Update 2387 problems

We are just getting update 2387 and it has killed our exchange server and is now crashing on workstations.... what is the quickest way to revert?

 

After update to 2387 AppDefend registered a change in nod32krn.exe. I allowed, now the scanner won't start anymore. What ist wrong with this update?

 

Same here. Even if i disable NOD32 I'm having problems restarting exchange. This is bad as it is the second time in under a year that NOD32 has released a problem update.

 

Disable background scanning in XMON and wait 'til they release a new update.

That was the fix from last time. : )

 

Update #2387 has "broken" Nod32 for me too.

Nod32 does not scan using my custom scan, nor does it scan when using the "local" and "in-depth" scans options.

Scanner logs all show ? in the scanned/infected/cleaned columns.

 

Dont want to disable Xmon and start exchange as last time the clients still ran, this time with clients crashing we would be completely unprotected. Shutting down all exchange services until this is fixed....makes people very happy!

 

Hi there, please disable XMON background scanning until the next update. ESET are also aware of the Kernal Service failure caused by this update.

This issue is being addressed by ESET at the moment.

Blackspear.

 

I hope eset will solve it as soon as possible.

 

Please try the latest update, this issue should now be resolved.

Blackspear.

 

All better. Thanks for the quick fix Eset!

 

Update looks OK, ie exchange is up and not crashing. Workstations are working so far.

Request. - Could you please ensure that all updates are tested on an exchange server that porcesses incoming and outgoing e-mail before release....In this case the servers that didn't have anything to process did not crash where as the servers that had work crashed.

People/clients are very sensitive to e-mail outages and 2 in a year will no reflect well on the product whan looking at renewals.

 

Did a in -depth scan with 2387 and no problems. Maybe I'm lucky.

 

Amen to that..we have over 30 sites on NOD32, twice in a year just isn't good enough.

 

Make mistake once - acceptable
Done the same thing twice - unforgivable

It is not fun to crash mission-critical email systems twice a year.

I hope ESET will know this.. Anyway, we will move to another AV product at renewal later this year..the selection process will start soon..

 

Dear NevilG

I accept you are upset from this situation, but let me explain it. This issue was caused by technical problems with 2387. Update contains incorrect or corrupted data and kernel can't handle it. We really apologize for this. On the other side, solution was quick and we hope that many servers don't even notice any problems. Yes, fault was on our side, but we try to do best to fix it.
In case you select another AV product, that's your action and we can't stop you.
Again, accept our apologize.

Best Regards.

 

Hi,

Thanks for the reply.

Is ESET going to do something to ensure this is less likely to happen again?

Please value the trust your customers have put into NOD32.

 

Hi

There is no doubt we will be happy if this never ever happen again and we will do what we can. Please admit, some affair's even a best company can't assume. As I said, we really apologize for this.

Thanks a lot for patience and trust.

Cheers.

 

Hi, this is completely off topic but I could not stop myself from posting.

I honestly believe that the smaller a company is the more cautious is with its products, service, support etc the bigger it gets the sloppier it becomes.

This last update problem was definitely a human error and it happened either due to "overworked" personnel or "new and inexperienced" personnel.

To merge the two sentences so that they make some sense, Eset is getting bigger "an excellent thing" for its investors but a problematic situation "in the good sense" for Human Resources and Finance, they have a question to answer "What do we do? Let our existing people work more and pay them something extra but exhaust them or employ new personnel with "minimum wage" thus inexperienced ?"

Here we have a catch22 situation except if the CFO and the CIO come to an agreement, pay higher salaries and hire experienced people, very rare in the business world except if we are talking about giant companies.

As for the customers "I am one of them, 2 years in a raw" should be patient and avoid carrying it to the extremes." Patience is a virtue and forgiving is divine"

Eset is a young and growing company and will keep growing and prospering as long as it urgently gets a good Public Relations person*.

Technical people especially experts in their field "Marcos" and "GhostMan" have no formal training in P.R. or should I put it blandly are not qualified for the delicate task of P.R.( no offence to you guys).

You never, never tell your customer take your business elsewhere, especially if they have a legitimate complain*.

This is my two bits, excuse my ranting but I have come to like these Eset guys they are professional in an amateurish way*, very rare in our age and time.

P.S.Marcos,Ghostman don't spend your valuable time reading my rant, you have more important things to do, go after viruses, spyware and faulty updates
Let your P.R people handle the grouchy customers like us

 

It's taken several hours to trace that the problem with my Exchange sites was due to Nod32.

Can I suggest that Eset consider running a mailshot to users (who request membership) to warn them about critical issues like this.

Eset UK resellers at the very least should have been informed.

 

I have to say I am very disappointed with NOD on this matter, as I posted on another thread.

The problem was not the down time, as I knew what to look for and fix straight away. However the issue is lack of info given to support and resellers to reassure us in the future this won't happen again. Twice in a year is very very bad, and ESET will start to look like Symantec.

We are a reseller for NOD, and therefore have many customers who have asked why their email has not been working this morning. A email from NOD explaining the issue and preventions taken would go a long to way. After all renewal time is only a few months away for some people....

 

I posted this in the reseller forum, and will repost here. Unfortunately there is not a lot of talk about this there, and i think there needs to be much more discussion. The fact is, more attention must be made to enterprise customers otherwise NOD will remain a home user product and never a serious competitor in the business market. This problem is embarrassing to me personally as I am the one that convinced my company away from endorsing Trend, to reselling NOD.

-----------
I am very disturbed by this. This is the second time this year this has happened. Every Exchange server I had NOD installed on stopped delivering email. I would assume every Exchange server NOD is installed on stopped delivering email. This is a very big deal. Most admins probably didnt know NOD was the culprit because if they started the store just an hour later when the new update was released, it worked.

I spent 45 minutes fixing this problem across my client base. This time cost me $93.75, in addition to impacting 65 end users. I am small time in comparison to other resellers. I am sure this cost others much more.

Maybe we should take a poll on how much money this cost, and how many end users this affected. With those numbers maybe the developers would pay closer attention to enterprise customers?

 

Maybe we can all pitch in..and purchase an Action Pack for Eset to build an Exchange Server to test their updates on.

The last one wasn't a biggie for me..sort of an inconvenience, but since then..we've exploaded as far as the number of Exchange Servers we've installed it on. As network consultants..we have a LOT of clients that we manage. Phone calls from enterprise sized clients of ours early this morning, I had planned onsites that I was going to do to which were billable..thus income for me, and scheduled meetings...but had to cancel that so that I "volunteer" my time to fix this issue. == loss of money for me, and a wary eye from my clients as this is the second time their Exchange had dumped.

 

After Blackspear posted "All fixed in latest update", I posted this in the Reseller Forum:

---------------------------------------
You what?

Last night my Exchange Server fell over, as did a client of mine, and we both based it on an attack! This evening we've both spent our own time checking over the server for anything suspect, hoping we were not attacked.

Believe me when I say this, we both had temptations to go to the Police. I mean, who wouldn't? Everything's patched and up-to-date. You certainly wouldn't expect the anti-virus engine to cause the Exchange Server Information Store to crash, stop responding to any auto restarts, and then to prevent the backup from running which depends on this service running!

I'm outraged and, as a reseller who promotes NOD32, embarassed!

ESET: What's your official word on this?
---------------------------------------

It may not seem much to you, but for me this has been a major headache!

Two production Exchange Servers in one single night, have stopped working.

If you're running SBS 2003 R2, like I am, this requires Exchange to be running in order to complete a backup. As a result last night's backup failed.

This is a major problem and I need to know that this won't happen again, otherwise my clients and I will have no choice but to sack off NOD32 altogether, which I certainly don't want, and I'm sure you don't either.

So please, give us some sort of indication you're going to ensure this does not happen again!

 

I did not say it was not a headache. I posted a response that the latest update fixed the issue.

ESET have made their response in posts above yours.

Blackspear.