that was my procedure but servers were crashing anyway:(
Thread Status:
Not open for further replies.