eSet EAV 3.0.672, 2003 SP2 EE, and RSA SecurID 7.1

I have two servers, multihomed, running Windows server 2003 Enterprise Edition and RSA SecurID 7.1. They are DELL servers, thus also running the Dell IT software.

These are both new servers. They are not clones. Both of them had Nod 32 3.0.672 installed as their first and only antivirus. Both of these servers have NOD32 crash on them over and over. After about a week, NOD32 becomes unresponsive and requires a server reboot. The GUI has white where there should be data.

I have attempted uninstalling NOD32 on both, rebooting, and reinstalling. This does not fix this issue.

As I have NOD32 on another Dell server with the admin software, I don't think that's the issue. I have few other Enterprise Edition servers but they are too new to tell if the problem follows that. My guess is this is a conflict with the SecurID software.

Are there known issues with any of this? Known fixes for this issue? Thanks.

 

First of all, try setting real-time protection to scan only files with default extensions instead of all files. Maybe you're running an application that doesn't work properly if certain files are scanned (ie. log files, ini files, etc.). Please let us know if that helps.

 

I've stripped the settings and the product runs for a week or so then fails.



The GUI moves. I can select the options. But if I select "Advanced settings" or anything else, nothing happens.

It's quit responding 20 hours ago per the RA console.

I'm getting to think RSA and Nod32 are not compatible.

 

These kinds of issues tend to root in a file locking issue throwing either the eset kernel or the conflicting application for a loop. I know it isn't exactly an ideal solution since it takes so long to re-create, but I typically fire up filemon and have it watch the ekrn.exe process to see what it is accessing. Let it run until you see the issue again and odds are it will be stuck on the last file it tried to read. That is usually a good place to start making scanning exceptions.

 

Ok, thank you. I'll give this a shot.

 

I believe the problem is solved and I believe I know what fixed it.

These were Dell R300 servers. The drivers that shipped with them had major issues. Dell released a new batch of drivers and firmware last month ( 10/2008 ) and since applying those, the problem has not reoccurred. It also solved issues with TCP/IP & UDP packet corruption.

I post this in case someone else stumbles upon this problem.