eSet EAV 3.0.672, 2003 SP2 EE, and RSA SecurID 7.1

Discussion in 'ESET NOD32 Antivirus' started by edwin3333, Oct 14, 2008.

Thread Status:
Not open for further replies.
  1. edwin3333

    edwin3333 Registered Member

    Joined:
    Aug 29, 2007
    Posts:
    244
    I have two servers, multihomed, running Windows server 2003 Enterprise Edition and RSA SecurID 7.1. They are DELL servers, thus also running the Dell IT software.

    These are both new servers. They are not clones. Both of them had Nod 32 3.0.672 installed as their first and only antivirus. Both of these servers have NOD32 crash on them over and over. After about a week, NOD32 becomes unresponsive and requires a server reboot. The GUI has white where there should be data.

    I have attempted uninstalling NOD32 on both, rebooting, and reinstalling. This does not fix this issue.

    As I have NOD32 on another Dell server with the admin software, I don't think that's the issue. I have few other Enterprise Edition servers but they are too new to tell if the problem follows that. My guess is this is a conflict with the SecurID software.

    Are there known issues with any of this? Known fixes for this issue? Thanks.
     
  2. Marcos

    Marcos Eset Staff Account

    Joined:
    Nov 22, 2002
    Posts:
    14,374
    First of all, try setting real-time protection to scan only files with default extensions instead of all files. Maybe you're running an application that doesn't work properly if certain files are scanned (ie. log files, ini files, etc.). Please let us know if that helps.
     
  3. edwin3333

    edwin3333 Registered Member

    Joined:
    Aug 29, 2007
    Posts:
    244
    I've stripped the settings and the product runs for a week or so then fails.

    nod3.png

    The GUI moves. I can select the options. But if I select "Advanced settings" or anything else, nothing happens.

    It's quit responding 20 hours ago per the RA console.

    I'm getting to think RSA and Nod32 are not compatible.
     
  4. SmackyTheFrog

    SmackyTheFrog Registered Member

    Joined:
    Nov 5, 2007
    Posts:
    767
    Location:
    Lansing, Michigan
    These kinds of issues tend to root in a file locking issue throwing either the eset kernel or the conflicting application for a loop. I know it isn't exactly an ideal solution since it takes so long to re-create, but I typically fire up filemon and have it watch the ekrn.exe process to see what it is accessing. Let it run until you see the issue again and odds are it will be stuck on the last file it tried to read. That is usually a good place to start making scanning exceptions.
     
  5. edwin3333

    edwin3333 Registered Member

    Joined:
    Aug 29, 2007
    Posts:
    244
    Ok, thank you. I'll give this a shot.
     
  6. edwin3333

    edwin3333 Registered Member

    Joined:
    Aug 29, 2007
    Posts:
    244
    I believe the problem is solved and I believe I know what fixed it.

    These were Dell R300 servers. The drivers that shipped with them had major issues. Dell released a new batch of drivers and firmware last month ( 10/2008 ) and since applying those, the problem has not reoccurred. It also solved issues with TCP/IP & UDP packet corruption.

    I post this in case someone else stumbles upon this problem.
     
Thread Status:
Not open for further replies.